VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

nelze spustit exe aplikace - win7

https://forum.viry.cz:443/viewtopic.php?t=103059

Stránka 1 z 2

nelze spustit exe aplikace - win7

Napsal: 25 črc 2010 13:38
od kinclik
Dobry den preji,
mam tu pc s OS Win7, nejdou spustit exe aplikace, neda se pripojit k internetu. Podarilo se mi pouze udelat log v UPM (save mode)
Nejaka rada odbornika?

Windows Vista SP 0 (build 7600)
Boot Mode: Safe
Ovìøení souborù Microsoftu: Ano
Whitelist: Ano
Internet Explorer v8.00.7600.16385 (win7_rtm.090713-1255)
Log vygenerován: 25/07/2010 10:03:44 PM
================================================================

Bìžící procesy
================================================================

C:\WINDOWS\SYSTEM32\SMSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\CSRSS.EXE
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
C:\WINDOWS\SYSTEM32\SERVICES.EXE
C:\WINDOWS\SYSTEM32\LSASS.EXE
C:\WINDOWS\SYSTEM32\LSM.EXE
C:\PROGRAM FILES (X86)\OPERA\OPERA.EXE
C:\PROGRAM FILES\TOTALCMD\TOTALCMD.EXE

Scanner
================================================================
[S, novf!] smss.exe
Non Microsoft v System32:
Ovìøený Microsoft: Ne
Jiná ImageBase 00000000h
EntryPoint v sekci:
|_ Celkový poèet sekcí: 5
Skrytá cesta EXE:
Podvržená cesta modulu: (47DC0000) C:\Windows\System32\smss.exe
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll
Nemá okno

[S, novf!] csrss.exe
Non Microsoft v System32:
Ovìøený Microsoft: Ne
Jiná ImageBase 00000000h
EntryPoint v sekci:
|_ Celkový poèet sekcí: 5
Skrytá cesta EXE:
Podvržená cesta modulu: (4A4A0000) C:\Windows\System32\csrss.exe
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll
Nemá okno

[S] wininit.exe
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll

[S, novf!] csrss.exe
Non Microsoft v System32:
Ovìøený Microsoft: Ne
Jiná ImageBase 00000000h
EntryPoint v sekci:
|_ Celkový poèet sekcí: 5
Skrytá cesta EXE:
Podvržená cesta modulu: (4A4A0000) C:\Windows\System32\csrss.exe
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll
Nemá okno

[S, novf!] winlogon.exe
Non Microsoft v System32:
Ovìøený Microsoft: Ne
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll
Nemá okno

[S, novf!] services.exe
Non Microsoft v System32:
Ovìøený Microsoft: Ne
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll
Nemá okno

[S, novf!] lsass.exe
Non Microsoft v System32:
Ovìøený Microsoft: Ne
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (74C30000) C:\Windows\System32\msprivs.dll
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll
Nemá okno

[S, novf!] lsm.exe
Non Microsoft v System32:
Ovìøený Microsoft: Ne
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll
Nemá okno

[S] svchost.exe
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll

[S] svchost.exe
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll

[S] svchost.exe
Jiná ImageBase 00000000h
EntryPoint v sekci:
|_ Celkový poèet sekcí: 6
Skrytá cesta EXE:
Podvržená cesta modulu: (00900000) C:\Windows\System32\winlogon.exe
Podvržená cesta modulu: (738B0000) C:\Windows\System32\wbem\WinMgmtR.dll
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll

[S] svchost.exe
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll

[S] svchost.exe
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll
Podvržená cesta modulu: (770C0000) C:\Windows\System32\psapi.dll

[S] svchost.exe
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll

[S] svchost.exe
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll
Podvržená cesta modulu: (770C0000) C:\Windows\System32\psapi.dll

[S] svchost.exe
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll

[S] explorer.exe
Spouští se po startu HKLM Winlogon [Shell]
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (74B30000) C:\Windows\System32\FXSRESM.dll
Podvržená cesta modulu: (74C20000) C:\Windows\System32\ksuser.dll
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll
Podvržená cesta modulu: (770C0000) C:\Windows\System32\psapi.dll

[S] ctfmon.exe
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll

[?] opera.exe
Podvržená cesta modulu: (74A80000) C:\Windows\System32\wow64cpu.dll
Podvržená cesta modulu: (74A90000) C:\Windows\System32\wow64win.dll
Podvržená cesta modulu: (74AF0000) C:\Windows\System32\wow64.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll
Soubor 14%

[S] HelpPane.exe
Jiná ImageBase 00000000h
BaseAddress
Skrytá cesta EXE:
Podvržená cesta modulu: (76CE0000) C:\Windows\System32\kernel32.dll
Podvržená cesta modulu: (76E00000) C:\Windows\System32\user32.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll
Podvržená cesta modulu: (770C0000) C:\Windows\System32\psapi.dll
Podvržená cesta modulu: (770D0000) C:\Windows\System32\normaliz.dll

[?] TOTALCMD.EXE
EntryPoint v sekci: CODE
|_ Celkový poèet sekcí: 8
Podvržená cesta modulu: (74A80000) C:\Windows\System32\wow64cpu.dll
Podvržená cesta modulu: (74A90000) C:\Windows\System32\wow64win.dll
Podvržená cesta modulu: (74AF0000) C:\Windows\System32\wow64.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll
Soubor 63%

[R] UPM.exe
Podvržená cesta modulu: (74A80000) C:\Windows\System32\wow64cpu.dll
Podvržená cesta modulu: (74A90000) C:\Windows\System32\wow64win.dll
Podvržená cesta modulu: (74AF0000) C:\Windows\System32\wow64.dll
Podvržená cesta modulu: (76F00000) C:\Windows\System32\ntdll.dll


Po spuštìní
================================================================

HKCU Run
|_ [?][Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe /nosplash /minimized
|_ [!][uTorrent] C:\Program Files (x86)\torrent\uTorrent.exe
|_ [?][jufuogyw] C:\Users\kinclik\AppData\Local\xvffuejjv\gmwpuuxtssd.exe

HKLM Run
|_ [?][SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
|_ [!][HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
|_ [?][KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
|_ [?][ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
|_ [?][Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
|_ [?][Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
|_ [?][SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
|_ [?][WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe
|_ [?][DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW
|_ [?][QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime
|_ [?][iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe
|_ [?][avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe /nogui

HKLM ShellServiceObjectDelayLoad
|_ [X][WebCheck] (Soubor nenalezen)

HKLM IC
|_ [X][{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] %ProgramFiles(x86)%\Windows Mail\WinMail.exe OCInstallUserConfigOE (Soubor nenalezen)
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll

Po spuštìní
|_ desktop.ini (Soubor nenalezen)
|_ [?][desktop.ini] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini


HKLM BHO
|_ [X][{02478D38-C3F9-4efb-9B51-7695ECA05670}] (Soubor nenalezen)
|_ [?][{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
|_ [X][{5C255C8A-E604-49b4-9D64-90988571CECB}] (Soubor nenalezen)
|_ [?][{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
|_ [?][{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL
|_ [?][{9030D464-4C02-4ABF-8ECC-5164760863C6}] C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
|_ [?][{DBC80044-A445-435b-BC74-9C25C1C588A9}] C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

HKCU IE WebBrowser Toolbar
|_ [?][{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}] C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll

HKLM IE Toolbar
|_ [?][{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}] C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll

Služby (Zobraz bìžící: True, Zobraz zastavené: False, Zobraz i bezpeèné služby: False)
================================================================
[?] Agere Modem Call Progress Audio
|_ Cesta: C:\Program Files\LSI SoftModem\agr64svc.exe
| |_ Výrobce: LSI Corporation
| |_ Popis: LSI Soft Modem Call Progress Service
| |_ MD5: B65F8DBA54F251906BBE8611B5A0E7AB
|
|_ Jméno: AgereModemAudio
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency:

[?] Apple Mobile Device
|_ Cesta: C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
| |_ Výrobce: Apple Inc.
| |_ Popis: Apple Mobile Device Service
| |_ MD5: D503DF3ABA595F551B98B9BAE017A271
|
|_ Jméno: Apple Mobile Device
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency: Tcpip

[X] Windows Audio Endpoint Builder
|_ Cesta: C:\windows\System32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\System32\Audiosrv.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Windows Audio Service
| |_ MD5:
|
|_ Jméno: AudioEndpointBuilder
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency: PlugPlay

[?] avast! Antivirus
|_ Cesta: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
| |_ Výrobce: AVAST Software
| |_ Popis: avast! Service
| |_ MD5: B2386A8E66891F7CFEC9F5A03F0F1210
|
|_ Jméno: avast! Antivirus
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency: aswMonFlt

[?] ConfigFree Gadget Service
|_ Cesta: C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
| |_ Výrobce: TOSHIBA CORPORATION
| |_ Popis: ConfigFree Gadget Process Service
| |_ MD5: D252C53BCDFC199BBA55EEB10CDB266E
|
|_ Jméno: ConfigFree Gadget Service
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency:

[X] Encrypting File System (EFS)
|_ Cesta: C:\windows\System32\lsass.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Local Security Authority Process
| |_ MD5:
|
|_ Jméno: EFS
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency: RPCSS

[X] CNG Key Isolation
|_ Cesta: C:\windows\system32\lsass.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Local Security Authority Process
| |_ MD5:
|
|_ Jméno: KeyIso
|_ StartName: LocalSystem
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency: RpcSs

[X] Server
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\system32\srvsvc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Server Service DLL
| |_ MD5:
|
|_ Jméno: LanmanServer
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency: SamSS

[X] Workstation
|_ Cesta: C:\windows\System32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\System32\wkssvc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Workstation Service DLL
| |_ MD5:
|
|_ Jméno: LanmanWorkstation
|_ StartName: NT AUTHORITY\NetworkService
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency: Bowser

[X] TCP/IP NetBIOS Helper
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\System32\lmhsvc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: TCPIP NetBios Transport Services DLL
| |_ MD5:
|
|_ Jméno: lmhosts
|_ StartName: NT AUTHORITY\LocalService
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency: NetBT

[X] Multimedia Class Scheduler
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\system32\mmcss.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Multimedia Class Scheduler Service
| |_ MD5:
|
|_ Jméno: MMCSS
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency:

[X] Windows Firewall
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\system32\mpssvc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Microsoft Protection Service
| |_ MD5:
|
|_ Jméno: MpsSvc
|_ StartName: NT Authority\LocalService
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency: mpsdrv

[X] SQL Server (SQLEXPRESS)
|_ Cesta: c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -sSQLEXPRESS
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: MSSQL$SQLEXPRESS
|_ StartName: NT AUTHORITY\NetworkService
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency:

[X] Network Connections
|_ Cesta: C:\windows\System32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\System32\netman.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Network Connections Manager
| |_ MD5:
|
|_ Jméno: Netman
|_ StartName: LocalSystem
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency: RpcSs

[X] Network Location Awareness
|_ Cesta: C:\windows\System32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\System32\nlasvc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Network Location Awareness 2
| |_ MD5:
|
|_ Jméno: NlaSvc
|_ StartName: NT AUTHORITY\NetworkService
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency: NSI

[X] Norton Internet Security
|_ Cesta: C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\diMaster.dll /prefetch:1
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: Norton Internet Security
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency: RpcSs

[X] Network Store Interface Service
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\system32\nsisvc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Network Store Interface RPC server
| |_ MD5:
|
|_ Jméno: nsi
|_ StartName: NT Authority\LocalService
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency: nsiproxy

[X] Program Compatibility Assistant Service
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\System32\pcasvc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Program Compatibility Assistant Service
| |_ MD5:
|
|_ Jméno: PcaSvc
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency: RpcSs

[X] Plug and Play
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\system32\umpnpmgr.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: User-mode Plug-and-Play Service
| |_ MD5:
|
|_ Jméno: PlugPlay
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency:

[X] Power
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\system32\umpo.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: User-mode Power Service
| |_ MD5:
|
|_ Jméno: Power
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency:

[X] User Profile Service
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\system32\profsvc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: ProfSvc
| |_ MD5:
|
|_ Jméno: ProfSvc
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency: RpcSs

[X] Windows Mobile-based device connectivity
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\WindowsMobile\rapimgr.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: ActiveSync RAPI Manager
| |_ MD5: A55E7D0D873B2C97585B3B5926AC6ADE
|
|_ Jméno: RapiMgr
|_ StartName: NT AUTHORITY\LocalService
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency: RPCSS

[X] RPC Endpoint Mapper
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\System32\RpcEpMap.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: RPC Endpoint Mapper
| |_ MD5:
|
|_ Jméno: RpcEptMapper
|_ StartName: NT AUTHORITY\NetworkService
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency:

[!] TOSHIBA Modem region select service
|_ Cesta: C:\Program Files\TOSHIBA\rselect\RSelSvc.exe
| |_ Výrobce: TOSHIBA Corporation
| |_ Popis: RSelSvc Service Application
| |_ MD5: C9BF2C930E60DCC7087916330B050017
|
|_ Jméno: RSELSVC
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency:

[X] Security Accounts Manager
|_ Cesta: C:\windows\system32\lsass.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Local Security Authority Process
| |_ MD5:
|
|_ Jméno: SamSs
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency: RPCSS

[X] Task Scheduler
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\system32\schedsvc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Task Scheduler Service
| |_ MD5:
|
|_ Jméno: Schedule
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency: RPCSS

[X] Print Spooler
|_ Cesta: C:\windows\System32\spoolsv.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Spooler SubSystem App
| |_ MD5:
|
|_ Jméno: Spooler
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ:
|_ Dependency: RPCSS

[X] Software Protection
|_ Cesta: C:\windows\system32\sppsvc.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Microsoft Software Protection Platform Service
| |_ MD5:
|
|_ Jméno: sppsvc
|_ StartName: NT AUTHORITY\NetworkService
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency: RpcSs

[X] SQL Server VSS Writer
|_ Cesta: c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: SQL Server VSS Writer - 64 Bit
| |_ MD5: D63FC56C7C3F9B576BC25F617E3F7963
|
|_ Jméno: SQLWriter
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency:

[X] Windows Image Acquisition (WIA)
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\System32\wiaservc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Still Image Devices Service
| |_ MD5:
|
|_ Jméno: stisvc
|_ StartName: NT Authority\LocalService
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency: RpcSs

[X] Superfetch
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\system32\sysmain.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Superfetch Service Host
| |_ MD5:
|
|_ Jméno: SysMain
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency: rpcss

[X] Themes
|_ Cesta: C:\windows\System32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\system32\themeservice.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Windows Shell Theme Service Dll
| |_ MD5:
|
|_ Jméno: Themes
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency:

[X] TOSHIBA Optical Disc Drive Service
|_ Cesta: C:\windows\system32\TODDSrv.exe
| |_ Výrobce: TOSHIBA Corporation
| |_ Popis: TDCSrv Application
| |_ MD5:
|
|_ Jméno: TODDSrv
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency:

[!] TOSHIBA Power Saver
|_ Cesta: C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
| |_ Výrobce: TOSHIBA Corporation
| |_ Popis: TOSHIBA Power Saver
| |_ MD5: 4DB8C79BCEA76063B83B13410366A1F7
|
|_ Jméno: TosCoSrv
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency: RPCSS

[!] TOSHIBA eco Utility Service
|_ Cesta: C:\Program Files\TOSHIBA\TECO\TecoService.exe
| |_ Výrobce: TOSHIBA Corporation
| |_ Popis: TOSHIBA eco Utility Service
| |_ MD5: 408937879954C7C9A59A75D65C29ECAB
|
|_ Jméno: TOSHIBA eco Utility Service
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency: RPCSS

[X] Desktop Window Manager Session Manager
|_ Cesta: C:\windows\System32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\System32\uxsms.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Microsoft User Experience Session Management Service
| |_ MD5:
|
|_ Jméno: UxSms
|_ StartName: localSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency:

[X] Windows Mobile-2003-based device connectivity
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\WindowsMobile\wcescomm.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: ActiveSync Connection Manager
| |_ MD5: 8BDA6DB43AA54E8BB5E0794541DDC209
|
|_ Jméno: WcesComm
|_ StartName: NT AUTHORITY\LocalService
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency: RapiMgr

[X] Windows Management Instrumentation
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\system32\wbem\WMIsvc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: WMI
| |_ MD5:
|
|_ Jméno: Winmgmt
|_ StartName: localSystem
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency: RPCSS

[X] WLAN AutoConfig
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\System32\wlansvc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Windows WLAN AutoConfig Service DLL
| |_ MD5:
|
|_ Jméno: Wlansvc
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency: nativewifip

[X] Security Center
|_ Cesta: C:\windows\System32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\System32\wscsvc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Windows Security Center Service
| |_ MD5:
|
|_ Jméno: wscsvc
|_ StartName: NT AUTHORITY\LocalService
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency: RpcSs

[X] Windows Update
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\system32\wuaueng.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Windows Update Agent
| |_ MD5:
|
|_ Jméno: wuauserv
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Share Process
|_ Dependency: rpcss

[X] Windows Driver Foundation - User-mode Driver Framework
|_ Cesta: C:\windows\system32\svchost.exe
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Host Process for Windows Services
| |_ MD5: 54A47F6B5E09A77E61649109C6A08866
|
|_ ServiceDLL: C:\windows\System32\WUDFSvc.dll
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Windows Driver Foundation - User-mode Driver Framework Service
| |_ MD5:
|
|_ Jméno: wudfsvc
|_ StartName: LocalSystem
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Win32 Share Process
|_ Dependency: PlugPlay


Ovladaèe (Zobraz bìžící: True, Zobraz zastavené: False, Zobraz i bezpeèné služby: False)
================================================================
[X] Microsoft ACPI Driver
|_ Cesta: C:\windows\system32\DRIVERS\ACPI.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: ACPI Driver for NT
| |_ MD5:
|
|_ Jméno: ACPI
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Ancillary Function Driver for Winsock
|_ Cesta: C:\windows\system32\drivers\afd.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Ancillary Function Driver for WinSock
| |_ MD5:
|
|_ Jméno: AFD
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] amdxata
|_ Cesta: C:\windows\system32\DRIVERS\amdxata.sys
| |_ Výrobce: Advanced Micro Devices
| |_ Popis: Storage Filter Driver
| |_ MD5:
|
|_ Jméno: amdxata
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] aswFsBlk
|_ Cesta: C:\windows\system32\drivers\aswFsBlk.sys
| |_ Výrobce: ALWIL Software
| |_ Popis: avast! File System Access Blocking Driver
| |_ MD5:
|
|_ Jméno: aswFsBlk
|_ StartName:
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: File System Driver
|_ Dependency: FltMgr

[X] aswMonFlt
|_ Cesta: C:\windows\system32\drivers\aswMonFlt.sys
| |_ Výrobce: ALWIL Software
| |_ Popis: avast! File System Minifilter for Windows 2003/Vista
| |_ MD5:
|
|_ Jméno: aswMonFlt
|_ StartName:
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: File System Driver
|_ Dependency: FltMgr

[X] aswRdr
|_ Cesta: C:\windows\system32\drivers\aswRdr.sys
| |_ Výrobce: ALWIL Software
| |_ Popis: avast! TDI RDR Driver
| |_ MD5:
|
|_ Jméno: aswRdr
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency: tcpip

[X] IDE Channel
|_ Cesta: C:\windows\system32\DRIVERS\atapi.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: ATAPI IDE Miniport Driver
| |_ MD5:
|
|_ Jméno: atapi
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] CD-ROM Driver
|_ Cesta: system32\DRIVERS\cdrom.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: cdrom
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] DFS Namespace Client Driver
|_ Cesta: System32\Drivers\dfsc.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: DfsC
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: File System Driver
|_ Dependency: Mup

[X] Disk Driver
|_ Cesta: C:\windows\system32\DRIVERS\disk.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: PnP Disk Driver
| |_ MD5:
|
|_ Jméno: Disk
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] File Information FS MiniFilter
|_ Cesta: C:\windows\system32\drivers\fileinfo.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: FileInfo Filter Driver
| |_ MD5:
|
|_ Jméno: FileInfo
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: File System Driver
|_ Dependency: fltmgr

[X] FltMgr
|_ Cesta: C:\windows\system32\drivers\fltmgr.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Microsoft Filesystem Filter Manager
| |_ MD5:
|
|_ Jméno: FltMgr
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: File System Driver
|_ Dependency:

[X] KSecDD
|_ Cesta: C:\windows\System32\Drivers\ksecdd.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Kernel Security Support Provider Interface
| |_ MD5:
|
|_ Jméno: KSecDD
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] KSecPkg
|_ Cesta: C:\windows\System32\Drivers\ksecpkg.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Kernel Security Support Provider Interface Packages
| |_ MD5:
|
|_ Jméno: KSecPkg
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Link-Layer Topology Discovery Mapper I/O Driver
|_ Cesta: system32\DRIVERS\lltdio.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: lltdio
|_ StartName:
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency:

[X] LPC Lower Filter Driver
|_ Cesta: C:\windows\system32\DRIVERS\LPCFilter.sys
| |_ Výrobce: COMPAL ELECTRONIC INC.
| |_ Popis: LPCFilter
| |_ MD5:
|
|_ Jméno: LPCFilter
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] UAC File Virtualization
|_ Cesta: C:\windows\system32\drivers\luafv.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: LUA File Virtualization Filter Driver
| |_ MD5:
|
|_ Jméno: luafv
|_ StartName:
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: File System Driver
|_ Dependency: FltMgr

[X] Mouse Class Driver
|_ Cesta: system32\DRIVERS\mouclass.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: mouclass
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Mouse HID Driver
|_ Cesta: system32\DRIVERS\mouhid.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: mouhid
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Mount Point Manager
|_ Cesta: C:\windows\System32\drivers\mountmgr.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Mount Point Manager
| |_ MD5:
|
|_ Jméno: mountmgr
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Windows Firewall Authorization Driver
|_ Cesta: System32\drivers\mpsdrv.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: mpsdrv
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] SMB MiniRedirector Wrapper and Engine
|_ Cesta: system32\DRIVERS\mrxsmb.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: mrxsmb
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: File System Driver
|_ Dependency: rdbss

[X] SMB 1.x MiniRedirector
|_ Cesta: system32\DRIVERS\mrxsmb10.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: mrxsmb10
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: File System Driver
|_ Dependency: mrxsmb

[X] SMB 2.0 MiniRedirector
|_ Cesta: system32\DRIVERS\mrxsmb20.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: mrxsmb20
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: File System Driver
|_ Dependency: mrxsmb

[X] msahci
|_ Cesta: C:\windows\system32\DRIVERS\msahci.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: MS AHCI 1.0 Standard Driver
| |_ MD5:
|
|_ Jméno: msahci
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Msfs
|_ Cesta: C:\windows\system32\drivers\Msfs.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Mailslot driver
| |_ MD5:
|
|_ Jméno: Msfs
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: File System Driver
|_ Dependency:

[X] msisadrv
|_ Cesta: C:\windows\system32\DRIVERS\msisadrv.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: ISA Driver
| |_ MD5:
|
|_ Jméno: msisadrv
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Microsoft System Management BIOS Driver
|_ Cesta: system32\DRIVERS\mssmbios.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: mssmbios
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Mup
|_ Cesta: C:\windows\System32\Drivers\mup.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Multiple UNC Provider Driver
| |_ MD5:
|
|_ Jméno: Mup
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: File System Driver
|_ Dependency:

[X] NativeWiFi Filter
|_ Cesta: system32\DRIVERS\nwifi.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: NativeWifiP
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] NDIS System Driver
|_ Cesta: C:\windows\system32\drivers\ndis.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: NDIS 6.20 driver
| |_ MD5:
|
|_ Jméno: NDIS
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Remote Access NDIS TAPI Driver
|_ Cesta: system32\DRIVERS\ndistapi.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: NdisTapi
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] NDIS Usermode I/O Protocol
|_ Cesta: system32\DRIVERS\ndisuio.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: Ndisuio
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Remote Access NDIS WAN Driver
|_ Cesta: system32\DRIVERS\ndiswan.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: NdisWan
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] NDIS Proxy
|_ Cesta: C:\windows\system32\drivers\NDProxy.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: NDIS Proxy
| |_ MD5:
|
|_ Jméno: NDProxy
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] NetBIOS Interface
|_ Cesta: system32\DRIVERS\netbios.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: NetBIOS
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: File System Driver
|_ Dependency:

[X] NetBT
|_ Cesta: System32\DRIVERS\netbt.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: NetBT
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency: Tdx

[?] NetGroup Packet Filter Driver
|_ Cesta: C:\windows\system32\drivers\npf.sys
| |_ Výrobce: CACE Technologies, Inc.
| |_ Popis: npf.sys (NT5/6 AMD64) Kernel Driver
| |_ MD5: C31FA031335EFF434B2D94278E74BCCE
|
|_ Jméno: NPF
|_ StartName:
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency:

[?] PortTalk
|_ Cesta: C:\windows\system32\drivers\PortTalk.sys
| |_ Výrobce: Beyond Logic http://www.beyondlogic.org
| |_ Popis: PortTalk - Beyond Logic I/O Port Driver
| |_ MD5: 1CDE8DA9A2104853D862000CDE2A337D
|
|_ Jméno: PortTalk
|_ StartName:
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency:

[X] WAN Miniport (PPTP)
|_ Cesta: system32\DRIVERS\raspptp.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: PptpMiniport
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] QoS Packet Scheduler
|_ Cesta: system32\DRIVERS\pacer.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: Psched
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] WAN Miniport (IKEv2)
|_ Cesta: system32\DRIVERS\AgileVpn.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: RasAgileVpn
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] WAN Miniport (L2TP)
|_ Cesta: system32\DRIVERS\rasl2tp.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: Rasl2tp
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Remote Access PPPOE Driver
|_ Cesta: system32\DRIVERS\raspppoe.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: RasPppoe
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] WAN Miniport (SSTP)
|_ Cesta: system32\DRIVERS\rassstp.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: RasSstp
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Redirected Buffering Sub Sysytem
|_ Cesta: system32\DRIVERS\rdbss.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: rdbss
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: File System Driver
|_ Dependency: Mup

[X] RDP Encoder Mirror Driver
|_ Cesta: system32\drivers\rdpencdd.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: RDPENCDD
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] ReadyBoost
|_ Cesta: C:\windows\System32\drivers\rdyboost.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: ReadyBoost Driver
| |_ MD5:
|
|_ Jméno: rdyboost
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Link-Layer Topology Discovery Responder
|_ Cesta: system32\DRIVERS\rspndr.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: rspndr
|_ StartName:
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Realtek 8167 NT Driver
|_ Cesta: system32\DRIVERS\Rt64win7.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: RTL8167
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter
|_ Cesta: system32\DRIVERS\RTL8187B.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: RTL8187B
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Security Driver
|_ Cesta: C:\windows\system32\drivers\secdrv.sys
| |_ Výrobce: Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
| |_ Popis: Macrovision SECURITY Driver
| |_ MD5:
|
|_ Jméno: secdrv
|_ StartName:
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Security Processor Loader Driver
|_ Cesta: C:\windows\system32\drivers\spldr.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: loader for security processor
| |_ MD5:
|
|_ Jméno: spldr
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Software Bus Driver
|_ Cesta: system32\DRIVERS\swenum.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: swenum
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Symantec Extended File Attributes
|_ Cesta: C:\windows\system32\drivers\NISx64\1007000.01E\SYMEFA64.SYS
| |_ Výrobce: Symantec Corporation
| |_ Popis: Symantec Extended File Attributes
| |_ MD5:
|
|_ Jméno: SymEFA
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: File System Driver
|_ Dependency: FltMgr

[X] Symantec Network Security Intermediate Filter Driver
|_ Cesta: system32\DRIVERS\SymIMv.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: SymIM
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Synaptics TouchPad Driver
|_ Cesta: system32\DRIVERS\SynTP.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: SynTP
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] TCP/IP Registry Compatibility
|_ Cesta: System32\drivers\tcpipreg.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: tcpipreg
|_ StartName:
|_ Typ spouštìní: Auto Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency: tcpip

[X] TOSHIBA Writing Engine Filter Driver
|_ Cesta: system32\DRIVERS\tdcmdpst.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: tdcmdpst
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] NetIO Legacy TDI Support Driver
|_ Cesta: system32\DRIVERS\tdx.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: tdx
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency: Tcpip

[X] Terminal Device Driver
|_ Cesta: system32\DRIVERS\termdd.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: TermDD
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] TOSHIBA tos_sps64 Service
|_ Cesta: C:\windows\system32\DRIVERS\tos_sps64.sys
| |_ Výrobce: TOSHIBA Corporation
| |_ Popis: tos_sps64
| |_ MD5:
|
|_ Jméno: tos_sps64
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver
|_ Cesta: C:\windows\system32\DRIVERS\TVALZ_O.SYS
| |_ Výrobce: TOSHIBA Corporation
| |_ Popis: TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver
| |_ MD5:
|
|_ Jméno: TVALZ
|_ StartName:
|_ Typ spouštìní: Boot Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver
|_ Cesta: system32\DRIVERS\TVALZFL.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: TVALZFL
|_ StartName:
|_ Typ spouštìní: Auto Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] udfs
|_ Cesta: system32\DRIVERS\udfs.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: udfs
|_ StartName:
|_ Typ spouštìní: Vypnuto
|_ Status: Spuštìno
|_ Typ: File System Driver
|_ Dependency:

[X] UMBus Enumerator Driver
|_ Cesta: system32\DRIVERS\umbus.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: umbus
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Microsoft USB Generic Parent Driver
|_ Cesta: system32\DRIVERS\usbccgp.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: usbccgp
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
|_ Cesta: system32\DRIVERS\usbehci.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: usbehci
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Microsoft USB Standard Hub Driver
|_ Cesta: system32\DRIVERS\usbhub.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: usbhub
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] Microsoft USB Universal Host Controller Miniport Driver
|_ Cesta: system32\DRIVERS\usbuhci.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: usbuhci
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] WFP Lightweight Filter
|_ Cesta: system32\DRIVERS\wfplwf.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: WfpLwf
|_ StartName:
|_ Typ spouštìní: System Start
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:

[X] User Mode Driver Frameworks Platform Driver
|_ Cesta: system32\drivers\WudfPf.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: WudfPf
|_ StartName:
|_ Typ spouštìní: Ruèní spuštìní
|_ Status: Spuštìno
|_ Typ: Kernel Driver
|_ Dependency:


Moduly (Zobraz i bezpeèné DLL: False, Jen bez výrobce: True, Zobraz registrované: False)
================================================================
[!] opera.dll
|_ Cesta: C:\Program Files (x86)\Opera\opera.dll
|_ MD5: A53EBCE80B46D53378B210C1EB62DA48
|_ Výrobce: Opera Software
|_ Procesy
|_ opera.exe (1592)

[?] mscomctl.ocx
|_ Cesta: C:\Windows\SysWOW64\MSCOMCTL.OCX
|_ MD5: 774A15583DB1AD44C5EE32309C840C96
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ UPM.exe (1672)



================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ]

Re: nelze spustit exe aplikace - win7

Napsal: 25 črc 2010 13:55
od kinclik
RSIT si nestahne Hijack This. Prikladam jeste log z HJC.
Dekuji za odpoved

Logfile of random's system information tool 1.08 (written by random/random)
Run by kinclik at 2010-07-25 17:53:44
Microsoft Windows 7 Home Premium
System drive C: has 5 GB (3%) free of 141 GB
Total RAM: 1913 MB (60% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\Explorer.EXE
ctfmon.exe
C:\windows\helppane.exe -Embedding
"C:\Users\kinclik\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\windows\system32\rundll32.exe" "C:\windows\system32\WININET.dll",DispatchAPICall 1

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-20 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2010-01-26 378736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL [2010-01-26 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-23 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2010-01-26 378736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"IgfxTray"=C:\windows\system32\igfxtray.exe [2009-09-03 165912]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2009-09-03 387608]
"Persistence"=C:\windows\system32\igfxpers.exe [2009-09-03 365592]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-08-06 497504]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-10 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-07-29 508216]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-06 909624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-29 7982112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-21 1815848]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-07-30 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-08-11 1482592]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-08-04 709976]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-08-05 711000]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2009-08-07 596328]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-08-07 35160]
"Windows Mobile-based device management"=C:\windows\WindowsMobile\wmdcBase.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\\Phone\Skype.exe [2010-05-13 26192168]
"uTorrent"=C:\Program Files (x86)\torrent\uTorrent.exe [2010-02-05 319280]
"jufuogyw"=C:\Users\kinclik\AppData\Local\xvffuejjv\gmwpuuxtssd.exe [2010-07-25 312064]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-07-10 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-03 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-14 34088]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-08-18 1294136]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2010-01-14 37888]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-03-13 1135912]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2010-04-28 142120]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-06-29 2837864]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
""= []
"GrpConv"=grpconv -o []

C:\Users\kinclik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2009-08-28 259584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2010-07-25 17:53:45 ----D---- C:\Program Files\trend micro
2010-07-25 17:53:44 ----D---- C:\rsit
2010-07-25 17:51:02 ----D---- C:\32788R22FWJFW
2010-07-25 17:49:38 ----A---- C:\windows\ntbtlog.txt
2010-07-25 16:31:04 ----A---- C:\windows\system32\drivers\aswSP.sys
2010-07-25 16:31:04 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2010-07-25 16:31:03 ----A---- C:\windows\system32\drivers\aswRdr.sys
2010-07-25 16:30:59 ----A---- C:\windows\system32\drivers\aswTdi.sys
2010-07-25 16:30:47 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2010-07-25 16:30:41 ----A---- C:\windows\SYSWOW64\aswBoot.exe
2010-07-22 13:07:37 ----A---- C:\windows\SYSWOW64\rewire.dll
2010-07-22 13:06:23 ----D---- C:\Program Files (x86)\Steinberg
2010-07-22 13:06:22 ----D---- C:\Program Files (x86)\Image-Line
2010-07-14 09:57:49 ----A---- C:\windows\system32\cdd.dll
2010-07-08 22:51:52 ----D---- C:\Program Files (x86)\Colin McRae Rally 3
2010-07-08 16:28:34 ----D---- C:\Program Files (x86)\MP3MyMP3 3.0
2010-07-08 15:48:36 ----D---- C:\Program Files (x86)\Lame for Audacity
2010-07-06 17:39:10 ----D---- C:\Users\kinclik\AppData\Roaming\Audacity
2010-07-06 17:38:54 ----D---- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
2010-07-05 18:40:10 ----D---- C:\Program Files (x86)\Womble Multimedia
2010-06-29 17:26:59 ----A---- C:\windows\system32\MRT.exe

======List of files/folders modified in the last 1 months======

2010-07-25 17:53:45 ----RD---- C:\Program Files
2010-07-25 17:49:38 ----AD---- C:\Windows
2010-07-25 17:44:50 ----D---- C:\windows\Temp
2010-07-25 17:44:43 ----D---- C:\Users\kinclik\AppData\Roaming\uTorrent
2010-07-25 17:43:28 ----D---- C:\windows\Prefetch
2010-07-25 17:40:51 ----D---- C:\windows\system32\config
2010-07-25 17:09:02 ----D---- C:\windows\inf
2010-07-25 17:09:02 ----AD---- C:\windows\System32
2010-07-25 17:09:02 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-07-25 17:00:17 ----D---- C:\windows\SysWOW64
2010-07-25 16:31:04 ----D---- C:\windows\system32\drivers
2010-07-25 16:30:39 ----D---- C:\ProgramData\Alwil Software
2010-07-25 16:30:32 ----SHD---- C:\System Volume Information
2010-07-25 15:22:04 ----SHD---- C:\windows\Installer
2010-07-25 15:03:17 ----D---- C:\programes
2010-07-23 22:26:34 ----D---- C:\Users\kinclik\AppData\Roaming\Skype
2010-07-23 17:20:25 ----D---- C:\Users\kinclik\AppData\Roaming\skypePM
2010-07-22 13:06:23 ----D---- C:\Program Files (x86)
2010-07-18 16:53:51 ----D---- C:\windows\system32\Tasks
2010-07-18 16:53:49 ----D---- C:\Program Files (x86)\Common Files
2010-07-17 08:36:47 ----D---- C:\audiograbber
2010-07-17 08:17:34 ----RD---- C:\Pictures
2010-07-17 08:04:26 ----D---- C:\Music
2010-07-16 09:01:36 ----D---- C:\ProgramData\DVD Shrink
2010-07-15 23:43:30 ----D---- C:\windows\debug
2010-07-15 21:21:02 ----D---- C:\Kamila
2010-07-15 09:29:49 ----D---- C:\windows\winsxs
2010-07-15 00:43:21 ----D---- C:\ProgramData\Microsoft Help
2010-07-14 09:57:05 ----D---- C:\windows\system32\catroot
2010-07-10 11:49:29 ----D---- C:\windows\system32\catroot2
2010-07-08 16:52:47 ----SD---- C:\Users\kinclik\AppData\Roaming\Microsoft
2010-07-08 16:44:05 ----D---- C:\windows\Logs
2010-07-05 18:26:20 ----D---- C:\Program Files (x86)\MPEG Video Wizard DVD 5.0
2010-07-04 19:04:13 ----D---- C:\Program Files\Microsoft Games
2010-06-30 23:02:58 ----SD---- C:\ProgramData\Microsoft
2010-06-29 18:03:29 ----D---- C:\windows\system32\DriverStore
2010-06-29 18:02:45 ----DC---- C:\windows\system32\DRVSTORE
2010-06-27 21:00:10 ----D---- C:\windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 LPCFilter;LPC Lower Filter Driver; C:\windows\system32\DRIVERS\LPCFilter.sys [2009-07-03 44912]
R0 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 SymEFA;Symantec Extended File Attributes; C:\windows\system32\drivers\NISx64\1007000.01E\SYMEFA64.SYS [2010-01-26 402992]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-25 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-15 26840]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-21 274480]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-31 27784]
S1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2010-06-29 28752]
S1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2010-06-29 121936]
S1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2010-06-29 51280]
S1 BHDrvx64;Symantec Heuristics Driver; C:\windows\system32\drivers\NISx64\1007000.01E\BHDrvx64.sys [2010-01-26 334384]
S1 ccHP;Symantec Hash Provider; C:\windows\system32\drivers\NISx64\1007000.01E\ccHPx64.sys [2010-01-26 583296]
S1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2010-01-26 475696]
S1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSVia64.sys [2010-01-26 397360]
S1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\windows\system32\drivers\NISx64\1007000.01E\SRTSPX64.SYS [2010-01-26 32304]
S1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\windows\system32\DRIVERS\SymIMv.sys [2010-01-26 31280]
S1 SYMTDI;Symantec Network Dispatch Driver; C:\windows\system32\drivers\NISx64\1007000.01E\SYMTDI.SYS [2010-01-26 278576]
S1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2010-06-29 20048]
S2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2010-06-29 61008]
S2 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys []
S2 PortTalk;PortTalk; C:\windows\system32\drivers\PortTalk.sys []
S3 AgereSoftModem;TOSHIBA V.92 Software Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-07-22 1208320]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-08-28 7369600]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2009-07-29 1966624]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\EX64.SYS []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 35008]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-07-31 222208]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter; C:\windows\system32\DRIVERS\RTL8187B.sys [2009-08-21 446976]
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\windows\system32\drivers\NISx64\1007000.01E\SRTSP64.SYS [2010-01-26 476720]
S3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2010-01-25 172592]
S3 SYMFW;Symantec Network Filter Driver; C:\windows\system32\drivers\NISx64\1007000.01E\SYMFW.SYS [2010-01-26 120880]
S3 SYMNDISV;Symantec Network Filter Driver; C:\windows\system32\drivers\NISx64\1007000.01E\SYMNDISV.SYS [2010-01-26 56880]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2010-04-16 50176]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 WINUSB;WinUsb Driver; C:\windows\system32\DRIVERS\WinUSB.SYS [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-29 40384]
S2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-21 30312]
S2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-07-18 181616]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-15 42368]
S2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S2 Norton Internet Security;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe [2010-01-26 117640]
S2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\windows\system32\svchost.exe [2009-07-14 27136]
S2 RSELSVC;TOSHIBA Modem region select service; C:\Program Files\TOSHIBA\rselect\RSelSvc.exe [2009-07-08 65904]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-26 153952]
S2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe [2009-07-29 140632]
S2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-06 488800]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-08-11 258928]
S2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-29 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-29 40384]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 660256]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-27 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-18 51512]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-04 137560]
S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-05 826224]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-04-25 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-25 45408]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-25 239968]

-----------------EOF-----------------

Re: nelze spustit exe aplikace - win7

Napsal: 25 črc 2010 16:59
od motji
Hezké odpoledne :)

:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.



:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde :)

Re: nelze spustit exe aplikace - win7

Napsal: 26 črc 2010 01:40
od kinclik
mbam-log

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4347

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

26/07/2010 10:16:13 AM
mbam-log-2010-07-26 (10-16-13).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 247759
Uplynulý èas: 42 minuta(y), 46 sekunda(y)

Infikované procesy v pamìti: 0
Infikované moduly v pamìti: 0
Infikované klíèe registru: 0
Infikované hodnoty registru: 1
Infikované datové položky registru: 1
Infikované složky: 0
Infikované soubory: 2

Infikované procesy v pamìti:
(Žádné škodlivé položky nebyly zjištìny)

Infikované moduly v pamìti:
(Žádné škodlivé položky nebyly zjištìny)

Infikované klíèe registru:
(Žádné škodlivé položky nebyly zjištìny)

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jufuogyw (Trojan.Dropper) -> No action taken.

Infikované datové položky registru:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištìny)

Infikované soubory:
C:\Users\kinclik\AppData\Local\xvffuejjv\gmwpuuxtssd.exe (Trojan.Dropper) -> No action taken.
C:\Users\kinclik\AppData\Local\Temp\0.7721401117786695.exe (Trojan.Dropper) -> No action taken.

Re: nelze spustit exe aplikace - win7

Napsal: 26 črc 2010 01:42
od kinclik
OTL LogFile

OTL logfile created on: 7/26/2010 10:23:59 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\kinclik\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 137.28 Gb Total Space | 7.22 Gb Free Space | 5.26% Space Free | Partition Type: NTFS
Drive D: | 292.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KINCLIK-PC
Current User Name: kinclik
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - File not found -- C:\Program Files (x86)\Nero\Nero 10\Nero Burning ROM\Nero.exe
PRC - [2010/07/26 09:30:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\kinclik\Desktop\OTL.exe
PRC - [2010/05/29 15:45:42 | 122,194,335 | ---- | M] (FC Portables) -- C:\Users\kinclik\Desktop\Nero.exe
PRC - [2010/04/29 15:39:32 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2009/09/24 06:50:10 | 003,520,256 | ---- | M] (Ghisler Software GmbH) -- C:\Program Files\totalcmd\TOTALCMD.EXE


========== Modules (SafeList) ==========

MOD - [2010/07/26 09:30:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\kinclik\Desktop\OTL.exe
MOD - [2009/07/14 11:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 11:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -d -f %ProgramFiles%\WinPcap\rpcapd.ini -- (rpcapd)
SRV:64bit: - [2010/06/29 06:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/06/29 06:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/06/29 06:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/08/11 05:00:50 | 000,258,928 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2009/08/06 08:20:12 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009/08/05 05:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009/08/04 12:17:56 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009/07/29 09:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009/07/14 11:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 03:38:24 | 000,065,904 | ---- | M] (TOSHIBA Corporation) [Auto | Stopped] -- C:\Program Files\TOSHIBA\rselect\RSelSvc.exe -- (RSELSVC)
SRV:64bit: - [2009/03/28 12:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Stopped] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/01/26 12:59:04 | 000,117,640 | ---- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2009/08/18 04:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/07/18 13:52:38 | 000,181,616 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs.exe -- (cfWiMAXService)
SRV - [2009/07/15 13:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009/05/27 02:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SQL Server (MSSMLBIZ)
SRV - [2009/03/11 12:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/02/21 03:46:52 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\windows\SysNative\DRIVERS\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010/06/29 06:33:00 | 000,061,008 | ---- | M] (ALWIL Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/04/16 08:33:36 | 000,050,176 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/01/26 12:59:05 | 000,583,296 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\cchpx64.sys -- (ccHP)
DRV:64bit: - [2010/01/26 12:59:05 | 000,476,720 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010/01/26 12:59:05 | 000,402,992 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2010/01/26 12:59:05 | 000,278,576 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\symtdi.sys -- (SYMTDI)
DRV:64bit: - [2010/01/26 12:59:05 | 000,120,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\symfw.sys -- (SYMFW)
DRV:64bit: - [2010/01/26 12:59:05 | 000,056,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\symndisv.sys -- (SYMNDISV)
DRV:64bit: - [2010/01/26 12:59:05 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010/01/26 12:59:05 | 000,031,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2010/01/26 12:59:04 | 000,334,384 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\BHDrvx64.sys -- (BHDrvx64)
DRV:64bit: - [2010/01/25 22:30:11 | 000,172,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2009/08/28 02:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/21 10:04:06 | 000,446,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8187B.sys -- (RTL8187B)
DRV:64bit: - [2009/07/31 14:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009/07/31 11:46:22 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/07/25 09:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009/07/22 08:03:34 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/07/21 11:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/15 09:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009/07/14 11:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 11:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 11:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 11:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 11:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 11:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 10:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/03 08:55:38 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009/06/23 11:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009/06/20 13:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009/06/11 06:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/11 06:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 06:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 06:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 06:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/23 16:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2010/01/26 12:59:05 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/01/26 12:59:05 | 000,397,360 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSvia64.sys -- (IDSVia64)
DRV - [2009/10/21 02:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\npf.sys -- (NPF)
DRV - [2000/06/13 08:34:24 | 000,007,157 | ---- | M] (Beyond Logic http://www.beyondlogic.org) [Kernel | Auto | Stopped] -- C:\windows\SysWow64\drivers\porttalk.sys -- (PortTalk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSAU
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSAU


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-442170155-1829090787-3460930420-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSAU
IE - HKU\S-1-5-21-442170155-1829090787-3460930420-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSAU
IE - HKU\S-1-5-21-442170155-1829090787-3460930420-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-442170155-1829090787-3460930420-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-442170155-1829090787-3460930420-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5643



O1 HOSTS File: ([2009/06/11 07:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-442170155-1829090787-3460930420-1004\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-442170155-1829090787-3460930420-1004..\Run: [jufuogyw] C:\Users\kinclik\AppData\Local\xvffuejjv\gmwpuuxtssd.exe ()
O4 - HKU\S-1-5-21-442170155-1829090787-3460930420-1004..\Run: [uTorrent] C:\Program Files (x86)\torrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [] File not found
O4 - HKLM..\RunOnce: [GrpConv] C:\windows\SysWow64\grpconv.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\kinclik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\CoIEPlg.dll (Symantec Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.dvacm - C:\Program Files (x86)\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mpegacm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files (x86)\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: msacm.vorbis - C:\windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\windows\SysWow64\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2010/07/26 10:21:22 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Users\kinclik\Desktop\OTL.exe
[2010/07/26 09:26:30 | 000,000,000 | ---D | C] -- C:\Users\kinclik\AppData\Roaming\Malwarebytes
[2010/07/26 09:25:43 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysWow64\drivers\mbamswissarmy.sys
[2010/07/26 09:25:42 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2010/07/26 09:25:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/07/26 09:25:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/07/25 22:03:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ultimate Process Manager
[2010/07/25 20:51:19 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\windows\avastSS.scr
[2010/07/25 20:43:26 | 000,000,000 | ---D | C] -- C:\Users\kinclik\AppData\Local\ElevatedDiagnostics
[2010/07/25 19:50:20 | 000,000,000 | ---D | C] -- C:\Users\kinclik\AppData\Local\TaskManager
[2010/07/25 19:50:18 | 000,000,000 | ---D | C] -- C:\Program Files\Free Extended Task Manager
[2010/07/25 19:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\TaskManager
[2010/07/25 19:12:02 | 000,121,936 | ---- | C] (ALWIL Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2010/07/25 19:12:02 | 000,020,048 | ---- | C] (ALWIL Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2010/07/25 19:12:01 | 000,061,008 | ---- | C] (ALWIL Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2010/07/25 19:12:01 | 000,051,280 | ---- | C] (ALWIL Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2010/07/25 19:12:01 | 000,028,752 | ---- | C] (ALWIL Software) -- C:\windows\SysNative\drivers\aswRdr.sys
[2010/07/25 19:11:58 | 000,165,032 | ---- | C] (AVAST Software) -- C:\windows\SysWow64\aswBoot.exe
[2010/07/25 17:57:17 | 000,000,000 | ---D | C] -- C:\windows\XSxS
[2010/07/25 17:57:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xenocode
[2010/07/25 17:53:45 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010/07/25 17:53:44 | 000,000,000 | ---D | C] -- C:\rsit
[2010/07/25 15:12:08 | 000,000,000 | R--D | C] -- C:\Users\kinclik\Searches
[2010/07/25 14:41:46 | 000,000,000 | R--D | C] -- C:\Users\kinclik\Favorites
[2010/07/25 12:45:44 | 000,000,000 | ---D | C] -- C:\Users\kinclik\AppData\Local\xvffuejjv
[2010/07/22 13:07:37 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\windows\SysWow64\rewire.dll
[2010/07/22 13:07:34 | 001,294,336 | ---- | C] (HMS http://hp.vector.co.jp/authors/VA012897/) -- C:\windows\SysWow64\vorbis.acm
[2010/07/22 13:06:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image-Line
[2010/07/18 16:53:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/07/15 22:28:47 | 000,000,000 | R--D | C] -- C:\Users\kinclik\Music
[2010/07/14 09:57:49 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2010/07/13 12:05:38 | 000,000,000 | ---D | C] -- C:\Users\kinclik\Documents\advanced diploma
[2010/07/08 16:44:36 | 000,000,000 | ---D | C] -- C:\Users\kinclik\Documents\mp3 record
[2010/07/06 17:39:10 | 000,000,000 | ---D | C] -- C:\Users\kinclik\AppData\Roaming\Audacity
[2010/07/05 18:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Womble Multimedia
[2010/07/04 17:17:37 | 000,000,000 | ---D | C] -- C:\Users\kinclik\serials

========== Files - Modified Within 30 Days ==========

[2010/07/26 10:21:33 | 001,835,008 | -HS- | M] () -- C:\Users\kinclik\ntuser.dat
[2010/07/26 09:30:55 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\kinclik\Desktop\OTL.exe
[2010/07/26 09:17:29 | 000,845,380 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2010/07/26 09:17:29 | 000,712,622 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2010/07/26 09:17:29 | 000,142,552 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2010/07/26 09:13:13 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2010/07/26 09:13:04 | 1504,346,112 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/25 21:52:48 | 001,002,814 | ---- | M] () -- C:\Users\kinclik\Desktop\upmsfx.exe
[2010/07/25 20:59:59 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/07/25 20:59:59 | 000,016,304 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/07/25 20:52:40 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
[2010/07/25 20:51:20 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
[2010/07/25 19:12:03 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/07/25 18:43:24 | 000,524,288 | -HS- | M] () -- C:\Users\kinclik\ntuser.dat{30b3eed6-97c8-11df-a490-701a04157fb7}.TMContainer00000000000000000002.regtrans-ms
[2010/07/25 18:43:24 | 000,524,288 | -HS- | M] () -- C:\Users\kinclik\ntuser.dat{30b3eed6-97c8-11df-a490-701a04157fb7}.TMContainer00000000000000000001.regtrans-ms
[2010/07/25 18:43:24 | 000,065,536 | -HS- | M] () -- C:\Users\kinclik\ntuser.dat{30b3eed6-97c8-11df-a490-701a04157fb7}.TM.blf
[2010/07/25 17:35:16 | 000,832,273 | ---- | M] () -- C:\Users\kinclik\Desktop\RSITx64.exe
[2010/07/25 16:50:35 | 003,743,885 | ---- | M] () -- C:\Users\kinclik\Desktop\hovno.exe.exe
[2010/07/25 16:14:46 | 043,861,560 | ---- | M] () -- C:\Users\kinclik\Desktop\setupcze.exe
[2010/07/23 17:48:18 | 000,078,015 | ---- | M] () -- C:\Users\kinclik\Desktop\Receipt_KamilaK.jpg
[2010/07/15 17:39:52 | 002,614,931 | ---- | M] () -- C:\Users\kinclik\Desktop\IMG_4455.JPG
[2010/07/15 17:33:38 | 002,551,746 | ---- | M] () -- C:\Users\kinclik\Desktop\IMG_4433.JPG
[2010/07/12 13:26:10 | 000,317,968 | ---- | M] () -- C:\Users\kinclik\Desktop\Summary_2.jpg
[2010/07/12 13:25:57 | 000,348,237 | ---- | M] () -- C:\Users\kinclik\Desktop\Summary_1.jpg
[2010/07/05 18:40:13 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\MPEG Video Wizard DVD 5.0.lnk
[2010/07/05 07:25:34 | 000,016,384 | ---- | M] () -- C:\Users\kinclik\Desktop\rustina.doc
[2010/07/05 07:20:03 | 000,127,219 | ---- | M] () -- C:\Users\kinclik\Desktop\azbuka.pdf
[2010/07/03 17:12:50 | 000,001,985 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/06/30 22:54:01 | 001,260,016 | ---- | M] () -- C:\Users\kinclik\Desktop\radiobar_toolbar.exe
[2010/06/29 06:57:33 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\windows\avastSS.scr
[2010/06/29 06:57:12 | 000,165,032 | ---- | M] (AVAST Software) -- C:\windows\SysWow64\aswBoot.exe
[2010/06/29 06:37:56 | 000,051,280 | ---- | M] (ALWIL Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2010/06/29 06:37:36 | 000,121,936 | ---- | M] (ALWIL Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2010/06/29 06:33:17 | 000,028,752 | ---- | M] (ALWIL Software) -- C:\windows\SysNative\drivers\aswRdr.sys
[2010/06/29 06:33:00 | 000,061,008 | ---- | M] (ALWIL Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2010/06/29 06:32:36 | 000,020,048 | ---- | M] (ALWIL Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys

========== Files Created - No Company Name ==========

[2010/07/25 21:58:24 | 001,002,814 | ---- | C] () -- C:\Users\kinclik\Desktop\upmsfx.exe
[2010/07/25 19:12:03 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2010/07/25 18:42:41 | 003,743,885 | ---- | C] () -- C:\Users\kinclik\Desktop\hovno.exe.exe
[2010/07/25 18:41:58 | 000,832,273 | ---- | C] () -- C:\Users\kinclik\Desktop\RSITx64.exe
[2010/07/25 18:40:12 | 000,524,288 | -HS- | C] () -- C:\Users\kinclik\ntuser.dat{30b3eed6-97c8-11df-a490-701a04157fb7}.TMContainer00000000000000000002.regtrans-ms
[2010/07/25 18:40:12 | 000,524,288 | -HS- | C] () -- C:\Users\kinclik\ntuser.dat{30b3eed6-97c8-11df-a490-701a04157fb7}.TMContainer00000000000000000001.regtrans-ms
[2010/07/25 18:40:12 | 000,065,536 | -HS- | C] () -- C:\Users\kinclik\ntuser.dat{30b3eed6-97c8-11df-a490-701a04157fb7}.TM.blf
[2010/07/25 16:26:19 | 043,861,560 | ---- | C] () -- C:\Users\kinclik\Desktop\setupcze.exe
[2010/07/23 17:48:14 | 000,078,015 | ---- | C] () -- C:\Users\kinclik\Desktop\Receipt_KamilaK.jpg
[2010/07/15 17:37:49 | 002,614,931 | ---- | C] () -- C:\Users\kinclik\Desktop\IMG_4455.JPG
[2010/07/15 17:31:34 | 002,551,746 | ---- | C] () -- C:\Users\kinclik\Desktop\IMG_4433.JPG
[2010/07/12 13:26:08 | 000,317,968 | ---- | C] () -- C:\Users\kinclik\Desktop\Summary_2.jpg
[2010/07/12 13:25:53 | 000,348,237 | ---- | C] () -- C:\Users\kinclik\Desktop\Summary_1.jpg
[2010/07/05 18:40:13 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\MPEG Video Wizard DVD 5.0.lnk
[2010/07/05 07:25:32 | 000,016,384 | ---- | C] () -- C:\Users\kinclik\Desktop\rustina.doc
[2010/07/05 07:20:03 | 000,127,219 | ---- | C] () -- C:\Users\kinclik\Desktop\azbuka.pdf
[2010/06/30 22:53:30 | 001,260,016 | ---- | C] () -- C:\Users\kinclik\Desktop\radiobar_toolbar.exe
[2010/04/28 22:04:55 | 000,053,299 | ---- | C] () -- C:\windows\SysWow64\pthreadVC.dll
[2010/04/06 20:15:29 | 000,819,200 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2010/04/06 20:15:29 | 000,180,224 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2010/01/26 12:53:44 | 000,788,486 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010/01/26 12:37:59 | 000,000,000 | ---- | C] () -- C:\windows\NDSTray.INI
[2009/07/14 09:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2009/07/14 07:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2009/04/28 22:37:00 | 000,028,672 | ---- | C] () -- C:\windows\SysWow64\SPCtl.dll

========== LOP Check ==========

[2010/04/28 22:04:55 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Apowersoft
[2010/07/08 15:56:21 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Audacity
[2010/02/08 15:43:38 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/05/22 19:24:35 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\FinalBurner Video DVD
[2010/02/15 10:46:20 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\GetRightToGo
[2010/07/26 12:38:54 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\GHISLER
[2010/04/13 21:55:58 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Nokia
[2010/04/13 21:55:59 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Nokia Ovi Suite
[2010/02/15 10:58:16 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\OpenOffice.org
[2010/04/11 09:33:15 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Opera
[2010/04/13 19:57:54 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\PC Suite
[2010/03/15 02:16:22 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\PhotoFiltre
[2010/01/27 19:52:01 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Toshiba
[2010/01/28 20:33:14 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Ulead Systems
[2010/07/25 21:59:53 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\uTorrent
[2010/06/01 09:24:31 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Skype" = "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized -- [2010/05/13 17:57:20 | 026,192,168 | ---- | M] (Skype Technologies S.A.)
"uTorrent" = "C:\Program Files (x86)\torrent\uTorrent.exe" -- [2010/02/05 14:39:26 | 000,319,280 | ---- | M] (BitTorrent, Inc.)
"jufuogyw" = C:\Users\kinclik\AppData\Local\xvffuejjv\gmwpuuxtssd.exe -- [2010/07/25 12:45:31 | 000,312,064 | ---- | M] ()

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/02/08 15:43:37 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Adobe
[2010/04/28 22:04:55 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Apowersoft
[2010/05/31 17:02:03 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Apple Computer
[2010/07/08 15:56:21 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Audacity
[2010/02/08 15:43:38 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/05/16 23:17:30 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\DivX
[2010/05/22 19:24:35 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\FinalBurner Video DVD
[2010/02/15 10:46:20 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\GetRightToGo
[2010/07/26 12:38:54 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\GHISLER
[2010/01/25 22:33:50 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Google
[2010/01/25 22:27:53 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Identities
[2010/01/25 22:52:27 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Macromedia
[2010/07/26 09:26:30 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Malwarebytes
[2009/07/14 17:44:38 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Media Center Programs
[2010/07/25 20:03:04 | 000,000,000 | --SD | M] -- C:\Users\kinclik\AppData\Roaming\Microsoft
[2010/04/13 21:55:58 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Nokia
[2010/04/13 21:55:59 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Nokia Ovi Suite
[2010/02/15 10:58:16 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\OpenOffice.org
[2010/04/11 09:33:15 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Opera
[2010/04/13 19:57:54 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\PC Suite
[2010/03/15 02:16:22 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\PhotoFiltre
[2010/07/23 22:26:34 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Skype
[2010/07/23 17:20:25 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\skypePM
[2010/01/27 19:52:01 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Toshiba
[2010/01/28 20:33:14 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Ulead Systems
[2010/07/25 21:59:53 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\uTorrent
[2010/06/22 12:25:39 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\vlc
[2010/02/15 22:48:03 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Winamp
[2010/05/16 17:04:48 | 000,000,000 | ---D | M] -- C:\Users\kinclik\AppData\Roaming\Yahoo!

< %APPDATA%\*.exe /s >
[2010/02/08 15:45:16 | 000,038,784 | ---- | M] () -- C:\Users\kinclik\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe


< MD5 for: AGP440.SYS >
[2009/07/14 11:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 11:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 11:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 11:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CDROM.SYS >
[2009/07/14 09:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 09:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 11:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 11:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 11:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 11:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009/07/14 11:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/14 11:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/14 11:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/14 11:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009/07/14 11:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 15:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 15:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 15:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/08/03 16:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 16:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009/10/31 16:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 15:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 16:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 15:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 11:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 16:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 16:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 11:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTOR.SYS >
[2009/06/05 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/06/05 12:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\windows\SysWow64\DriverStore\FileRepository\iaahci.inf_amd64_neutral_7fb62b08f6b7117a\iaStor.sys
[2009/06/05 12:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys

< MD5 for: IASTORV.SYS >
[2009/07/14 11:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 11:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 11:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009/07/14 11:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 11:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/14 11:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009/07/14 11:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009/07/14 11:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 11:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 11:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 11:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 11:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009/07/14 11:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009/07/14 11:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009/07/14 11:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 11:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 11:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 11:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 11:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 11:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 11:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 11:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 11:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2009/07/14 11:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009/07/14 11:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 11:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 11:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 11:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/14 11:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 17:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 16:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009/07/14 11:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009/07/14 11:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009/07/14 11:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009/07/14 11:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010/07/25 20:51:20 | 000,000,000 | ---- | M] () -- C:\Windows\SysWOW64\config.nt
< End of report >

Re: nelze spustit exe aplikace - win7

Napsal: 26 črc 2010 01:44
od kinclik
OTL Extras LogFile

OTL Extras logfile created on: 7/26/2010 10:23:59 AM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\kinclik\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 137.28 Gb Total Space | 7.22 Gb Free Space | 5.26% Space Free | Partition Type: NTFS
Drive D: | 292.31 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: KINCLIK-PC
Current User Name: kinclik
Logged in as Administrator.

Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-442170155-1829090787-3460930420-1004\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}" = TOSHIBA Bulletin Board
"{404BB1FF-A84F-432F-B77B-301E88E8D1C7}" = Apple Mobile Device Support
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96D5EB02-DE18-4DCD-A713-929B4461CA8D}" = iTunes
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C2DDF845-7107-40E8-8D2A-8719F1799570}" = TOSHIBA ReelTime
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Free Extended Task Manager" = Free Extended Task Manager
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"LTMOH" = LSI V92 MOH Application
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{05ADEEC8-BD58-43D9-A9E3-1F53B0DA117A}" = Opera 10.51
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = TOSHIBA Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 20
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1" = Video Download Capture V2.4.5
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6DEF11C0-35FF-4160-A543-FDD336C4DAE5}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1" = MPEG Video Wizard DVD 5.0.0.108 (06/2010)
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Atomic Email Hunter_is1" = Atomic Email Hunter
"avast5" = avast! Free Antivirus
"AVS Media Player_is1" = AVS Media Player 3.1
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}" = TOSHIBA Bulletin Board
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}" = TOSHIBA ReelTime
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mpeg Video Wizard DVD 5.0" = MPEG Video Wizard DVD 5.0.0.108 (06/2010)
"NIS" = Norton Internet Security
"PROHYBRIDR" = 2007 Microsoft Office system
"rajèe.net_is1" = rajèe verze 56 sestavení 144
"Totalcmd" = Total Commander (Remove or Repair)
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.1.0
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-442170155-1829090787-3460930420-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre" = PhotoFiltre

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/12/2010 2:35:48 AM | Computer Name = kinclik-PC | Source = Bonjour Service | ID = 100
Description =

Error - 7/12/2010 2:35:49 AM | Computer Name = kinclik-PC | Source = Bonjour Service | ID = 100
Description =

Error - 7/12/2010 2:35:49 AM | Computer Name = kinclik-PC | Source = Bonjour Service | ID = 100
Description =

Error - 7/12/2010 2:35:49 AM | Computer Name = kinclik-PC | Source = Bonjour Service | ID = 100
Description =

Error - 7/12/2010 2:35:50 AM | Computer Name = kinclik-PC | Source = Bonjour Service | ID = 100
Description =

Error - 7/12/2010 2:35:50 AM | Computer Name = kinclik-PC | Source = Bonjour Service | ID = 100
Description =

Error - 7/12/2010 2:35:50 AM | Computer Name = kinclik-PC | Source = Bonjour Service | ID = 100
Description =

Error - 7/12/2010 10:37:54 PM | Computer Name = kinclik-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 7/15/2010 12:19:14 AM | Computer Name = kinclik-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 7/16/2010 5:47:33 PM | Computer Name = kinclik-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

[ System Events ]
Error - 7/24/2010 1:28:38 AM | Computer Name = kinclik-PC | Source = Service Control Manager | ID = 7000
Description = The PortTalk service failed to start due to the following error: %%1275

Error - 7/24/2010 1:37:11 AM | Computer Name = kinclik-PC | Source = bowser | ID = 8003
Description =

Error - 7/24/2010 7:07:00 PM | Computer Name = kinclik-PC | Source = Service Control Manager | ID = 7000
Description = The NetGroup Packet Filter Driver service failed to start due to the
following error: %%2

Error - 7/24/2010 7:07:00 PM | Computer Name = kinclik-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\PortTalk.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 7/24/2010 7:07:00 PM | Computer Name = kinclik-PC | Source = Service Control Manager | ID = 7000
Description = The PortTalk service failed to start due to the following error: %%1275

Error - 7/24/2010 7:13:48 PM | Computer Name = kinclik-PC | Source = bowser | ID = 8003
Description =

Error - 7/25/2010 1:09:07 AM | Computer Name = kinclik-PC | Source = volsnap | ID = 393241
Description = The shadow copies of volume C: were deleted because the shadow copy
storage could not grow in time. Consider reducing the IO load on the system or
choose a shadow copy storage volume that is not being shadow copied.

Error - 7/25/2010 1:09:27 AM | Computer Name = kinclik-PC | Source = Service Control Manager | ID = 7000
Description = The NetGroup Packet Filter Driver service failed to start due to the
following error: %%2

Error - 7/25/2010 1:09:27 AM | Computer Name = kinclik-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\PortTalk.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 7/25/2010 1:09:27 AM | Computer Name = kinclik-PC | Source = Service Control Manager | ID = 7000
Description = The PortTalk service failed to start due to the following error: %%1275


< End of report >

Re: nelze spustit exe aplikace - win7

Napsal: 26 črc 2010 08:30
od motji
:arrow: Co našel mbam, smažte.

:arrow: Předpokládám, že tuto složku neznáte
C:\Users\kinclik\AppData\Local\xvffuejjv

:arrow: tento soubor znáte?
C:\Users\kinclik\Desktop\hovno.exe.exe

Re: nelze spustit exe aplikace - win7

Napsal: 26 črc 2010 10:20
od kinclik
Ok, smazu. Tu prvni slozku samozrejme neznam. Ta druha je prejmenovany combofix (nebyla dobra nalada :oops: )

Re: nelze spustit exe aplikace - win7

Napsal: 26 črc 2010 12:35
od motji
:arrow: Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
IE - HKU\S-1-5-21-442170155-1829090787-3460930420-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSAU
IE - HKU\S-1-5-21-442170155-1829090787-3460930420-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSAU
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4 - HKLM..\RunOnce: [] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\windows\SysWow64\mctadmin.exe File not found
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Users\kinclik\AppData\Local\xvffuejjv
C:\Users\kinclik\AppData\Local\Temp\*.* /s

C:\Users\kinclik\Desktop\hovno.exe.exe
:commands
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde :)

Re: nelze spustit exe aplikace - win7

Napsal: 27 črc 2010 11:37
od kinclik
OTL LogFile


All processes killed
========== OTL ==========
No active process named explorer.exe was found!
HKU\S-1-5-21-442170155-1829090787-3460930420-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-442170155-1829090787-3460930420-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F}\ not found.
File {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\mso-offdap11\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32505114-5902-49B2-880A-1F7738E5A384}\ not found.
File {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}\ not found.
File {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\symres\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA1061FE-6C41-421f-9344-69640C9732AB}\ not found.
File {AA1061FE-6C41-421f-9344-69640C9732AB} - Reg Error: Key error. File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0}\ not found.
File {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found not found.
========== FILES ==========
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF660.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI1334.tmp moved successfully.
C:\WINDOWS\Installer\MSI1861.tmp moved successfully.
C:\WINDOWS\Installer\MSI8DB0.tmp moved successfully.
C:\WINDOWS\Installer\MSI90D4.tmp moved successfully.
C:\WINDOWS\Installer\MSID895.tmp moved successfully.
C:\WINDOWS\Installer\MSIE850.tmp moved successfully.
C:\Users\kinclik\AppData\Local\xvffuejjv folder moved successfully.
C:\Users\kinclik\AppData\Local\Temp\AdobeARM.log moved successfully.
File move failed. C:\Users\kinclik\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.
C:\Users\kinclik\AppData\Local\Temp\IpAdrSet.log moved successfully.
C:\Users\kinclik\AppData\Local\Temp\jusched.log moved successfully.
C:\Users\kinclik\AppData\Local\Temp\wmplog00.sqm moved successfully.
C:\Users\kinclik\AppData\Local\Temp\divCD5C.tmp\divD078.tmp moved successfully.
C:\Users\kinclik\AppData\Local\Temp\divCEF1.tmp\divD807.tmp moved successfully.
C:\Users\kinclik\AppData\Local\Temp\divE53F.tmp\divE936.tmp moved successfully.
C:\Users\kinclik\Desktop\hovno.exe.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: kinclik
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 139129 bytes
->Java cache emptied: 13006032 bytes
->Google Chrome cache emptied: 6803057 bytes
->Opera cache emptied: 272 bytes
->Flash cache emptied: 44861 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2432 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67630 bytes
RecycleBin emptied: 20445489 bytes

Total Files Cleaned = 39.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: kinclik
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.9.1 log created on 07272010_203030

Files\Folders moved on Reboot...
C:\Users\kinclik\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Re: nelze spustit exe aplikace - win7

Napsal: 27 črc 2010 19:23
od motji
Poprosím o nový log ze Rsitu. jak to vypadá s počítačem?

Re: nelze spustit exe aplikace - win7

Napsal: 29 črc 2010 05:05
od kinclik
Log z RSIT

Logfile of random's system information tool 1.08 (written by random/random)
Run by kinclik at 2010-07-29 13:58:29
Microsoft Windows 7 Home Premium
System drive C: has 3 GB (2%) free of 141 GB
Total RAM: 1913 MB (61% free)

HijackThis download failed

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe"
"C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe"
"C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\TOSHIBA\TECO\Teco.exe" /r
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe"
"taskhost.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe"
"C:\Windows\WindowsMobile\wmdcBase.exe"
"C:\Program Files (x86)\torrent\uTorrent.exe"
C:\windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe"
"c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
"C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2C:\\Program Files (x86)\\OpenOffice.org 3\\program"
"C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\diMaster.dll" /prefetch:1
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\TODDSrv.exe
"C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe"
"C:\Program Files\TOSHIBA\TECO\TecoService.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
C:\windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
taskeng.exe {65A9F74C-5FC1-4CFD-900A-F46BC2CB6278}
"C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe"
"C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
"E:\programes\HijackThis.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe"
"C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe"
"C:\Program Files\TOSHIBA\rselect\RSelSvc.exe" /Service
C:\windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\wbem\wmiprvse.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 500 504 512 65536 508
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\kinclik\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-20 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2010-01-26 378736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL [2010-01-26 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-23 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2010-01-26 378736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2009-09-03 165912]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2009-09-03 387608]
"Persistence"=C:\windows\system32\igfxpers.exe [2009-09-03 365592]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2009-08-06 497504]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2009-03-10 52600]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2009-07-29 508216]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2009-08-06 909624]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-07-29 7982112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-21 1815848]
"SmartFaceVWatcher"=C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [2009-07-30 238080]
"Teco"=C:\Program Files\TOSHIBA\TECO\Teco.exe [2009-08-11 1482592]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [2009-08-04 709976]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2009-08-05 711000]
"TosNC"=C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [2009-08-07 596328]
"TosReelTimeMonitor"=C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [2009-08-07 35160]
"Windows Mobile-based device management"=C:\windows\WindowsMobile\wmdcBase.exe [2007-05-31 660360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\\Phone\Skype.exe [2010-05-13 26192168]
"uTorrent"=C:\Program Files (x86)\torrent\uTorrent.exe [2010-02-05 319280]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-07-10 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-03 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-14 34088]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-08-18 1294136]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2010-01-14 37888]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-03-13 1135912]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2010-04-28 142120]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-06-29 2837864]

C:\Users\kinclik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.0.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2009-08-28 259584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-07-29 13:58:29 ----D---- C:\rsit
2010-07-26 09:26:30 ----D---- C:\Users\kinclik\AppData\Roaming\Malwarebytes
2010-07-26 09:25:43 ----A---- C:\windows\SYSWOW64\drivers\mbamswissarmy.sys
2010-07-26 09:25:42 ----D---- C:\ProgramData\Malwarebytes
2010-07-26 09:25:42 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-07-26 09:25:42 ----A---- C:\windows\system32\drivers\mbam.sys
2010-07-25 22:03:16 ----D---- C:\Program Files (x86)\Ultimate Process Manager
2010-07-25 19:50:18 ----D---- C:\Program Files\Free Extended Task Manager
2010-07-25 19:48:43 ----D---- C:\ProgramData\TaskManager
2010-07-25 19:12:02 ----A---- C:\windows\system32\drivers\aswSP.sys
2010-07-25 19:12:02 ----A---- C:\windows\system32\drivers\aswFsBlk.sys
2010-07-25 19:12:01 ----A---- C:\windows\system32\drivers\aswTdi.sys
2010-07-25 19:12:01 ----A---- C:\windows\system32\drivers\aswRdr.sys
2010-07-25 19:12:01 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2010-07-25 19:11:58 ----A---- C:\windows\SYSWOW64\aswBoot.exe
2010-07-25 17:57:17 ----D---- C:\windows\XSxS
2010-07-25 17:57:17 ----D---- C:\Program Files (x86)\Xenocode
2010-07-25 17:53:45 ----D---- C:\Program Files\trend micro
2010-07-22 13:07:37 ----A---- C:\windows\SYSWOW64\rewire.dll
2010-07-22 13:06:22 ----D---- C:\Program Files (x86)\Image-Line
2010-07-14 09:57:49 ----A---- C:\windows\system32\cdd.dll
2010-07-06 17:39:10 ----D---- C:\Users\kinclik\AppData\Roaming\Audacity
2010-07-05 18:40:10 ----D---- C:\Program Files (x86)\Womble Multimedia

======List of files/folders modified in the last 1 months======

2010-07-29 13:57:46 ----D---- C:\windows\Prefetch
2010-07-29 13:57:44 ----D---- C:\windows\inf
2010-07-29 13:57:44 ----AD---- C:\windows\System32
2010-07-29 13:57:44 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-07-29 13:54:10 ----D---- C:\windows\Temp
2010-07-29 13:53:11 ----D---- C:\Users\kinclik\AppData\Roaming\uTorrent
2010-07-29 09:30:07 ----D---- C:\windows\system32\config
2010-07-29 08:50:22 ----AD---- C:\Windows
2010-07-27 20:30:36 ----SHD---- C:\windows\Installer
2010-07-27 15:29:45 ----D---- C:\windows\system32\NDF
2010-07-26 12:38:56 ----D---- C:\windows\Tasks
2010-07-26 12:38:56 ----D---- C:\windows\system32\wfp
2010-07-26 12:38:56 ----D---- C:\windows\system32\wbem
2010-07-26 12:38:56 ----D---- C:\windows\system32\DriverStore
2010-07-26 12:38:56 ----D---- C:\windows\system32\catroot2
2010-07-26 12:38:54 ----D---- C:\Users\kinclik\AppData\Roaming\GHISLER
2010-07-26 12:38:51 ----D---- C:\windows\registration
2010-07-26 12:37:37 ----SHD---- C:\System Volume Information
2010-07-26 10:20:14 ----D---- C:\programes
2010-07-26 09:25:43 ----D---- C:\windows\SYSWOW64\drivers
2010-07-26 09:25:42 ----D---- C:\windows\system32\drivers
2010-07-26 09:25:42 ----D---- C:\ProgramData
2010-07-26 09:25:42 ----D---- C:\Program Files (x86)
2010-07-25 20:51:20 ----D---- C:\windows\SysWOW64
2010-07-25 20:03:04 ----SD---- C:\Users\kinclik\AppData\Roaming\Microsoft
2010-07-25 19:50:18 ----RD---- C:\Program Files
2010-07-25 16:30:39 ----D---- C:\ProgramData\Alwil Software
2010-07-23 22:26:34 ----D---- C:\Users\kinclik\AppData\Roaming\Skype
2010-07-23 17:20:25 ----D---- C:\Users\kinclik\AppData\Roaming\skypePM
2010-07-18 16:53:51 ----D---- C:\windows\system32\Tasks
2010-07-18 16:53:49 ----D---- C:\Program Files (x86)\Common Files
2010-07-17 08:36:47 ----D---- C:\audiograbber
2010-07-17 08:17:34 ----RD---- C:\Pictures
2010-07-17 08:04:26 ----D---- C:\Music
2010-07-16 09:01:36 ----D---- C:\ProgramData\DVD Shrink
2010-07-15 23:43:30 ----D---- C:\windows\debug
2010-07-15 21:21:02 ----D---- C:\Kamila
2010-07-15 09:29:49 ----D---- C:\windows\winsxs
2010-07-15 00:43:21 ----D---- C:\ProgramData\Microsoft Help
2010-07-14 09:57:05 ----D---- C:\windows\system32\catroot
2010-07-08 16:44:05 ----D---- C:\windows\Logs
2010-07-05 18:26:20 ----D---- C:\Program Files (x86)\MPEG Video Wizard DVD 5.0
2010-07-04 19:04:13 ----D---- C:\Program Files\Microsoft Games
2010-07-03 06:18:43 ----A---- C:\windows\system32\MRT.exe
2010-06-30 23:02:58 ----D---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 LPCFilter;LPC Lower Filter Driver; C:\windows\system32\DRIVERS\LPCFilter.sys [2009-07-03 44912]
R0 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 SymEFA;Symantec Extended File Attributes; C:\windows\system32\drivers\NISx64\1007000.01E\SYMEFA64.SYS [2010-01-26 402992]
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\windows\system32\DRIVERS\tos_sps64.sys [2009-07-25 482384]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ_O.SYS [2009-07-15 26840]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2010-06-29 28752]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2010-06-29 121936]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2010-06-29 51280]
R1 BHDrvx64;Symantec Heuristics Driver; C:\windows\system32\drivers\NISx64\1007000.01E\BHDrvx64.sys [2010-01-26 334384]
R1 ccHP;Symantec Hash Provider; C:\windows\system32\drivers\NISx64\1007000.01E\ccHPx64.sys [2010-01-26 583296]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2010-01-26 475696]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSVia64.sys [2010-01-26 397360]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\windows\system32\drivers\NISx64\1007000.01E\SRTSPX64.SYS [2010-01-26 32304]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\windows\system32\DRIVERS\SymIMv.sys [2010-01-26 31280]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\windows\system32\drivers\NISx64\1007000.01E\SYMTDI.SYS [2010-01-26 278576]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2010-06-29 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2010-06-29 61008]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
R3 AgereSoftModem;TOSHIBA V.92 Software Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-07-22 1208320]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2009-08-28 7369600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2009-07-29 1966624]
R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [2009-06-23 35008]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11bg 54Mbps USB 2.0 Network Adapter; C:\windows\system32\DRIVERS\RTL8187B.sys [2009-08-21 446976]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2010-01-25 172592]
R3 SYMFW;Symantec Network Filter Driver; C:\windows\system32\drivers\NISx64\1007000.01E\SYMFW.SYS [2010-01-26 120880]
R3 SYMNDISV;Symantec Network Filter Driver; C:\windows\system32\drivers\NISx64\1007000.01E\SYMNDISV.SYS [2010-01-26 56880]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-21 274480]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [2009-07-31 27784]
S2 NPF;NetGroup Packet Filter Driver; C:\windows\system32\drivers\npf.sys []
S2 PortTalk;PortTalk; C:\windows\system32\drivers\PortTalk.sys []
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090713.024\EX64.SYS []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-07-31 222208]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-05-23 215040]
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\windows\system32\drivers\NISx64\1007000.01E\SRTSP64.SYS [2010-01-26 476720]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 usb_rndisx;USB RNDIS Adapter; C:\windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2010-04-16 50176]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 WINUSB;WinUsb Driver; C:\windows\system32\DRIVERS\WinUSB.SYS [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-29 40384]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2009-02-21 30312]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-07-18 181616]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-15 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe [2010-01-26 117640]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 RSELSVC;TOSHIBA Modem region select service; C:\Program Files\TOSHIBA\rselect\RSelSvc.exe [2009-07-08 65904]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-26 153952]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe [2009-07-29 140632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-06 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-08-11 258928]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\windows\system32\svchost.exe [2009-07-14 27136]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-29 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-29 40384]
R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-18 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-04 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-05 826224]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 660256]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-27 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe -d -f C:\Program Files\WinPcap\rpcapd.ini []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-04-25 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-25 45408]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-25 239968]

-----------------EOF-----------------

Re: nelze spustit exe aplikace - win7

Napsal: 29 črc 2010 05:12
od kinclik
Comp se chova normalne, ale neco stale blokuje web browsery. K netu se pripojim, stahuji data, ale na zadny veb se nepodivam.
Omlouvam se, ze se to tak vlece, ale v Sydney spime, kdyz se u nas pracuje. Tak se to omezuje na jednu zpravu denne.

Log z Hijack This

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:56:27 PM, on 29/07/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\torrent\uTorrent.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
E:\programes\HijackThis.exe
C:\Users\kinclik\Desktop\HijackThis.exe
C:\windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5643
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\torrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files (x86)\WinPcap\rpcapd.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: TOSHIBA Modem region select service (RSELSVC) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\rselect\RSelSvc.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9879 bytes

Re: nelze spustit exe aplikace - win7

Napsal: 29 črc 2010 09:55
od motji
Neblokuje Vám prohlížeče třeba firewall?
Zkuste je přeinstalovat.


:arrow: Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

Re: nelze spustit exe aplikace - win7

Napsal: 31 črc 2010 01:23
od kinclik
AVPTool uz nic nenasel - dekuji za rady a chvalim projekt viry.cz
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz