VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Spomalený notebook a internet

https://forum.viry.cz:443/viewtopic.php?t=107989

Stránka 1 z 1

Spomalený notebook a internet

Napsal: 30 pro 2010 14:27
od mifoIV
prosím kontrolu tu je log :


Logfile of random's system information tool 1.08 (written by random/random)
Run by admin at 2010-12-30 14:15:08
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 7 GB (9%) free of 76 GB
Total RAM: 2939 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:15:16, on 30. 12. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
D:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\system32\conime.exe
C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\admin\AppData\Local\Google\Chrome\Application\chrome.exe
H:\Softvare\RSIT log.exe
C:\Program Files\trend micro\admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15573&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSoft.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll
O3 - Toolbar: Softonic Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [HDMICtrlMan] C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SysMon] C:\Windows\system32\rundll32.exe "C:\ProgramData\SysMon\ASK.dll" rdl
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [psysnew] C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psysnew.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Client Software-4000(v2.0).lnk = C:\Program Files\Client Software-4000(v2.0)\NetAppSoft.exe
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url2.pl?SK (file missing)
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/red ... &site=home (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\Windows\system32\lxcccoms.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (file missing)
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9776 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1034233192-1315924873-3047747250-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1034233192-1315924873-3047747250-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
ToggleEN Toolbar - C:\Program Files\ToggleEN\tbTogg.dll [2010-06-13 2734688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSoft.dll [2010-03-17 2355224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Softonic Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSoft.dll [2010-03-17 2355224]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]
{038cb5c7-48ea-4af9-94e0-a1646542e62b} - ToggleEN Toolbar - C:\Program Files\ToggleEN\tbTogg.dll [2010-06-13 2734688]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Softonic Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904]
"NDSTray.exe"=NDSTray.exe []
"cfFncEnabler.exe"=cfFncEnabler.exe []
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-08 6037504]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-06-25 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-06-25 170520]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-06-25 145944]
"Camera Assistant Software"=C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-09-26 417792]
"HDMICtrlMan"=C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [2008-04-26 716800]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-10-31 54608]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2008-01-25 509816]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-03-19 716800]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2008-01-11 574864]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SysMon"=C:\ProgramData\SysMon\ASK.dll [2010-05-06 1268736]
"LXCCCATS"=rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16 []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=TOSCDSPD.EXE []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"psysnew"=C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\psysnew.exe [2010-06-12 69632]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher]
c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe [2008-05-28 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-27 136176]

C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Client Software-4000(v2.0).lnk - C:\Program Files\Client Software-4000(v2.0)\NetAppSoft.exe
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-06-12 208896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-30 14:15:08 ----D---- C:\rsit
2010-12-30 14:15:08 ----D---- C:\Program Files\trend micro
2010-12-30 13:48:54 ----D---- C:\Program Files\CCleaner
2010-12-30 13:48:40 ----D---- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2010-12-30 13:48:34 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-12-30 13:35:55 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-12-30 13:18:24 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-12-30 13:18:24 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-12-30 13:18:23 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-12-30 13:15:41 ----D---- C:\Windows\system32\AGEIA
2010-12-30 13:15:41 ----D---- C:\Program Files\AGEIA Technologies
2010-12-30 12:30:07 ----D---- C:\Windows\PCHEALTH
2010-12-30 12:15:37 ----D---- C:\Program Files\Dont Get Angry 3
2010-12-29 15:58:02 ----D---- C:\Program Files\Aspyr Media, Inc
2010-12-28 00:05:49 ----D---- C:\Program Files\The KMPlayer
2010-12-27 18:01:45 ----D---- C:\Program Files\Crash Team Racing
2010-12-17 22:32:08 ----A---- C:\Windows\system32\iertutil.dll
2010-12-17 22:32:07 ----A---- C:\Windows\system32\mstime.dll
2010-12-17 22:32:07 ----A---- C:\Windows\system32\mshtml.dll
2010-12-17 22:32:07 ----A---- C:\Windows\system32\ieframe.dll
2010-12-17 22:32:06 ----A---- C:\Windows\system32\wininet.dll
2010-12-17 22:32:06 ----A---- C:\Windows\system32\urlmon.dll
2010-12-17 22:32:06 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-17 22:32:06 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-17 22:32:06 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-17 22:32:05 ----A---- C:\Windows\system32\occache.dll
2010-12-17 22:32:05 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-17 22:32:05 ----A---- C:\Windows\system32\ieui.dll
2010-12-17 22:32:05 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-17 22:32:05 ----A---- C:\Windows\system32\iepeers.dll
2010-12-17 22:32:05 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-17 22:32:04 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-17 22:32:04 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-17 22:32:04 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-17 22:32:04 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-17 22:32:04 ----A---- C:\Windows\system32\iesetup.dll
2010-12-17 22:32:04 ----A---- C:\Windows\system32\iernonce.dll
2010-12-17 20:08:30 ----A---- C:\Windows\system32\tzres.dll
2010-12-17 16:57:28 ----A---- C:\Windows\system32\fontsub.dll
2010-12-17 16:57:28 ----A---- C:\Windows\system32\atmlib.dll
2010-12-17 16:57:28 ----A---- C:\Windows\system32\atmfd.dll
2010-12-17 16:39:22 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-17 16:39:22 ----A---- C:\Windows\system32\taskschd.dll
2010-12-17 16:39:22 ----A---- C:\Windows\system32\taskeng.exe
2010-12-17 16:39:22 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-17 16:39:22 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-17 16:35:36 ----A---- C:\Windows\system32\win32k.sys
2010-12-17 16:35:31 ----A---- C:\Windows\system32\consent.exe
2010-12-12 15:51:54 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-12-12 15:51:54 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-12-12 15:51:53 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-12-12 15:51:53 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-12-12 15:51:53 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-12-12 15:51:52 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-12-12 15:51:52 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-12-12 15:51:52 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-12-12 15:51:52 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-12-12 15:51:52 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-12-12 15:51:51 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-12-12 15:51:51 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-12-12 15:51:51 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-12-12 15:51:51 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-12-12 15:51:51 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-12-12 15:51:51 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-12-12 15:51:50 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-12-12 15:51:50 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-12-12 15:51:50 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-12-12 15:51:50 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-12-12 15:51:50 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-12-12 15:51:50 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-12-12 15:51:50 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-12-12 15:51:50 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-12-12 15:51:49 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-12-12 15:51:49 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-12-12 15:51:49 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-12-12 15:51:49 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-12-12 15:51:49 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-12-12 15:51:49 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-12-12 15:51:49 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-12-12 15:51:49 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-12-12 15:51:48 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-12-12 15:51:48 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-12-12 15:51:48 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-12-12 15:49:04 ----D---- C:\Windows\system32\directx
2010-12-12 15:48:32 ----D---- C:\Program Files\Forklift Truck Simulator 2009
2010-12-09 11:36:41 ----D---- C:\Users\admin\AppData\Roaming\AnvSoft
2010-12-09 11:36:39 ----D---- C:\Program Files\AnvSoft
2010-12-09 11:33:09 ----D---- C:\Users\admin\AppData\Roaming\Audacity
2010-12-09 11:33:02 ----D---- C:\Program Files\Audacity 1.3 Beta (Unicode)
2010-12-09 10:59:50 ----D---- C:\Program Files\MP3 Remix
2010-12-09 10:59:50 ----A---- C:\Windows\system32\dfxg115.dll

======List of files/folders modified in the last 1 months======

2010-12-30 14:15:12 ----D---- C:\Windows\Temp
2010-12-30 14:15:08 ----RD---- C:\Program Files
2010-12-30 14:05:36 ----SHD---- C:\System Volume Information
2010-12-30 13:52:22 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-30 13:51:58 ----SHD---- C:\Windows\Installer
2010-12-30 13:51:07 ----D---- C:\Windows\Debug
2010-12-30 13:51:07 ----D---- C:\Windows
2010-12-30 13:48:34 ----D---- C:\Program Files\Common Files
2010-12-30 13:37:03 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2010-12-30 13:36:43 ----AD---- C:\Windows\System32
2010-12-30 13:18:11 ----RSD---- C:\Windows\assembly
2010-12-30 12:50:11 ----SD---- C:\ProgramData\Microsoft
2010-12-30 12:49:57 ----D---- C:\Windows\winsxs
2010-12-30 12:38:15 ----D---- C:\Windows\inf
2010-12-30 12:38:15 ----D---- C:\Program Files\Common Files\microsoft shared
2010-12-30 12:38:14 ----RSD---- C:\Windows\Fonts
2010-12-30 12:38:01 ----SD---- C:\Users\admin\AppData\Roaming\Microsoft
2010-12-30 12:20:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-30 12:14:26 ----D---- C:\RecordFile
2010-12-29 16:40:57 ----D---- C:\Windows\system32\drivers
2010-12-29 12:29:12 ----D---- C:\Windows\system32\catroot2
2010-12-28 17:59:47 ----D---- C:\Program Files\Mozilla Firefox
2010-12-19 07:54:54 ----D---- C:\Windows\rescache
2010-12-18 07:56:36 ----D---- C:\Windows\system32\migration
2010-12-18 07:56:36 ----D---- C:\Program Files\Windows Mail
2010-12-18 07:56:36 ----D---- C:\Program Files\Internet Explorer
2010-12-18 07:56:22 ----HD---- C:\Windows\msdownld.tmp
2010-12-18 07:55:08 ----D---- C:\Windows\system32\sk-SK
2010-12-18 07:54:48 ----D---- C:\Windows\system32\catroot
2010-12-18 07:52:55 ----A---- C:\Windows\system32\mrt.exe
2010-12-17 06:46:50 ----D---- C:\Program Files\Lx_cats
2010-12-12 18:17:33 ----D---- C:\Users\admin\AppData\Roaming\Skype
2010-12-12 16:03:25 ----D---- C:\Users\admin\AppData\Roaming\skypePM
2010-12-09 11:45:49 ----D---- C:\Program Files\Audacity
2010-12-09 11:30:07 ----D---- C:\Temp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-04-15 312344]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-03-13 6656]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\Windows\System32\drivers\sfsync04.sys [2006-03-24 50176]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-11 691696]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-07-18 279376]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R2 null_flt;null_flt; \??\C:\Windows\System32\Drivers\null_flt.sys [2009-11-12 4736]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-12 2381312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-09 2095512]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2008-06-20 112128]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-04-15 118784]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2008-07-15 17960]
S0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\Windows\System32\drivers\sfdrv01.sys [2006-03-26 51200]
S3 adu7oy0j;adu7oy0j; C:\Windows\system32\drivers\adu7oy0j.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-04-16 40960]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2009-12-12 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2009-12-12 107832]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-07-18 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-08-25 77824]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe []
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 lxcc_device;lxcc_device; C:\Windows\system32\lxcccoms.exe [2005-07-06 466944]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2009-11-16 117264]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------




a info


info.txt logfile of random's system information tool 1.08 2010-12-30 14:15:18

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->MsiExec /X{5DB65884-C963-4454-AABA-4CA3089281FA}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x9
Acoustica Beatcraft-->C:\PROGRA~1\ACOUST~1\UNWISE.EXE C:\PROGRA~1\ACOUST~1\INSTALL.LOG
Acoustica Effects Pack-->C:\PROGRA~1\ACOUST~2\UNWISE.EXE C:\PROGRA~1\ACOUST~2\INSTALL.LOG
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -maintain plugin
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1 - Slovak-->MsiExec.exe /I{AC76BA86-7AD7-1051-7B44-A91000000001}
Adobe Shockwave Player-->C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log
Akustický tlmič jednotky CD/DVD-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x001b -removeonly
Any Audio Converter 3.0.7-->"C:\Program Files\AnvSoft\Any Audio Converter\unins000.exe"
Ask Toolbar-->MsiExec.exe /X{86D4B82A-ABED-442A-BE86-96357B70F4FE}
aTube Catcher-->C:\Program Files\DsNET Corp\aTube Catcher 2.0\uninstall.exe
Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"
Audacity 1.3.11 (Unicode)-->"C:\Program Files\Audacity 1.3 Beta (Unicode)\unins000.exe"
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\Setup.exe -runfromtemp -l0x001b
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Client Software-->C:\Program Files\InstallShield Installation Information\{17902F6D-5D4E-49C2-9F7D-87E1EF734AA1}\setup.exe -runfromtemp -l0x0009 -removeonly
Cool Edit Pro 2.0-->C:\Program Files\coolpro2\cep2unin.exe
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13B792AA-C078-43A4-8A3A-8B12D629940D}\Setup.exe" -l0x19
Crash Team Racing (pSX 1.13 emulation)-->C:\Program Files\Crash Team Racing\Uninstal.exe
Dont Get Angry 3 2.0.1.0-->C:\Program Files\Dont Get Angry 3\Uninstall.exe
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x9
EA SPORTS™ NBA LIVE 08-->MsiExec.exe /X{39C8EFBA-042B-11DC-A860-0EE955D89593}
Farm Frenzy-->MsiExec.exe /I{265004A0-39EE-4884-BB8D-74C989147DA3}
FIFA 10-->MsiExec.exe /X{11202615-E557-4ECF-9B86-F59C81E52909}
FM Screen Capture Codec (Remove Only)-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\Windows\INF\fmcodec.inf
Forklift Truck Simulator 2009-->"C:\Program Files\Forklift Truck Simulator 2009\unins000.exe"
HDMI Control Manager-->C:\Program Files\InstallShield Installation Information\{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}\setup.exe -runfromtemp -l0x001b -removeonly
HipHop 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFEBE886-3EF2-4389-96D0-B0808E58BC3E}\SETUP.EXE" -l0x9 -removeonly
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel(R) Matrix Storage Manager-->C:\Windows\system32\imsmudlg.exe -uninstall
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LAME v3.98.3 for Audacity-->"C:\Program Files\Audacity\unins001.exe"
Lexmark 3300 Series-->C:\Windows\system32\spool\DRIVERS\W32X86\3\lxccUNST.EXE -NOLICENSE
Lexmark Fax Solutions-->C:\Program Files\Lexmark Fax Solutions\Install\x86\Uninst.exe
LG Internet Kit-->C:\Program Files\InstallShield Installation Information\{40034B11-149E-4310-AE89-BB575B02525B}\setup.exe -runfromtemp -l0x001b UNINSTALL -removeonly
LG USB Modem Drivers-->MsiExec.exe /I{FA02ACAC-9E14-4878-A257-92A22A647C2C}
Magical Kingdom-->MsiExec.exe /I{E50CE67B-9E1F-4638-AD3A-D33C7889D23E}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (3.6.12)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MP3 Remix Player-->C:\PROGRA~1\MP3REM~1\WMP\UNWISE.EXE C:\PROGRA~1\MP3REM~1\WMP\INSTALL.LOG
Need for Speed™ SHIFT-->MsiExec.exe /X{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}
NVIDIA PhysX-->MsiExec.exe /X{5DB65884-C963-4454-AABA-4CA3089281FA}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 3.1-->MsiExec.exe /I{B1995371-129A-4232-A0C8-E98500B4F317}
PhotoScape-->"C:\Program Files\PhotoScape\uninstall.exe"
Popeláři-->"D:\Program Files\Popeláři\unins000.exe"
Power Sound Editor Free-->C:\PROGRA~1\POWERS~1\UNWISE.EXE C:\PROGRA~1\POWERS~1\INSTALL.LOG
Pro Evolution Soccer 2010-->MsiExec.exe /X{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}
PunkBuster Services-->C:\Windows\system32\pbsvc.exe -u
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x001b -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x9 anything
Security Update for Windows Media Encoder (KB2447961)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={6139D160-F916-4708-953E-68B213BE6B7A} /qb
Security Update for Windows Media Encoder (KB954156)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={E836F1B7-43FB-46B0-A0D9-E4D2A5951659} /qb
Security Update for Windows Media Encoder (KB979332)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={950E24CA-CA7E-4606-8F0D-DEDBC94F2A1E} /qb
Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Softonic-Eng7 Toolbar-->C:\PROGRA~1\SOFTON~1\UNWISE.EXE /U C:\PROGRA~1\SOFTON~1\INSTALL.LOG
Space Station Manager 1.0.7 HIRES-->"D:\Program Files\Space Station Manager\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Hold'em Poker All-in-Edition 2009 DEMO 1.0-->"C:\Program Files\Texas Hold'em Poker All-in-Edition 2009 DEMO\unins000.exe"
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
ToggleEN Toolbar-->C:\PROGRA~1\ToggleEN\UNWISE.EXE /U C:\PROGRA~1\ToggleEN\INSTALL.LOG
Tony Hawk's American Wasteland (TM)-->MsiExec.exe /I{3293C06B-003F-4027-8380-FFD79E38167D}
TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x001b -removeonly
TOSHIBA ConfigFree-->MsiExec.exe /X{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x001b -ADDREMOVE -removeonly
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x041b
TOSHIBA Face Recognition-->"C:\Program Files\InstallShield Installation Information\{C730E42C-935A-45BB-A0C5-37E5234D111B}\setup.exe" -runfromtemp -l0x041b -removeonly
TOSHIBA Face Recognition-->MsiExec.exe /I{C730E42C-935A-45BB-A0C5-37E5234D111B}
TOSHIBA Hardware Setup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2883F6F5-0509-43F3-868C-D50330DD9DD3}\setup.exe" -l0x1b
TOSHIBA Recovery Disc Creator-->MsiExec.exe /X{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA Supervisor Password-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4B1E87C3-00DE-4898-8E39-E390AAEF2391}\setup.exe" -l0x1b
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x041b
UseNeXT-->"C:\Program Files\UseNeXT\unins000.exe"
Vista Codec Package-->MsiExec.exe /I{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
WinPcap 4.1.1-->"C:\Program Files\WinPcap\uninstall.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Woodcutter Simulator-->"D:\Program Files\Woodcutter Simulator\uninstall.exe"

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: TOSHIBA
Event Code: 4374
Message: Služba Windows Servicing zistila, že balík KB978886(Security Update) nie je použiteľný pre tento systém
Record Number: 114362
Source Name: Microsoft-Windows-Servicing
Time Written: 20100812194239.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: TOSHIBA
Event Code: 4374
Message: Služba Windows Servicing zistila, že balík KB978886(Security Update) nie je použiteľný pre tento systém
Record Number: 114354
Source Name: Microsoft-Windows-Servicing
Time Written: 20100812194239.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: TOSHIBA
Event Code: 4374
Message: Služba Windows Servicing zistila, že balík KB905866(Update) nie je použiteľný pre tento systém
Record Number: 114340
Source Name: Microsoft-Windows-Servicing
Time Written: 20100812194105.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: TOSHIBA
Event Code: 7000
Message: Spustenie služby TOSHIBA Bluetooth Service zlyhalo kvôli nasledujúcej chybe:
Systém nemôže nájsť zadaný súbor.
Record Number: 114294
Source Name: Service Control Manager
Time Written: 20100812193232.000000-000
Event Type: Error
User:

Computer Name: TOSHIBA
Event Code: 3004
Message: Windows Defender Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. Windows Defender can't undo changes that you allow.
For more information please see the following:
Not Applicable
Scan ID: {610E605F-11CC-4320-9873-024736630329}
User: TOSHIBA\admin
Name: Unknown
ID:
Severity ID:
Category ID:
Path Found: regkey:HKCU@S-1-5-21-1034233192-1315924873-3047747250-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ;runkey:HKCU@S-1-5-21-1034233192-1315924873-3047747250-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ;file:C:\Program Files\ICQ7.2\ICQ.exe
Alert Type: Unclassified software
Detection Type:
Record Number: 114239
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20100812193151.000000-000
Event Type: Warning
User:

=====Application event log=====

Computer Name: TOSHIBA
Event Code: 3026
Message: Advise Status Change failed. The system is probably low on resources. Free up resources and restart the service.

Context: Windows Application, SystemIndex Catalog

Details:
The content index service was stopped. (0x80041812)

Record Number: 791
Source Name: Microsoft-Windows-Search
Time Written: 20090921192554.000000-000
Event Type: Error
User:

Computer Name: TOSHIBA
Event Code: 3026
Message: Advise Status Change failed. The system is probably low on resources. Free up resources and restart the service.

Context: Windows Application, SystemIndex Catalog

Details:
The content index service was stopped. (0x80041812)

Record Number: 790
Source Name: Microsoft-Windows-Search
Time Written: 20090921192554.000000-000
Event Type: Error
User:

Computer Name: TOSHIBA
Event Code: 3026
Message: Advise Status Change failed. The system is probably low on resources. Free up resources and restart the service.

Context: Windows Application, SystemIndex Catalog

Details:
The content index service was stopped. (0x80041812)

Record Number: 789
Source Name: Microsoft-Windows-Search
Time Written: 20090921192554.000000-000
Event Type: Error
User:

Computer Name: TOSHIBA
Event Code: 1008
Message: The Windows Search Service is attempting to remove the old catalog.

Record Number: 783
Source Name: Microsoft-Windows-Search
Time Written: 20090921192542.000000-000
Event Type: Warning
User:

Computer Name: WIN-S7QEOHXJYJ7
Event Code: 1036
Message: InitializePrintProvider failed for provider inetpp.dll. This can occur because of system instability or a lack of system resources.
Record Number: 765
Source Name: Microsoft-Windows-SpoolerSpoolss
Time Written: 20090921191756.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: TOSHIBA
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 12076
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091226054758.943763-000
Event Type: Audit Success
User:

Computer Name: TOSHIBA
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: TOSHIBA$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x2d4
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 12075
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091226054758.943763-000
Event Type: Audit Success
User:

Computer Name: TOSHIBA
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: TOSHIBA$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x2d4
Process Name: C:\Windows\System32\services.exe

Network Information:
Network Address: -
Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 12074
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091226054758.943763-000
Event Type: Audit Success
User:

Computer Name: TOSHIBA
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 12073
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091226054758.928163-000
Event Type: Audit Success
User:

Computer Name: TOSHIBA
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: TOSHIBA$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x2d4
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 12072
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091226054758.928163-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE

-----------------EOF-----------------

Re: Spomalený notebook a internet

Napsal: 30 pro 2010 14:49
od vyosek
Zdravim a pekny den preji :)

:arrow: Nejak nevidim v logu zakladni zabezpeceni v podobe antiviru, co prosim pouzivate :???:

:arrow: Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

Re: Spomalený notebook a internet

Napsal: 30 pro 2010 15:01
od mifoIV
Toto je babkyn notebook a ja som tu teraz na prazdninach a vravela mi ze je spomaleny.Ale idem hned avast stiahnut len som chcel sem napisat

Tu je ten log:


############################## | UsbFix 7.014 | [Deletion]

User: admin (Administrator) # TOSHIBA [TOSHIBA Satellite A300]
Updated 24/06/10 by El Desaparecido / C_XX
Started at 14:52:09 | 30/12/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Microsoft® Windows Vista™ Home Premium (6.0.6002 32-Bit) # Service Pack 2
Internet Explorer 8.0.6001.18999

Windows Firewall: Enabled
RAM -> 2939 Mb
C:\ (%systemdrive%) -> Fixed drive # 74 Gb (7 Mb free - 9%) [Vista] # NTFS
D:\ -> Fixed drive # 117 Gb (55 Mb free - 47%) [DATA] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> Fixed drive # 932 Gb (359 Mb free - 39%) [USB-HDD] # NTFS

################## | Files # Infected Folders |

Deleted ! H:\Autorun.inf

################## | Registry |


################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\H
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{36ad0049-ba4e-11de-a645-001e33b0a409}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{741fa736-2310-11df-bbf6-0022faa91fde}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{88a676fc-11c3-11e0-a980-001e33b0a409}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{cafa98f0-feee-11df-9f81-0022faa91fde}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{cccc3529-583d-11df-a0ec-001e33b0a409}

################## | Listing |

[30/12/2010 - 14:56:04 | SHD ] C:\$RECYCLE.BIN
[18/09/2006 - 22:43:36 | A | 24] C:\autoexec.bat
[21/09/2009 - 21:46:49 | SHD ] C:\Boot
[11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr
[17/07/2008 - 09:41:30 | RAS | 8192] C:\BOOTSECT.BAK
[17/10/2010 - 12:47:49 | A | 682] C:\CDFE.log
[18/09/2006 - 22:43:37 | A | 10] C:\config.sys
[02/11/2006 - 14:02:03 | SHD ] C:\Documents and Settings
[22/09/2009 - 15:53:00 | D ] C:\DownLoad
[31/10/2010 - 22:25:37 | D ] C:\eJay
[30/12/2010 - 12:13:53 | ASH | 3082805248] C:\hiberfil.sys
[17/07/2008 - 10:23:04 | D ] C:\Intel
[17/10/2010 - 12:44:08 | A | 0] C:\lxccfire.000
[17/10/2010 - 12:47:47 | A | 0] C:\lxccfire.csv
[17/10/2010 - 12:44:43 | A | 576] C:\LXCCINST.000
[17/10/2010 - 12:48:27 | A | 719] C:\LXCCINST.csv
[05/10/2010 - 17:13:50 | D ] C:\output
[30/12/2010 - 12:13:52 | ASH | 3396399104] C:\pagefile.sys
[22/09/2009 - 15:53:00 | D ] C:\Picture
[30/12/2010 - 14:15:08 | RD ] C:\Program Files
[19/11/2010 - 16:46:20 | HD ] C:\ProgramData
[30/12/2010 - 12:14:26 | D ] C:\RecordFile
[30/12/2010 - 14:52:53 | RSHD ] C:\RECYCLER
[17/07/2008 - 10:37:45 | A | 651] C:\RHDSetup.log
[30/12/2010 - 14:15:18 | D ] C:\rsit
[22/09/2009 - 15:53:00 | D ] C:\SaveRemoteCfgFile
[22/09/2009 - 14:19:48 | D ] C:\sdklog
[17/07/2008 - 10:45:01 | A | 86] C:\setup.log
[03/02/2009 - 11:41:10 | AH | 335] C:\SWSTAMP.TXT
[30/12/2010 - 14:05:36 | SHD ] C:\System Volume Information
[09/12/2010 - 11:30:07 | D ] C:\Temp
[21/09/2009 - 20:36:56 | D ] C:\Toshiba
[30/12/2010 - 14:56:04 | D ] C:\UsbFix
[30/12/2010 - 14:52:42 | A | 3064] C:\UsbFix.txt
[21/09/2009 - 20:29:46 | RD ] C:\Users
[30/12/2010 - 13:51:07 | D ] C:\Windows
[17/07/2008 - 11:18:20 | D ] C:\Works
[03/02/2009 - 10:21:24 | AT | 25592] C:\_wdsuef.dmp
[30/12/2010 - 14:56:04 | SHD ] D:\$RECYCLE.BIN
[02/03/2010 - 09:29:17 | D ] D:\busta-by.VIPER
[30/12/2010 - 13:49:56 | A | 40070] D:\cc_20101230_134932.reg
[30/12/2010 - 13:50:16 | A | 510] D:\cc_20101230_135011.reg
[30/12/2010 - 13:50:28 | A | 290] D:\cc_20101230_135026.reg
[26/06/2010 - 20:39:21 | A | 4322378] D:\doremeco.exe
[30/12/2010 - 12:14:26 | D ] D:\Download
[11/09/2009 - 23:43:49 | D ] D:\DS-7000HI-S
[11/12/2009 - 23:26:12 | D ] D:\fAr crz 2
[04/04/2010 - 09:02:19 | D ] D:\gta
[02/12/2008 - 18:30:00 | A | 7314339840] D:\GTA IV DVD 2.iso
[04/04/2010 - 10:24:29 | D ] D:\gta2
[04/04/2010 - 10:55:01 | D ] D:\gta3
[12/12/2009 - 14:20:05 | D ] D:\gtra
[16/10/2009 - 15:46:16 | D ] D:\Hudba
[06/04/2010 - 06:43:36 | D ] D:\mafia
[05/04/2010 - 07:07:33 | D ] D:\motorm4x_by_willymen
[12/12/2010 - 15:51:28 | HD ] D:\msdownld.tmp
[09/07/2010 - 08:37:57 | D ] D:\nokia 6220 clasicss gps subory otvorit pam..kartu a prilepit
[01/04/2010 - 06:41:23 | D ] D:\PES2010
[30/12/2010 - 12:14:26 | D ] D:\Picture
[30/12/2010 - 13:53:40 | D ] D:\Program Files
[26/06/2010 - 20:36:52 | A | 284396] D:\Project1.exe
[01/04/2010 - 08:37:17 | A | 46792819] D:\rebuilt.pro.evolution.soccer.2010_reloaded.part17.rar
[30/12/2010 - 12:14:26 | D ] D:\RecordFile
[30/12/2010 - 12:14:26 | D ] D:\SaveRemoteCfgFile
[26/06/2010 - 20:44:35 | A | 260400] D:\SoftonicDownloader70211.exe
[12/06/2010 - 13:34:51 | A | 13988407] D:\SpaceStationManager.rar
[04/04/2010 - 14:32:26 | D ] D:\street
[22/09/2009 - 07:08:19 | SHD ] D:\System Volume Information
[09/12/2010 - 11:30:07 | D ] D:\temp
[12/06/2010 - 15:33:17 | A | 27317311] D:\TotoJeHipHop_videoklip.wmv
[08/11/2009 - 15:19:59 | D ] D:\Videa
[30/12/2010 - 14:56:04 | SHD ] H:\$RECYCLE.BIN
[05/12/2010 - 14:05:36 | D ] H:\3gp
[26/11/2010 - 19:47:09 | AH | 244] H:\autorunOFF.zip
[09/12/2010 - 19:56:31 | D ] H:\CrashTeamRacing-pSX
[28/12/2010 - 17:22:30 | RD ] H:\Filmy
[29/12/2010 - 03:16:25 | RD ] H:\Hry
[28/12/2010 - 17:23:16 | D ] H:\Hudba
[05/12/2010 - 14:08:48 | D ] H:\Iné
[29/12/2010 - 18:13:00 | HD ] H:\kama
[28/12/2010 - 17:34:55 | D ] H:\Nový priečinok
[30/12/2010 - 12:14:26 | D ] H:\RecordFile
[05/12/2010 - 15:40:58 | HD ] H:\Recycled
[30/12/2010 - 14:52:53 | SHD ] H:\RECYCLER
[28/12/2010 - 17:24:01 | D ] H:\Softvare
[29/12/2010 - 03:11:09 | SHD ] H:\System Volume Information
[02/12/2010 - 19:34:49 | RHD ] H:\TOPILA

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
H:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_TOSHIBA.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution.

################## | E.O.F |

Re: Spomalený notebook a internet

Napsal: 30 pro 2010 15:02
od vyosek
Jasny, zatim tedy nainstalujte Avast a ja mezitim napisi skript na vycisteni PC...

Re: Spomalený notebook a internet

Napsal: 30 pro 2010 15:11
od vyosek
Jeste pred mazanim poprosim o jeden test
:arrow: Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
  • C:\ProgramData\SysMon\ASK.dll
  • Kliknete na Prochazet
  • Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
  • Pokud napise Soubor byl jiz testovan, dejte otestovat znovu
  • Kliknete na Otestovat soubor
  • Vysledek analyzy sem vlozte (jako odkaz)

Re: Spomalený notebook a internet

Napsal: 30 pro 2010 15:37
od mifoIV
hadam je to ono

http://www.virustotal.com/file-scan/rep ... 1293719633


a este jeden
http://www.virustotal.com/file-scan/rea ... 1293719633

Re: Spomalený notebook a internet

Napsal: 30 pro 2010 15:42
od vyosek
:arrow: Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

:arrow: Stahnete OTM (viz muj podpis)
  • Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

  • Kód: Vybrat vše

    :reg
[HKCU\Software\Microsoft\Internet Explorer\Main]
"Start Page"="www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
"{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"=-
"{038cb5c7-48ea-4af9-94e0-a1646542e62b}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"=-
"{855F3B16-6D32-4FE6-8A56-BBB695989046}"=-
"{038cb5c7-48ea-4af9-94e0-a1646542e62b}"=-
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NDSTray.exe"=-
"cfFncEnabler.exe"=-
"Toshiba Registration"=-
"SunJavaUpdateSched"=-
"Adobe Reader Speed Launcher"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=-
"psysnew"=-
"WMPNSCFG"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

:services
ICQ Service

:files
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1034233192-1315924873-3047747250-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1034233192-1315924873-3047747250-1000UA.job
C:\Program Files\Ask.com
C:\Program Files\ICQ6Toolbar
:\Program Files\Softonic-Eng7\tbSoft.dll
:\Program Files\ToggleEN\tbTogg.dll
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
  • Kliknete na cervene tlacitko MoveIt!
  • Sem pote dejte obsah okna Results (pod zelenou carou)
  • Pokud budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles

Re: Spomalený notebook a internet

Napsal: 30 pro 2010 16:01
od mifoIV
All processes killed
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"www.google.com" /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{038cb5c7-48ea-4af9-94e0-a1646542e62b} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{038cb5c7-48ea-4af9-94e0-a1646542e62b} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NDSTray.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\cfFncEnabler.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Toshiba Registration deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\TOSCDSPD deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\psysnew deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google EULA Launcher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
========== SERVICES/DRIVERS ==========
Error: No service named ICQ Service was found to stop!
Service\Driver key ICQ Service not found.
========== FILES ==========
File/Folder C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455 not found.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1034233192-1315924873-3047747250-1000Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1034233192-1315924873-3047747250-1000UA.job moved successfully.
C:\Program Files\Ask.com folder moved successfully.
C:\Program Files\ICQ6Toolbar folder moved successfully.
Error: Unable to interpret <:\Program Files\Softonic-Eng7\tbSoft.dll> in the current context!
Error: Unable to interpret <:\Program Files\ToggleEN\tbTogg.dll> in the current context!
Error: Unable to interpret <%windir%\system32\*.tmp.dll /s> in the current context!
Error: Unable to interpret <%windir%\system32\SET*.tmp /s> in the current context!
Error: Unable to interpret <%windir%\*.tmp /s> in the current context!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: admin
->Temp folder emptied: 525052877 bytes
->Temporary Internet Files folder emptied: 7567122 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 52682742 bytes
->Google Chrome cache emptied: 171541328 bytes
->Flash cache emptied: 2498 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33239 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 722,00 mb


OTM by OldTimer - Version 3.1.17.2 log created on 12302010_155057

Files moved on Reboot...
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Re: Spomalený notebook a internet

Napsal: 30 pro 2010 17:16
od vyosek
Jdeme dale :James008:

:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za 14 dni

:arrow: Doporucuji provest defragmentaci disku
  • Nejjednodussi (ale nejmene ucinny) zpusob je pomoci utility ve windowsech
    • Kliknete na Tento pocitac, dale na disk kliknete pravym tlacitkem, vyberte Vlastnosti
    • prepnete se do zalozky Nastroje
    • Nyni vidite pomucky Defragmentace - spustte ji kliknutim na Defragmentovat
    • Toto provedte se vsemi disky
  • Dalsi moznosti (a mnou doporucenou) je pres programek Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
    • Program stahnete, nainstalujte (dejte fajfku pryc u yahoo toolbaru) a spustte
    • Kliknete na Analyzovat
    • Pokud je ve sloupci Fragmentováno vice jak 5%, doporucuji provest defragmentaci (klik na Defragmentovat)
    • Postup provedte se vsemi disky
  • Posledni moznost je pres jednoduchy programek JKDefrag http://www.stahuj.centrum.cz/utility_a_ ... /jkdefrag/
    • Vyhodou programku je, ze se neinstaluje
    • Staci tedy jen stahnout dle verze vaseho OS a rozbalit
    • Nasledne spustit pomoci souboru JKDefrag pripadne JKDefrag64
    • Probehne analyza disku a nasledne i defragmentace
:arrow: Napiste jak se chova PC
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz