VIRY.CZ

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jarin at 2010-03-21 01:14:07
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 671 MB (2%) free of 40 GB
Total RAM: 2047 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:14:21, on 21.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
I:\Program Files\ASUS\AI Booster\OverClk.exe
I:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
I:\Program Files\Umax\Software\Mrphoto\Smart Start UP\PnPDetect.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
I:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
C:\WINDOWS\system32\ctfmon.exe
I:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
I:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
I:\Program Files\SetPoint\SetPoint.exe
I:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
I:\Program Files\Umax\PowerScan 6950\Am32Plus.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
I:\Program Files\TitleTime\TiTime.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
I:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
I:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
I:\Program Files\Screamer Radio\screamer.exe
I:\Program Files\ConMet\ConMet.exe
C:\Documents and Settings\Jarin\Plocha\RSIT.exe
I:\Program Files\trend micro\Jarin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = local;host:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\Jarin\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - I:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - I:\Program Files\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - I:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\Jarin\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - I:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - I:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Launch Ai Booster] "I:\Program Files\ASUS\AI Booster\OverClk.exe"
O4 - HKLM\..\Run: [IAAnotif] "I:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Smart Start UP] I:\Program Files\Umax\Software\Mrphoto\Smart Start UP\PnPDetect.exe /Automation
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [StartCCC] "I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ConMet] I:\Program Files\ConMet\ConMet.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ScreenManager Pro for LCD] I:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EPSON PX700W Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE /FU "C:\DOCUME~1\Jarin\LOCALS~1\Temp\E_S1FF.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [DriverMax_RESTART] "I:\Program Files\Innovative Solutions\DriverMax\devices.exe" -RESTART
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: TitleTime.lnk = I:\Program Files\TitleTime\TiTime.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = I:\Program Files\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: ScanWorks(Umax PowerScan 6950).lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Send To &Bluetooth - I:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\Jarin\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\Jarin\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\Jarin\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\Jarin\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\Jarin\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\Jarin\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\Jarin\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\Jarin\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\Jarin\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - I:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - I:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.windowsupdate.com
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - https://www-secure.symantec.com/techsup ... gctlsr.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - I:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cobian Backup 9 služba (CobianBackupAmanita) - Luis Cobian - I:\Program Files\Cobian Backup 9\cbService.exe
O23 - Service: Google Update Service (gupdate1c99351c873b4f0) (gupdate1c99351c873b4f0) - Google Inc. - I:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - I:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - I:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NBService - Nero AG - I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - I:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O24 - Desktop Component 0: (no name) - (no file)

--
End of file - 11305 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Norton Security Scan for Jarin.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\Jarin\Data aplikací\LangSoft\WebIE.dll [2009-09-10 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - I:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll [2009-12-10 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - I:\Program Files\Norton Internet Security\Engine\17.5.0.127\IPSBHO.DLL [2009-11-17 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - I:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - I:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-11 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\Jarin\Data aplikací\LangSoft\WebIE.dll [2009-09-10 520192]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - I:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - I:\Program Files\Norton Internet Security\Engine\17.5.0.127\coIEPlg.dll [2009-12-10 394608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"Launch Ai Booster"=I:\Program Files\ASUS\AI Booster\OverClk.exe [2006-12-08 3714048]
"IAAnotif"=I:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-07-12 178712]
"Smart Start UP"=I:\Program Files\Umax\Software\Mrphoto\Smart Start UP\PnPDetect.exe [2003-01-21 98304]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-31 16806912]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"StartCCC"=I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]
"Adobe Reader Speed Launcher"=I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"ConMet"=I:\Program Files\ConMet\ConMet.exe [2010-03-14 4019200]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]
"ScreenManager Pro for LCD"=I:\Program Files\EIZO\ScreenManager Pro for LCD\Lcdctrl.exe [2007-08-30 10937640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"EPSON PX700W Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIENE.EXE [2008-04-07 188928]
"DriverMax_RESTART"=I:\Program Files\Innovative Solutions\DriverMax\devices.exe [2010-01-18 9072032]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
BTTray.lnk - I:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Logitech SetPoint.lnk - I:\Program Files\SetPoint\SetPoint.exe
Microsoft Office.lnk - I:\Program Files\Microsoft Office\Office\OSA9.EXE
ScanWorks(Umax PowerScan 6950).lnk - I:\Program Files\Umax\PowerScan 6950\Am32Plus.exe

C:\Documents and Settings\Jarin\Nabídka Start\Programy\Po spuštění
TitleTime.lnk - I:\Program Files\TitleTime\TiTime.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-07-21 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=144
"MaxRecentDocs"=16
"NoDrives"=00000000
"NoSharedDocuments"=01000000
"GreyMSIAds"=1
"NoUserNameInStartMenu"=1
"StartMenuLogOff"=1
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"I:\Program Files\Skype\Plugin Manager\skypePM.exe"="I:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"I:\Program Files\Opera\opera.exe"="I:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"I:\Program Files\Screamer Radio\screamer.exe"="I:\Program Files\Screamer Radio\screamer.exe:*:Enabled:Screamer Radio"
"C:\Documents and Settings\Jarin\Local Settings\Temp\7zSC.tmp\SymNRT.exe"="C:\Documents and Settings\Jarin\Local Settings\Temp\7zSC.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"
"I:\Program Files\Skype\Phone\Skype.exe"="I:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-03-21 01:14:12 ----D---- I:\Program Files\trend micro
2010-03-21 01:14:07 ----D---- C:\rsit
2010-03-12 15:34:25 ----A---- C:\WINDOWS\DEBUGSM.INI
2010-03-10 16:51:45 ----A---- C:\WINDOWS\system32\lsdelete.exe
2010-03-04 23:00:57 ----D---- C:\Documents and Settings\Jarin\Data aplikací\Download Manager
2010-03-03 17:57:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2010-03-03 16:20:45 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-03-03 16:20:34 ----D---- I:\Program Files\Lavasoft
2010-03-01 11:55:02 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-03-01 11:55:02 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-02-28 16:50:26 ----D---- C:\WINDOWS\system32\DRM
2010-02-28 16:24:31 ----D---- I:\Program Files\Microsoft Silverlight
2010-02-28 01:02:15 ----D---- C:\Documents and Settings\Jarin\Data aplikací\vlc
2010-02-26 22:52:38 ----A---- C:\WINDOWS\system32\lvci1201278.dll
2010-02-26 22:28:46 ----A---- C:\WINDOWS\system32\yk51x86.dll
2010-02-26 22:05:16 ----A---- C:\WINDOWS\system32\aticalrt.dll
2010-02-26 22:05:16 ----A---- C:\WINDOWS\system32\aticaldd.dll
2010-02-26 22:05:16 ----A---- C:\WINDOWS\system32\aticalcl.dll
2010-02-24 12:31:08 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-23 15:20:55 ----D---- I:\Program Files\Sun
2010-02-23 00:47:09 ----A---- C:\WINDOWS\system32\atrace.dll

======List of files/folders modified in the last 1 months======

2010-03-21 01:14:07 ----D---- C:\WINDOWS\Prefetch
2010-03-21 01:13:57 ----D---- C:\WINDOWS\Temp
2010-03-21 00:59:38 ----D---- C:\WINDOWS
2010-03-21 00:58:36 ----D---- C:\Documents and Settings\Jarin\Data aplikací\Skype
2010-03-21 00:10:12 ----SHD---- C:\WINDOWS\Installer
2010-03-21 00:08:38 ----RD---- I:\Program Files\Skype
2010-03-21 00:08:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-03-21 00:07:13 ----D---- I:\Program Files\Opera
2010-03-21 00:00:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\ConMet
2010-03-20 23:20:08 ----D---- C:\WINDOWS\Microsoft.NET
2010-03-20 23:04:39 ----D---- C:\Documents and Settings\Jarin\Data aplikací\ConMet
2010-03-20 22:07:31 ----D---- C:\WINDOWS\network diagnostic
2010-03-20 21:50:56 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-20 21:50:55 ----D---- C:\WINDOWS\system32\drivers
2010-03-20 21:49:00 ----SHD---- C:\System Volume Information
2010-03-20 21:47:52 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-03-20 16:01:57 ----D---- C:\Documents and Settings\Jarin\Data aplikací\skypePM
2010-03-20 01:26:56 ----A---- C:\WINDOWS\WTRAN32.INI
2010-03-19 01:01:50 ----D---- C:\WINDOWS\Debug
2010-03-19 01:00:21 ----D---- I:\Program Files\CCleaner
2010-03-19 00:34:48 ----D---- C:\WINDOWS\system32
2010-03-19 00:34:47 ----HD---- C:\WINDOWS\inf
2010-03-19 00:34:45 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-19 00:24:54 ----A---- C:\WINDOWS\win.ini
2010-03-19 00:20:59 ----D---- C:\WINDOWS\Media
2010-03-16 16:31:56 ----SD---- C:\WINDOWS\Tasks
2010-03-16 16:26:57 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-03-16 00:21:17 ----D---- C:\Documents and Settings\Jarin\Data aplikací\dvdcss
2010-03-16 00:09:16 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-14 00:55:29 ----D---- I:\Program Files\ConMet
2010-03-12 15:34:25 ----D---- C:\Documents and Settings\Jarin\Data aplikací\Epson
2010-03-11 02:26:44 ----D---- I:\Program Files\Mozilla Firefox
2010-03-10 16:16:41 ----A---- C:\WINDOWS\ODBC.INI
2010-03-10 16:15:59 ----D---- C:\WINDOWS\ShellNew
2010-03-03 17:57:08 ----D---- C:\WINDOWS\system32\dllcache
2010-03-03 16:23:31 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-03 16:20:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-03-02 12:22:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-02 06:30:12 ----A---- C:\WINDOWS\system32\MRT.exe
2010-03-01 04:09:40 ----D---- C:\WINDOWS\security
2010-02-28 17:06:03 ----RSD---- C:\WINDOWS\assembly
2010-02-28 17:06:01 ----D---- C:\WINDOWS\system32\cs-cz
2010-02-28 16:50:27 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-28 13:18:16 ----D---- C:\Program Files\Common Files\LogiShrd
2010-02-28 12:05:52 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-26 22:51:57 ----D---- I:\Program Files\Logitech
2010-02-24 12:31:21 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-23 22:40:16 ----D---- C:\Documents and Settings\Jarin\Data aplikací\???????sAppData
2010-02-23 22:11:17 ----D---- I:\Program Files\microsoft frontpage
2010-02-23 22:11:17 ----D---- C:\WINDOWS\msapps
2010-02-23 22:11:16 ----D---- C:\WINDOWS\system
2010-02-23 22:11:16 ----D---- C:\Temp
2010-02-23 01:12:40 ----D---- C:\WINDOWS\Registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-19 12664]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100211.001\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NIS\1105000.07F\ccHPx86.sys [2009-12-09 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NIS\1105000.07F\SRTSP.SYS [2009-12-03 325168]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NIS\1105000.07F\SRTSPX.SYS [2009-12-03 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NIS\1105000.07F\Ironx86.SYS [2009-11-26 116272]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NIS\1105000.07F\SYMTDI.SYS [2009-11-22 362032]
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2010-02-12 123280]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2010-02-12 41680]
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2009-06-17 10384]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-07-21 3565056]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2003-09-15 30235]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100312.001\IDSxpx86.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-06 4755968]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 LVPr2Mon;LVPr2Mon Driver; C:\WINDOWS\system32\Drivers\LVPr2Mon.sys [2009-10-07 25752]
R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2009-05-01 265496]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2008-12-17 41752]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100320.004\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100320.004\NAVEX15.SYS []
R3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2009-04-30 13976]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2009-04-30 2687512]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-12-03 47408]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2010-02-12 99152]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2010-02-12 110096]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2010-01-08 299008]
S1 e1dA;e1dA; \??\C:\WINDOWS\system32\drivers\e1dA.SYS []
S2 c76B;c76B; \??\C:\WINDOWS\system32\drivers\c76B.SYS []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2003-09-15 51848]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 emAudio;PCTV USB2 2821 Audio; C:\WINDOWS\system32\drivers\emAudio.sys [2004-04-26 19712]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2009-02-17 85969]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 IPFilter;Microsoft IntelliPoint Features driver; C:\WINDOWS\system32\DRIVERS\IPFilter.sys []
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2009-06-17 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2009-06-17 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2009-06-17 79248]
S3 LUsbKbd;Logitech SetPoint USB Filter Driver; C:\WINDOWS\system32\drivers\LUsbKbd.sys [2005-03-10 14592]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2007-01-15 9728]
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-04-16 5888]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-09-05 176128]
S3 sermouse;Serial Mouse Driver; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-12-03 47408]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VBoxTAP;VirtualBox TAP Adapter; C:\WINDOWS\system32\DRIVERS\VBoxTAP.sys [2008-05-31 47584]
S3 VBoxUSB;VirtualBox USB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [2010-02-12 31824]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-07-21 602112]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; I:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2003-09-15 135168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; I:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840]
R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre6\bin\jqs.exe [2009-12-17 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-10-16 73728]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 NIS;Norton Internet Security; I:\Program Files\Norton Internet Security\Engine\17.5.0.127\ccSvcHst.exe [2009-12-09 126392]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-01-13 593920]
S2 gupdate1c99351c873b4f0;Google Update Service (gupdate1c99351c873b4f0); I:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-20 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 CobianBackupAmanita;Cobian Backup 9 služba; I:\Program Files\Cobian Backup 9\cbService.exe [2009-01-22 583168]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-31 136120]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; I:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-03 1229232]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 NBService;NBService; I:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S3 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; I:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Děkuji. JaB.

Zdravím

Na logu se pracuje, prosím o strpení.

Odinstalujte Ad-Aware.

Obrázek

Tohle otestujte na http://www.virustotal.com/cs/
C:\WINDOWS\system32\lvci1201278.dll

(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)

Obrázek

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478

Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

Záložka Čistič
Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

Záložka Registry
Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít

Jsou s PC nějaké problémy

Posílám vyžádaný log.
Jdu odinstalovat AdAware. Jinak tu proceduru pomocí CCleaneru dělám běžně skoro každý týden.Po odinstalaci AdAwaru to samozřejmě provedu znovu.
S PC se zdá že žádné problémy nejsou. Akorát asi před 3 dny se mi při práci zaseknulo PC (zrovna při tisku) a musel jsem restartovat,což se mi ještě nikdy nestalo.Po restartu vyskočilo pár oken Nortona,který oznamoval žádost o povolení k připojení k serveru DNS,mezi nimi i AdAvare s přídavkem,že soubor byl pozměněn.Vše jsem zakázal (ty ostatní si bohužel nepamatuji).Mezitím vyskočila hláška,že program MatrixStorage přeskupuje a obnovuje data,což trvalo asi 30 min (mám Raid1).Pro klid duše jsem si proto od vás vyžádal kontrolu logu.

Soubor lvci1201278.dll přijatý 2010.03.22 14:15:51 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 0/42 (0%)

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.03.22 -
AhnLab-V3 5.0.0.2 2010.03.22 -
AntiVir 8.2.1.196 2010.03.22 -
Antiy-AVL 2.0.3.7 2010.03.19 -
Authentium 5.2.0.5 2010.03.22 -
Avast 4.8.1351.0 2010.03.22 -
Avast5 5.0.332.0 2010.03.22 -
AVG 9.0.0.787 2010.03.22 -
BitDefender 7.2 2010.03.22 -
CAT-QuickHeal 10.00 2010.03.22 -
ClamAV 0.96.0.0-git 2010.03.22 -
Comodo 4350 2010.03.22 -
DrWeb 5.0.1.12222 2010.03.22 -
eSafe 7.0.17.0 2010.03.21 -
eTrust-Vet 35.2.7381 2010.03.22 -
F-Prot 4.5.1.85 2010.03.22 -
F-Secure 9.0.15370.0 2010.03.22 -
Fortinet 4.0.14.0 2010.03.22 -
GData 19 2010.03.22 -
Ikarus T3.1.1.80.0 2010.03.22 -
Jiangmin 13.0.900 2010.03.22 -
K7AntiVirus 7.10.1002 2010.03.19 -
Kaspersky 7.0.0.125 2010.03.22 -
McAfee 5927 2010.03.21 -
McAfee+Artemis 5927 2010.03.21 -
McAfee-GW-Edition 6.8.5 2010.03.22 -
Microsoft 1.5605 2010.03.22 -
NOD32 4965 2010.03.22 -
Norman 6.04.09 2010.03.22 -
nProtect 2009.1.8.0 2010.03.22 -
Panda 10.0.2.2 2010.03.22 -
PCTools 7.0.3.5 2010.03.22 -
Prevx 3.0 2010.03.22 -
Rising 22.40.00.04 2010.03.22 -
Sophos 4.51.0 2010.03.22 -
Sunbelt 6025 2010.03.22 -
Symantec 20091.2.0.41 2010.03.22 -
TheHacker 6.5.2.0.241 2010.03.22 -
TrendMicro 9.120.0.1004 2010.03.22 -
VBA32 3.12.12.2 2010.03.19 -
ViRobot 2010.3.22.2238 2010.03.22 -
VirusBuster 5.0.27.0 2010.03.21 -
Rozšiřující informace
File size: 199192 bytes
MD5...: 1ff3f511a657f8f7c352d1016a2ebf72
SHA1..: 131c9d15f6c50e56c0946ab9d11f470a1d23321c
SHA256: 07a646b9a274addaf405c08bcf891a3fa9436610cb45b257f69a73d2ab05d9d2
ssdeep: 3072:+tzlferUq90oWvVktUSuslqLiKs5sqBzKYbuSe7JbVot3OKm5:kfeoU0rvV
QlisOX3Sq35
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xaf48
timedatestamp.....: 0x49fa294e (Thu Apr 30 22:42:22 2009)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x223ea 0x23000 6.60 7029a7461bea48ebaa882077126e262a
.rdata 0x24000 0x5f97 0x6000 5.69 83343404035ca3da65972c0f65dbd66d
.data 0x2a000 0x2dac 0x2000 1.56 f0cc716406251415098d86e71c099ea7
.rsrc 0x2d000 0xa3c 0x1000 4.16 1cfbdec6f4735862203307c097bc0141
.reloc 0x2e000 0x188a 0x2000 5.77 757ca95181a21aea04408d87d50bacbb

( 8 imports )
> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA
> SETUPAPI.dll: SetupDiOpenClassRegKey, SetupDiGetDriverInfoDetailA, SetupDiGetSelectedDriverA, SetupCloseInfFile, SetupGetLineTextA, SetupOpenInfFileA, SetupDiGetDeviceRegistryPropertyA, SetupDiGetDeviceInstallParamsA, SetupDiOpenDevRegKey, SetupDiSetDeviceInstallParamsA, SetupFindFirstLineA, SetupGetStringFieldA, SetupGetSourceInfoA
> SHLWAPI.dll: SHDeleteValueA
> KERNEL32.dll: EnumSystemLocalesA, GetLocaleInfoA, GetUserDefaultLCID, GetDateFormatA, GetTimeFormatA, GetStringTypeW, CreateMutexA, CloseHandle, ReleaseMutex, WaitForMultipleObjectsEx, GetLastError, GetFileAttributesA, GetSystemDirectoryA, GetPrivateProfileStringA, GetVersionExA, CreateProcessA, GlobalFree, GetFullPathNameA, GlobalAlloc, lstrcmpiA, lstrcpynA, GetSystemWindowsDirectoryA, FormatMessageA, IsValidLocale, GetLocalTime, InterlockedDecrement, InterlockedIncrement, SetErrorMode, ExpandEnvironmentStringsA, SetEnvironmentVariableA, GetProcAddress, LoadLibraryA, GetPrivateProfileSectionA, GetWindowsDirectoryA, GetSystemDefaultLangID, GetVersion, OutputDebugStringA, FindClose, FindNextFileA, FindFirstFileA, MoveFileA, DeleteFileA, CopyFileA, SetFileAttributesA, GetStringTypeA, InitializeCriticalSection, GetConsoleCP, GetConsoleMode, SetConsoleCtrlHandler, FreeLibrary, InterlockedExchange, SetStdHandle, FlushFileBuffers, CreateFileA, GetTimeZoneInformation, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, WaitForMultipleObjects, CompareStringW, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, CompareStringA, SetEndOfFile, GetEnvironmentStringsW, GetLocaleInfoW, HeapAlloc, HeapFree, GetCurrentThreadId, GetCommandLineA, GetProcessHeap, EnterCriticalSection, LeaveCriticalSection, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, DeleteCriticalSection, TerminateProcess, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, GetModuleHandleA, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetCurrentThread, LCMapStringA, WideCharToMultiByte, MultiByteToWideChar, LCMapStringW, FatalAppExitA, VirtualFree, VirtualAlloc, HeapReAlloc, HeapDestroy, HeapCreate, ExitProcess, WriteFile, GetModuleFileNameA, RtlUnwind, SetFilePointer, ReadFile, Sleep, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, HeapSize
> USER32.dll: CharLowerA
> ADVAPI32.dll: RegEnumValueA, RegDeleteKeyA, RegCreateKeyExA, RegEnumKeyA, RegOpenKeyExA, RegQueryValueExA, RegDeleteValueA, RegCloseKey, RegSetValueExA, OpenSCManagerA, OpenServiceA, CloseServiceHandle, RegOpenKeyA
> SHELL32.dll: ShellExecuteExA, SHGetSpecialFolderPathA, SHFileOperationA
> ole32.dll: CoFreeLibrary, CoUninitialize, CoInitialize

( 2 exports )
LvCoInstaller, SetupEntryPoint
RDS...: NSRL Reference Data Set
-
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
pdfid.: -
sigcheck:
publisher....: Logitech Inc.
copyright....: (c) 1996-2009 Logitech. All rights reserved.
product......: Logitech Webcam Software
description..: Logitech Co-Installer
original name: lvci12001278.dll
internal name: lvci12001278.dll
file version.: 12.00.1278.0
comments.....: n/a
signers......: Logitech Inc
VeriSign Class 3 Code Signing 2004 CA
Class 3 Public Primary Certification Authority
signing date.: 11:57 PM 4/30/2009
verified.....: -

Log je v pořádku

Ještě jednou děkuji za kontrolu. JaB.

Nemáte zač

VIRY.CZ

Prosím o preventivní kontrolu logu

Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu