Často se mi hlásí útoky od antiviru avast. Během včerejšího dne mi vyskakovalo spoustu oken, které jsem nestíhala zavírat, po restartu počítače a následném odstranění několika škodlivých SW pomocí SuperAntispywaru, přetrvávají další útoky. Přikládám log z RSIT. Předem děkuji za pomoc.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Monika at 2010-10-07 16:51:03
Microsoft Windows 7 Home Premium
System drive C: has 18 GB (8%) free of 238 GB
Total RAM: 1913 MB (27% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:51:11, on 7.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Monika\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Monika.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10051 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-09-21 41368]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2009-08-12 352256]
"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2009-06-02 423936]
"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2009-01-13 34088]
"TWebCamera"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2009-08-11 2446648]
"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2009-08-17 1294136]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-09-15 1998576]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-10-07 16:45:53 ----D---- C:\Program Files (x86)\trend micro
2010-10-07 16:45:52 ----D---- C:\rsit
2010-10-06 15:10:06 ----HD---- C:\Program Files (x86)\Zero G Registry
2010-10-01 19:56:38 ----D---- C:\ProgramData\Codemasters
2010-10-01 19:52:36 ----A---- C:\Windows\SysWOW64\rapture3d_oal.dll
2010-10-01 19:52:36 ----A---- C:\Windows\SysWOW64\mkl_blueripple.dll
2010-10-01 19:52:35 ----D---- C:\Program Files (x86)\BRS
2010-10-01 19:52:33 ----RA---- C:\Windows\SysWOW64\tmpA3D4.tmp
2010-10-01 19:52:33 ----D---- C:\Program Files (x86)\OpenAL
2010-10-01 19:52:33 ----A---- C:\Windows\SysWOW64\wrap_oal.dll
2010-10-01 19:52:33 ----A---- C:\Windows\SysWOW64\OpenAL32.dll
2010-10-01 19:49:06 ----D---- C:\Windows\SysWOW64\xlive
2010-10-01 19:49:05 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2010-09-30 07:26:33 ----A---- C:\Windows\SysWOW64\tzres.dll
2010-09-26 12:55:15 ----D---- C:\Program Files (x86)\Kooperativa
2010-09-26 12:55:13 ----D---- C:\Program Files (x86)\Borland
2010-09-26 12:55:13 ----A---- C:\Windows\SysWOW64\gds32.dll
2010-09-26 12:55:05 ----A---- C:\Windows\SysWOW64\DBCLIENT.DLL
2010-09-15 22:41:06 ----A---- C:\Windows\SysWOW64\iertutil.dll
2010-09-13 20:40:49 ----D---- C:\Program Files (x86)\Canasta
2010-09-10 13:20:43 ----D---- C:\Program Files (x86)\Wizards of the Coast LLC
2010-09-09 09:44:27 ----D---- C:\ProgramData\DivX
======List of files/folders modified in the last 1 months======
2010-10-07 16:51:05 ----D---- C:\Windows\Temp
2010-10-07 16:46:15 ----SHD---- C:\Windows\Installer
2010-10-07 16:45:53 ----RD---- C:\Program Files (x86)
2010-10-07 16:45:18 ----SHD---- C:\System Volume Information
2010-10-07 16:38:13 ----D---- C:\Windows
2010-10-07 16:33:16 ----D---- C:\Windows\Tasks
2010-10-07 16:32:24 ----D---- C:\Windows\System32
2010-10-07 16:32:23 ----D---- C:\Windows\inf
2010-10-07 16:32:12 ----D---- C:\Windows\SysWOW64
2010-10-06 15:12:19 ----D---- C:\Windows\Prefetch
2010-10-06 14:20:25 ----D---- C:\Downloads
2010-10-01 19:56:38 ----HD---- C:\ProgramData
2010-10-01 19:52:44 ----D---- C:\Windows\winsxs
2010-10-01 19:51:33 ----RSD---- C:\Windows\assembly
2010-10-01 19:38:20 ----SD---- C:\ProgramData\Microsoft
2010-10-01 19:34:22 ----D---- C:\Users\Monika\AppData\Roaming\DAEMON Tools Lite
2010-10-01 18:30:59 ----D---- C:\Windows\rescache
2010-09-30 16:48:17 ----D---- C:\Windows\SysWOW64\cs-CZ
2010-09-30 16:48:17 ----D---- C:\Program Files (x86)\Internet Explorer
2010-09-26 13:49:24 ----RD---- C:\Program Files
2010-09-18 16:32:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-09-09 09:46:32 ----D---- C:\Program Files (x86)\DivX
2010-09-09 09:46:31 ----D---- C:\Program Files (x86)\Common Files\DivX Shared
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\Windows\system32\DRIVERS\tos_sps64.sys []
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS []
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\system32\DRIVERS\TVALZFL.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys []
R3 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys []
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys []
S1 SASDIFSV;SASDIFSV; \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [2009-09-15 9968]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys [2009-09-15 74480]
S3 a4t69rlo;a4t69rlo; C:\Windows\SysWOW64\drivers\a4t69rlo.sys []
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys []
S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 SASENUM;SASENUM; \??\C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS [2009-09-15 7408]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys []
S3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 cfWiMAXService;ConfigFree WiMAX Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
R2 ConfigFree Gadget Service;ConfigFree Gadget Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO); C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2009-08-06 116104]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe []
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2009-08-05 488800]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2009-09-03 251760]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-08-03 137560]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problém s častými útoky rainer
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Problém s častými útoky rainer
Naposledy upravil(a) S.Moninka dne 07 říj 2010 18:13, celkem upraveno 1 x.
Re: Problém s častými útoky
přesně často vyskakuje tenhle: http://solaruploaderz.com/rainer555133.exe
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s častými útoky rainer
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s častými útoky rainer
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4770
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
7.10.2010 20:23:59
mbam-log-2010-10-07 (20-23-59).txt
Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 236185
Uplynulý čas: 45 minuta(y), 48 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 2
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\Users\Monika\AppData\Local\Temp\~TM7487.tmp (Trojan.DOwnloader) -> No action taken.
C:\Users\Monika\AppData\Roaming\avdrn.dat (Malware.Trace) -> No action taken.
www.malwarebytes.org
Verze databáze: 4770
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
7.10.2010 20:23:59
mbam-log-2010-10-07 (20-23-59).txt
Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 236185
Uplynulý čas: 45 minuta(y), 48 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 2
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\Users\Monika\AppData\Local\Temp\~TM7487.tmp (Trojan.DOwnloader) -> No action taken.
C:\Users\Monika\AppData\Roaming\avdrn.dat (Malware.Trace) -> No action taken.
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s častými útoky rainer
Obě nalezené položky smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s častými útoky rainer
Provedla jsem, nicméně, hned po restartu opět vyskočil avast...zablokování škodlivé URL....opět rainer
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s častými útoky rainer
Použijte OTL:
Stáhněte OTL: http://oldtimer.geekstogo.com/OTL.exe . Uložte na plochu, klikněte prvým myšítkem a zadejte "spustit jako správce". Zaškrtněte "pro 64b systém", "pro všechny uživatele", "kontrola na havěť LOP" a "PURITY". Do spodního okna vložte:
Klikněte na "Prohledat" a vložte logy OTL.txt. a Extras.txt.
Stáhněte OTL: http://oldtimer.geekstogo.com/OTL.exe . Uložte na plochu, klikněte prvým myšítkem a zadejte "spustit jako správce". Zaškrtněte "pro 64b systém", "pro všechny uživatele", "kontrola na havěť LOP" a "PURITY". Do spodního okna vložte:
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
Klikněte na "Prohledat" a vložte logy OTL.txt. a Extras.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s častými útoky rainer
Objevil se problém, při průběhu testu se objevil problém: Cannot create file C:\Users\Monika\Desktop\cmd.bat a dále už test neprobíhá
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s častými útoky rainer
Spustte OTL bez vložení toho skriptu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s častými útoky rainer
tady je otl. txt
OTL logfile created on: 7.10.2010 21:47:06 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Monika\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 17,69 Gb Free Space | 7,60% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 193,55 Gb Free Space | 83,25% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MONIKA-TOSH
Current User Name: Monika
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.10.07 20:48:30 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe
PRC - [2010.09.18 16:32:39 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.09.18 16:32:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.09.01 08:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009.09.15 12:42:42 | 001,998,576 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009.09.03 16:06:32 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009.08.11 12:37:50 | 002,446,648 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009.07.28 21:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.07.14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
PRC - [2009.03.15 12:15:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2009.03.10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009.01.13 21:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
========== Modules (SafeList) ==========
MOD - [2010.10.07 20:48:30 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.09.03 21:38:26 | 000,251,760 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2009.08.05 15:20:12 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009.08.04 12:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009.08.03 18:17:56 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009.07.28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.08.17 11:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.08.10 20:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009.08.06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2009.07.14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009.03.10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007.05.31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV:64bit: - [2010.09.07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010.02.02 09:48:47 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.11.05 06:51:30 | 000,446,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8187B.sys -- (RTL8187B)
DRV:64bit: - [2009.09.23 03:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009.09.23 03:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009.08.27 09:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.07.30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009.07.30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009.07.30 18:46:22 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.07.24 16:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009.07.20 18:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.13 23:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.10 07:45:12 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2009.06.22 18:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.19 20:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.05.22 22:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2009.09.15 12:42:48 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009.09.15 12:42:46 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009.09.15 12:42:44 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-314065093-172559272-3190138788-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEH
IE - HKU\S-1-5-21-314065093-172559272-3190138788-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSEH
IE - HKU\S-1-5-21-314065093-172559272-3190138788-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.18 16:32:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.18 16:32:40 | 000,000,000 | ---D | M]
[2010.01.27 19:19:56 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Mozilla\Extensions
[2010.07.05 10:25:01 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\2herfsjl.default\extensions
[2010.02.20 19:41:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.02.20 19:41:12 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.09.10 11:50:33 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.10 11:50:33 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.10 11:50:33 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.10 11:50:33 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.10 11:50:33 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-314065093-172559272-3190138788-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-314065093-172559272-3190138788-1001..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c05cb720-0fd0-11df-b562-002622453bc2}\Shell - "" = AutoRun
O33 - MountPoints2\{c05cb720-0fd0-11df-b562-002622453bc2}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Setup.part01.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.10.07 20:48:25 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe
[2010.10.07 19:37:07 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Malwarebytes
[2010.10.07 19:36:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.10.07 19:36:57 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.10.07 19:36:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.10.07 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.10.07 16:45:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010.10.07 16:45:52 | 000,000,000 | ---D | C] -- C:\rsit
[2010.10.06 15:10:06 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Zero G Registry
[2010.10.06 15:08:32 | 000,000,000 | -H-D | C] -- C:\Users\Monika\InstallAnywhere
[2010.10.01 19:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2010.10.01 19:56:32 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\My Games
[2010.10.01 19:52:36 | 017,686,528 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\SysWow64\mkl_blueripple.dll
[2010.10.01 19:52:36 | 001,380,352 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll
[2010.10.01 19:52:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS
[2010.10.01 19:52:33 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010.10.01 19:52:33 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.10.01 19:52:33 | 000,122,968 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010.10.01 19:52:33 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.10.01 19:52:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2010.10.01 19:49:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2010.10.01 19:49:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2010.09.30 09:42:33 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ks.sys
[2010.09.26 12:55:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kooperativa
[2010.09.26 12:55:13 | 000,346,624 | ---- | C] (Inprise Corporation) -- C:\Windows\SysWow64\gds32.dll
[2010.09.26 12:55:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Borland
[2010.09.26 12:55:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Borland Shared
[2010.09.20 18:35:43 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\UHK
[2010.09.15 22:41:06 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010.09.13 20:40:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canasta
[2010.09.10 13:23:58 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\Wizards of the Coast
[2010.09.10 13:23:58 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Local\SKIDROW
[2010.09.10 13:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wizards of the Coast LLC
[2010.09.09 09:46:23 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010.09.09 09:44:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.10.07 21:52:32 | 001,835,008 | -HS- | M] () -- C:\Users\Monika\ntuser.dat
[2010.10.07 20:48:30 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe
[2010.10.07 20:47:02 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.07 20:47:02 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.07 20:39:39 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.10.07 20:39:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.07 20:39:17 | 1504,346,112 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.07 20:38:08 | 001,163,323 | -H-- | M] () -- C:\Users\Monika\AppData\Local\IconCache.db
[2010.10.07 19:37:01 | 000,001,016 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.07 16:46:14 | 000,002,981 | ---- | M] () -- C:\Users\Monika\Desktop\HiJackThis.lnk
[2010.10.07 16:38:53 | 000,079,152 | ---- | M] () -- C:\Users\Monika\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.10.07 16:33:23 | 000,524,288 | -HS- | M] () -- C:\Users\Monika\ntuser.dat{01cca4f1-d21f-11df-95db-002622453bc2}.TMContainer00000000000000000002.regtrans-ms
[2010.10.07 16:33:23 | 000,524,288 | -HS- | M] () -- C:\Users\Monika\ntuser.dat{01cca4f1-d21f-11df-95db-002622453bc2}.TMContainer00000000000000000001.regtrans-ms
[2010.10.07 16:33:23 | 000,065,536 | -HS- | M] () -- C:\Users\Monika\ntuser.dat{01cca4f1-d21f-11df-95db-002622453bc2}.TM.blf
[2010.10.07 09:39:01 | 000,000,012 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\cnmkat.dat
[2010.10.06 15:52:43 | 000,000,600 | ---- | M] () -- C:\Users\Monika\PUTTY.RND
[2010.10.04 19:33:08 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.10.04 19:33:08 | 000,622,660 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.10.04 19:33:08 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.10.04 19:33:08 | 000,118,810 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.10.04 19:33:08 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.10.01 19:52:33 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010.10.01 19:52:33 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.10.01 19:52:33 | 000,122,968 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010.10.01 19:52:33 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.10.01 19:48:09 | 000,001,556 | ---- | M] () -- C:\Users\Public\Desktop\F1 2010.lnk
[2010.09.26 12:55:13 | 000,017,526 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\services
[2010.09.15 19:51:02 | 000,010,264 | ---- | M] () -- C:\Users\Monika\Desktop\Rozvrh.xlsx
[2010.09.08 15:49:54 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.10.07 19:37:01 | 000,001,016 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.07 16:46:14 | 000,002,981 | ---- | C] () -- C:\Users\Monika\Desktop\HiJackThis.lnk
[2010.10.07 16:33:23 | 000,524,288 | -HS- | C] () -- C:\Users\Monika\ntuser.dat{01cca4f1-d21f-11df-95db-002622453bc2}.TMContainer00000000000000000002.regtrans-ms
[2010.10.07 16:33:23 | 000,524,288 | -HS- | C] () -- C:\Users\Monika\ntuser.dat{01cca4f1-d21f-11df-95db-002622453bc2}.TMContainer00000000000000000001.regtrans-ms
[2010.10.07 16:33:23 | 000,065,536 | -HS- | C] () -- C:\Users\Monika\ntuser.dat{01cca4f1-d21f-11df-95db-002622453bc2}.TM.blf
[2010.10.07 09:39:01 | 000,000,012 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\cnmkat.dat
[2010.10.01 19:48:09 | 000,001,556 | ---- | C] () -- C:\Users\Public\Desktop\F1 2010.lnk
[2010.09.26 12:55:05 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2010.09.26 12:55:05 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\BDEADMIN.CPL
[2010.09.20 18:41:37 | 000,000,600 | ---- | C] () -- C:\Users\Monika\PUTTY.RND
[2010.04.22 19:18:29 | 000,003,584 | ---- | C] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.20 19:43:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.12.19 16:29:45 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.28 04:37:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll
[2002.10.16 00:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
========== LOP Check ==========
[2010.03.17 11:11:57 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\avidemux
[2010.03.17 11:08:45 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Broad Intelligence
[2010.10.01 19:34:22 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DAEMON Tools Lite
[2010.01.27 19:27:31 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2010.02.03 14:20:13 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Softplicity
[2010.02.01 09:42:08 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Toshiba
[2010.09.01 11:55:13 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
OTL logfile created on: 7.10.2010 21:47:06 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Monika\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 17,69 Gb Free Space | 7,60% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 193,55 Gb Free Space | 83,25% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MONIKA-TOSH
Current User Name: Monika
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010.10.07 20:48:30 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe
PRC - [2010.09.18 16:32:39 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.09.18 16:32:38 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.09.07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.09.01 08:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009.09.15 12:42:42 | 001,998,576 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009.09.03 16:06:32 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009.08.11 12:37:50 | 002,446,648 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
PRC - [2009.07.28 21:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009.07.14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
PRC - [2009.03.15 12:15:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2009.03.10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009.01.13 21:33:40 | 000,034,088 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
========== Modules (SafeList) ==========
MOD - [2010.10.07 20:48:30 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010.09.07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.09.03 21:38:26 | 000,251,760 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV:64bit: - [2009.08.05 15:20:12 | 000,488,800 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV:64bit: - [2009.08.04 12:15:06 | 000,826,224 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV:64bit: - [2009.08.03 18:17:56 | 000,137,560 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV:64bit: - [2009.07.28 15:48:06 | 000,140,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.08.17 11:48:42 | 000,051,512 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009.08.10 20:55:58 | 000,248,688 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
SRV - [2009.08.06 16:02:50 | 000,116,104 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2009.07.14 20:10:30 | 000,042,368 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2009.03.10 19:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007.05.31 18:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 18:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\RtsUCcid.sys -- (USBCCID)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Rts516xIR.sys -- (RtsUIR)
DRV:64bit: - [2010.09.07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010.02.02 09:48:47 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009.11.05 06:51:30 | 000,446,976 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTL8187B.sys -- (RTL8187B)
DRV:64bit: - [2009.09.23 03:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009.09.23 03:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009.08.27 09:07:06 | 007,369,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.07.30 21:02:36 | 000,044,912 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LPCFilter.sys -- (LPCFilter)
DRV:64bit: - [2009.07.30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2009.07.30 18:46:22 | 000,222,208 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.07.24 16:57:08 | 000,482,384 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2009.07.20 18:48:32 | 000,274,480 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.07.14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.13 23:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.07.10 07:45:12 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2009.06.22 18:06:38 | 000,035,008 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
DRV:64bit: - [2009.06.20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.06.19 20:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.05.22 22:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2009.09.15 12:42:48 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009.09.15 12:42:46 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009.09.15 12:42:44 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-314065093-172559272-3190138788-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=TSEH
IE - HKU\S-1-5-21-314065093-172559272-3190138788-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=TSEH
IE - HKU\S-1-5-21-314065093-172559272-3190138788-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.18 16:32:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.18 16:32:40 | 000,000,000 | ---D | M]
[2010.01.27 19:19:56 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Mozilla\Extensions
[2010.07.05 10:25:01 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\2herfsjl.default\extensions
[2010.02.20 19:41:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.02.20 19:41:12 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.09.10 11:50:33 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.09.10 11:50:33 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.09.10 11:50:33 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.09.10 11:50:33 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.09.10 11:50:33 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Toshiba Europe GmbH)
O4:64bit: - HKLM..\Run: [TosNC] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosReelTimeMonitor] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA Electronics, Inc.)
O4 - HKLM..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA CORPORATION.)
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-314065093-172559272-3190138788-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-314065093-172559272-3190138788-1001..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c05cb720-0fd0-11df-b562-002622453bc2}\Shell - "" = AutoRun
O33 - MountPoints2\{c05cb720-0fd0-11df-b562-002622453bc2}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Setup.part01.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.10.07 20:48:25 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe
[2010.10.07 19:37:07 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Roaming\Malwarebytes
[2010.10.07 19:36:58 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.10.07 19:36:57 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.10.07 19:36:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.10.07 19:36:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.10.07 16:45:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010.10.07 16:45:52 | 000,000,000 | ---D | C] -- C:\rsit
[2010.10.06 15:10:06 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Zero G Registry
[2010.10.06 15:08:32 | 000,000,000 | -H-D | C] -- C:\Users\Monika\InstallAnywhere
[2010.10.01 19:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters
[2010.10.01 19:56:32 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\My Games
[2010.10.01 19:52:36 | 017,686,528 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\SysWow64\mkl_blueripple.dll
[2010.10.01 19:52:36 | 001,380,352 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\SysWow64\rapture3d_oal.dll
[2010.10.01 19:52:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS
[2010.10.01 19:52:33 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010.10.01 19:52:33 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.10.01 19:52:33 | 000,122,968 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010.10.01 19:52:33 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.10.01 19:52:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2010.10.01 19:49:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2010.10.01 19:49:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2010.09.30 09:42:33 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ks.sys
[2010.09.26 12:55:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kooperativa
[2010.09.26 12:55:13 | 000,346,624 | ---- | C] (Inprise Corporation) -- C:\Windows\SysWow64\gds32.dll
[2010.09.26 12:55:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Borland
[2010.09.26 12:55:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Borland Shared
[2010.09.20 18:35:43 | 000,000,000 | ---D | C] -- C:\Users\Monika\Desktop\UHK
[2010.09.15 22:41:06 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010.09.13 20:40:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canasta
[2010.09.10 13:23:58 | 000,000,000 | ---D | C] -- C:\Users\Monika\Documents\Wizards of the Coast
[2010.09.10 13:23:58 | 000,000,000 | ---D | C] -- C:\Users\Monika\AppData\Local\SKIDROW
[2010.09.10 13:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wizards of the Coast LLC
[2010.09.09 09:46:23 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010.09.09 09:44:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.10.07 21:52:32 | 001,835,008 | -HS- | M] () -- C:\Users\Monika\ntuser.dat
[2010.10.07 20:48:30 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\Monika\Desktop\OTL.exe
[2010.10.07 20:47:02 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.07 20:47:02 | 000,016,304 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.07 20:39:39 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.10.07 20:39:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.07 20:39:17 | 1504,346,112 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.07 20:38:08 | 001,163,323 | -H-- | M] () -- C:\Users\Monika\AppData\Local\IconCache.db
[2010.10.07 19:37:01 | 000,001,016 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.07 16:46:14 | 000,002,981 | ---- | M] () -- C:\Users\Monika\Desktop\HiJackThis.lnk
[2010.10.07 16:38:53 | 000,079,152 | ---- | M] () -- C:\Users\Monika\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.10.07 16:33:23 | 000,524,288 | -HS- | M] () -- C:\Users\Monika\ntuser.dat{01cca4f1-d21f-11df-95db-002622453bc2}.TMContainer00000000000000000002.regtrans-ms
[2010.10.07 16:33:23 | 000,524,288 | -HS- | M] () -- C:\Users\Monika\ntuser.dat{01cca4f1-d21f-11df-95db-002622453bc2}.TMContainer00000000000000000001.regtrans-ms
[2010.10.07 16:33:23 | 000,065,536 | -HS- | M] () -- C:\Users\Monika\ntuser.dat{01cca4f1-d21f-11df-95db-002622453bc2}.TM.blf
[2010.10.07 09:39:01 | 000,000,012 | ---- | M] () -- C:\Users\Monika\AppData\Roaming\cnmkat.dat
[2010.10.06 15:52:43 | 000,000,600 | ---- | M] () -- C:\Users\Monika\PUTTY.RND
[2010.10.04 19:33:08 | 001,445,734 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.10.04 19:33:08 | 000,622,660 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.10.04 19:33:08 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.10.04 19:33:08 | 000,118,810 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.10.04 19:33:08 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.10.01 19:52:33 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010.10.01 19:52:33 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.10.01 19:52:33 | 000,122,968 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010.10.01 19:52:33 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.10.01 19:48:09 | 000,001,556 | ---- | M] () -- C:\Users\Public\Desktop\F1 2010.lnk
[2010.09.26 12:55:13 | 000,017,526 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\services
[2010.09.15 19:51:02 | 000,010,264 | ---- | M] () -- C:\Users\Monika\Desktop\Rozvrh.xlsx
[2010.09.08 15:49:54 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.10.07 19:37:01 | 000,001,016 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.07 16:46:14 | 000,002,981 | ---- | C] () -- C:\Users\Monika\Desktop\HiJackThis.lnk
[2010.10.07 16:33:23 | 000,524,288 | -HS- | C] () -- C:\Users\Monika\ntuser.dat{01cca4f1-d21f-11df-95db-002622453bc2}.TMContainer00000000000000000002.regtrans-ms
[2010.10.07 16:33:23 | 000,524,288 | -HS- | C] () -- C:\Users\Monika\ntuser.dat{01cca4f1-d21f-11df-95db-002622453bc2}.TMContainer00000000000000000001.regtrans-ms
[2010.10.07 16:33:23 | 000,065,536 | -HS- | C] () -- C:\Users\Monika\ntuser.dat{01cca4f1-d21f-11df-95db-002622453bc2}.TM.blf
[2010.10.07 09:39:01 | 000,000,012 | ---- | C] () -- C:\Users\Monika\AppData\Roaming\cnmkat.dat
[2010.10.01 19:48:09 | 000,001,556 | ---- | C] () -- C:\Users\Public\Desktop\F1 2010.lnk
[2010.09.26 12:55:05 | 000,210,032 | ---- | C] () -- C:\Windows\SysWow64\DBCLIENT.DLL
[2010.09.26 12:55:05 | 000,183,808 | ---- | C] () -- C:\Windows\SysWow64\BDEADMIN.CPL
[2010.09.20 18:41:37 | 000,000,600 | ---- | C] () -- C:\Users\Monika\PUTTY.RND
[2010.04.22 19:18:29 | 000,003,584 | ---- | C] () -- C:\Users\Monika\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.20 19:43:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.12.19 16:29:45 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2009.11.06 10:58:04 | 000,178,975 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.04.28 04:37:00 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\SPCtl.dll
[2002.10.16 00:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
========== LOP Check ==========
[2010.03.17 11:11:57 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\avidemux
[2010.03.17 11:08:45 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Broad Intelligence
[2010.10.01 19:34:22 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\DAEMON Tools Lite
[2010.01.27 19:27:31 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2010.02.03 14:20:13 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Softplicity
[2010.02.01 09:42:08 | 000,000,000 | ---D | M] -- C:\Users\Monika\AppData\Roaming\Toshiba
[2010.09.01 11:55:13 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Re: Problém s častými útoky rainer
a tady extras.txt
OTL Extras logfile created on: 7.10.2010 21:47:06 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Monika\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 17,69 Gb Free Space | 7,60% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 193,55 Gb Free Space | 83,25% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MONIKA-TOSH
Current User Name: Monika
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-314065093-172559272-3190138788-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}" = TOSHIBA Bulletin Board
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C2DDF845-7107-40E8-8D2A-8719F1799570}" = TOSHIBA ReelTime
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0823A2E3-69DD-A37A-7CD9-1CBEB037545C}" = Toshiba Photo Service - powered by myphotobook
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{26D8DF7E-DBF8-43A6-8D42-F37497CE603D}" = Skype(TM) Launcher
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9E4FF410-471F-49E3-9358-74FF0D5E9901}" = Toshiba TEMPRO
"{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1" = MPEG Video Wizard DVD 5.0.0.104 (01/2010)
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}" = Amazon.co.uk
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E83BA61A-5D77-4DD5-9C92-A3447F11E27D}" = eBay
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"Avidemux 2.5" = Avidemux 2.5
"BitLord" = BitLord 1.1
"Blobby Volley 2.0 Version 0.9b_is1" = Blobby Volley 2.0 Version 0.9b
"DivX Setup.divx.com" = DivX Setup
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Toshiba Photo Service - powered by myphotobook
"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"GOM Player" = GOM Player
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}" = TOSHIBA Bulletin Board
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Heslo správce
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = Nastaveni hadrware TOSHIBA
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}" = TOSHIBA ReelTime
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"InterBase 6 Client Open Edition - 6.0.2.0" = InterBase 6 Client Open Edition - 6.0.2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaCoder" = MediaCoder 0.7.3.4606
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Mpeg Video Wizard DVD 5.0" = MPEG Video Wizard DVD 5.0.0.104 (01/2010)
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"OpenAL" = OpenAL
"PowerISO" = PowerISO
"Servant Salamander 2.0" = Servant Salamander 2.0
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-314065093-172559272-3190138788-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.8.2010 8:33:19 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 31.8.2010 13:29:51 | Computer Name = Monika-TOSH | Source = Application Error | ID = 1000
Description = Název chybující aplikace: TWebCamera.exe, verze: 1.1.1.4, časové razítko:
0x4a80e5d8 Název chybujícího modulu: TWebCamera.exe, verze: 1.1.1.4, časové razítko:
0x4a80e5d8 Kód výjimky: 0xc0000005 Posun chyby: 0x0000ef17 ID chybujícího procesu:
0xee8 Čas spuštění chybující aplikace: 0x01cb49321986e5aa Cesta k chybující aplikaci:
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe Cesta
k chybujícímu modulu: C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
ID
zprávy: 5c2a8f5d-b525-11df-bc52-002622453bc2
Error - 4.9.2010 6:38:55 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 10.9.2010 9:31:06 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 10.9.2010 14:01:27 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 16.9.2010 12:00:43 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 18.9.2010 12:05:19 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 18.9.2010 14:29:08 | Computer Name = Monika-TOSH | Source = RapiMgr | ID = 8
Description = Zařízení se systémem Windows Mobile se nepodařilo připojit z důvodu
chyby communication (0x80072745) (viz data pro kód chyby).
Error - 18.9.2010 14:49:58 | Computer Name = Monika-TOSH | Source = RapiMgr | ID = 8
Description = Zařízení se systémem Windows Mobile se nepodařilo připojit z důvodu
chyby communication (0x80072745) (viz data pro kód chyby).
Error - 19.9.2010 13:47:34 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
[ System Events ]
Error - 31.8.2010 13:29:38 | Computer Name = Monika-TOSH | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL
Error - 31.8.2010 13:46:10 | Computer Name = Monika-TOSH | Source = BROWSER | ID = 8032
Description =
Error - 1.9.2010 1:53:36 | Computer Name = Monika-TOSH | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys bylo
zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o
kompatibilní verzi ovladače.
Error - 1.9.2010 1:53:36 | Computer Name = Monika-TOSH | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS bylo
zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o
kompatibilní verzi ovladače.
Error - 1.9.2010 1:54:12 | Computer Name = Monika-TOSH | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL
Error - 1.9.2010 2:01:41 | Computer Name = Monika-TOSH | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (8:00:36, ?1.?9.?2010) bylo neočekávané.
Error - 1.9.2010 2:01:34 | Computer Name = Monika-TOSH | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys bylo
zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o
kompatibilní verzi ovladače.
Error - 1.9.2010 2:01:34 | Computer Name = Monika-TOSH | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS bylo
zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o
kompatibilní verzi ovladače.
Error - 1.9.2010 2:02:22 | Computer Name = Monika-TOSH | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL
Error - 1.9.2010 5:54:59 | Computer Name = Monika-TOSH | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys bylo
zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o
kompatibilní verzi ovladače.
< End of report >
OTL Extras logfile created on: 7.10.2010 21:47:06 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Monika\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 47,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 62,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 17,69 Gb Free Space | 7,60% Space Free | Partition Type: NTFS
Drive D: | 232,49 Gb Total Space | 193,55 Gb Free Space | 83,25% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MONIKA-TOSH
Current User Name: Monika
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-314065093-172559272-3190138788-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}" = TOSHIBA Bulletin Board
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Centrum zařízení Windows Mobile
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C2DDF845-7107-40E8-8D2A-8719F1799570}" = TOSHIBA ReelTime
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"{068B46A0-8858-4CEB-80BC-A4AE787A05FC}" = Windows Live Sync
"{0823A2E3-69DD-A37A-7CD9-1CBEB037545C}" = Toshiba Photo Service - powered by myphotobook
"{0FB630AB-7BD8-40AE-B223-60397D57C3C9}" = Realtek WLAN Driver
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1D097338-B4FA-4F29-9C43-8D7A970A007E}" = Windows Live Fotogalerie
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Nástroj pro odesílání služby Windows Live
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 14
"{26D8DF7E-DBF8-43A6-8D42-F37497CE603D}" = Skype(TM) Launcher
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3E62B27C-342F-4B44-9331-CA4BC59A586F}" = Asistent pro přihlášení ke službě Windows Live
"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{479A749B-1684-4881-8266-BF8DD22251E7}" = Windows Live Writer
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{71E40B32-5173-4538-8996-5822DD18E8D4}" = Windows Live Messenger
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00B2-0405-0000-0000000FF1CE}" = Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = Toshiba Manuals
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9E4FF410-471F-49E3-9358-74FF0D5E9901}" = Toshiba TEMPRO
"{9FD45917-95E6-449D-ACC9-01E634A34CBD}_is1" = MPEG Video Wizard DVD 5.0.0.104 (01/2010)
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}" = Amazon.co.uk
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.4 - Czech
"{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}" = Microsoft Works
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E3F328E4-EB9F-4ABF-8FF3-5AD0472743D8}" = Windows Live Essentials
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5A10EF8-DBF3-4251-A9CA-423311DBBFC8}" = Windows Live Mail
"{E83BA61A-5D77-4DD5-9C92-A3447F11E27D}" = eBay
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3529665-D75E-4D6D-98F0-745C78C68E9B}" = TOSHIBA ConfigFree
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"Avidemux 2.5" = Avidemux 2.5
"BitLord" = BitLord 1.1
"Blobby Volley 2.0 Version 0.9b_is1" = Blobby Volley 2.0 Version 0.9b
"DivX Setup.divx.com" = DivX Setup
"eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = Toshiba Photo Service - powered by myphotobook
"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"GOM Player" = GOM Player
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}" = TOSHIBA Value Added Package
"InstallShield_{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}" = TOSHIBA Bulletin Board
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Heslo správce
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = Nastaveni hadrware TOSHIBA
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}" = TOSHIBA Flash Cards Support Utility
"InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}" = TOSHIBA Recovery Media Creator Reminder
"InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}" = TOSHIBA eco Utility
"InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}" = TOSHIBA ReelTime
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = Výstraha HDD/SSD TOSHIBA
"InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}" = TRORMCLauncher
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"InterBase 6 Client Open Edition - 6.0.2.0" = InterBase 6 Client Open Edition - 6.0.2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaCoder" = MediaCoder 0.7.3.4606
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"Mpeg Video Wizard DVD 5.0" = MPEG Video Wizard DVD 5.0.0.104 (01/2010)
"MPEG2 Codec(libmpeg2/mad)" = MPEG2 Codec(libmpeg2/mad)
"OpenAL" = OpenAL
"PowerISO" = PowerISO
"Servant Salamander 2.0" = Servant Salamander 2.0
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-314065093-172559272-3190138788-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"QIP 2005" = QIP 2005 8095
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.8.2010 8:33:19 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 31.8.2010 13:29:51 | Computer Name = Monika-TOSH | Source = Application Error | ID = 1000
Description = Název chybující aplikace: TWebCamera.exe, verze: 1.1.1.4, časové razítko:
0x4a80e5d8 Název chybujícího modulu: TWebCamera.exe, verze: 1.1.1.4, časové razítko:
0x4a80e5d8 Kód výjimky: 0xc0000005 Posun chyby: 0x0000ef17 ID chybujícího procesu:
0xee8 Čas spuštění chybující aplikace: 0x01cb49321986e5aa Cesta k chybující aplikaci:
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe Cesta
k chybujícímu modulu: C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
ID
zprávy: 5c2a8f5d-b525-11df-bc52-002622453bc2
Error - 4.9.2010 6:38:55 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 10.9.2010 9:31:06 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 10.9.2010 14:01:27 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 16.9.2010 12:00:43 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 18.9.2010 12:05:19 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
Error - 18.9.2010 14:29:08 | Computer Name = Monika-TOSH | Source = RapiMgr | ID = 8
Description = Zařízení se systémem Windows Mobile se nepodařilo připojit z důvodu
chyby communication (0x80072745) (viz data pro kód chyby).
Error - 18.9.2010 14:49:58 | Computer Name = Monika-TOSH | Source = RapiMgr | ID = 8
Description = Zařízení se systémem Windows Mobile se nepodařilo připojit z důvodu
chyby communication (0x80072745) (viz data pro kód chyby).
Error - 19.9.2010 13:47:34 | Computer Name = Monika-TOSH | Source = SideBySide | ID = 16842815
Description = Generování kontextu aktivace pro c:\Program Files (x86)\Common Files\Adobe
AIR\Versions\1.0\Adobe AIR.dll se nezdařilo. Chyba v souboru manifestu nebo zásady
c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll na řádku
3. Hodnota MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR atributu
version v prvku assemblyIdentity je neplatná.
[ System Events ]
Error - 31.8.2010 13:29:38 | Computer Name = Monika-TOSH | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL
Error - 31.8.2010 13:46:10 | Computer Name = Monika-TOSH | Source = BROWSER | ID = 8032
Description =
Error - 1.9.2010 1:53:36 | Computer Name = Monika-TOSH | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys bylo
zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o
kompatibilní verzi ovladače.
Error - 1.9.2010 1:53:36 | Computer Name = Monika-TOSH | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS bylo
zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o
kompatibilní verzi ovladače.
Error - 1.9.2010 1:54:12 | Computer Name = Monika-TOSH | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL
Error - 1.9.2010 2:01:41 | Computer Name = Monika-TOSH | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (8:00:36, ?1.?9.?2010) bylo neočekávané.
Error - 1.9.2010 2:01:34 | Computer Name = Monika-TOSH | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys bylo
zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o
kompatibilní verzi ovladače.
Error - 1.9.2010 2:01:34 | Computer Name = Monika-TOSH | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS bylo
zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o
kompatibilní verzi ovladače.
Error - 1.9.2010 2:02:22 | Computer Name = Monika-TOSH | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: SASDIFSV SASKUTIL
Error - 1.9.2010 5:54:59 | Computer Name = Monika-TOSH | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys bylo
zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o
kompatibilní verzi ovladače.
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s častými útoky rainer
Je to s podivem, ale nic nebezpečného nevidím. Zkusíme ještě sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?