prosim o kontrolu logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
Crema
Level 1
Level 1
Příspěvky: 76
Registrován: březen 09
Pohlaví: Muž
Stav:
Offline

prosim o kontrolu logu

Příspěvekod Crema » 28 říj 2009 18:44

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:02:00, on 22.10.2009
Platform: Unknown Windows (WinNT 6.01.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Valve\Steam\Steam.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Driver-Soft\DriverGenius\DriverGenius.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [Steam] "c:\program files (x86)\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8859 bytes
Nahoru
Reklama
Top
pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod pitimir » 28 říj 2009 22:06

Ahoj, aky Windows?
Nemam rad amaterizmus...

A adresat odkazu to vie :)
Nahoru
Crema
Level 1
Level 1
Příspěvky: 76
Registrován: březen 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod Crema » 29 říj 2009 17:02

windows 7 64 bit
Nahoru
pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod pitimir » 29 říj 2009 19:39

Stiahni OTL. Uloz na plochu a spust dvojklikom subor "OTL.exe". Otvori sa okno programu, v nom zaskrtni "Scan All Users", "Lop" aj "Purity Check" a "File Scan" zmen na 7 dni miesto 30. Potom klikni na "Run Scan". Zacne scan pocitaca, po jeho ukonceni sa otvoria dva reporty - obsah oboch potrebujem vidiet.
Nemam rad amaterizmus...

A adresat odkazu to vie :)
Nahoru
Crema
Level 1
Level 1
Příspěvky: 76
Registrován: březen 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod Crema » 29 říj 2009 23:39

OTL Extras logfile created on: 29.10.2009 23:33:00 - Run 1
OTL by OldTimer - Version 3.0.22.1 Folder = C:\Users\Cremator\Desktop
64bit- Ultimate Edition (Version = 6.1.7100) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7100.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 100,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 100,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 233,75 Gb Total Space | 183,87 Gb Free Space | 78,66% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CREMATOR-PC
Current User Name: Cremator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = E7 3D 5E 41 2C C3 C9 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E96FD88-FF86-25BB-112E-804C2F1B1128}" = ATI Catalyst Install Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{C74A84EC-7C5F-4C36-A4A6-381E516D643B}" = Microsoft IntelliPoint 7.0
"C-Media CM108 Like Sound Driver" = SteelSeries USB Soundcard

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{3A05B900-A3E7-11DE-A9B7-005056806466}" = Google Earth
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo
"{7B68D39D-C167-DA59-587A-5143B0FF3458}" = Catalyst Control Center InstallProxy
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"avast!" = avast! Antivirus
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Diablo II" = Diablo II
"ESET Online Scanner" = ESET Online Scanner v3
"Garena" = Garena
"Google Chrome" = Google Chrome
"HijackThis" = HijackThis 2.0.2
"Mumble" = Mumble and Murmur
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3161405137-1547458109-1053553780-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 28.10.2009 12:00:56 | Computer Name = Cremator-PC | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

Error - 28.10.2009 19:30:04 | Computer Name = Cremator-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\Bin64\Setup.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 28.10.2009 19:30:07 | Computer Name = Cremator-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\Bin64\InstallManagerApp.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 28.10.2009 19:30:08 | Computer Name = Cremator-PC | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo
zásad na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí
součásti, která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7100.0_none_8fb1307a5ee9ecec.manifest.
Součást
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7100.0_none_d75e6751736615f2.manifest.

Error - 29.10.2009 9:57:43 | Computer Name = Cremator-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\BIN64\InstallManagerApp.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 29.10.2009 9:57:43 | Computer Name = Cremator-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\BIN64\InstallManagerApp.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 29.10.2009 9:57:58 | Computer Name = Cremator-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\BIN64\InstallManagerApp.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 29.10.2009 9:57:58 | Computer Name = Cremator-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\BIN64\InstallManagerApp.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 29.10.2009 9:58:17 | Computer Name = Cremator-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\BIN64\InstallManagerApp.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error - 29.10.2009 9:58:17 | Computer Name = Cremator-PC | Source = SideBySide | ID = 16842785
Description = Generování kontextu aktivace pro C:\Program Files\ATI\CIM\BIN64\InstallManagerApp.exe
se nezdařilo. Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
nelze najít. Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

[ System Events ]
Error - 28.10.2009 12:00:58 | Computer Name = Cremator-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 28.10.2009 12:00:58 | Computer Name = Cremator-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 28.10.2009 12:02:34 | Computer Name = Cremator-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 28.10.2009 12:02:34 | Computer Name = Cremator-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 28.10.2009 16:32:11 | Computer Name = Cremator-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 28.10.2009 16:32:11 | Computer Name = Cremator-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 29.10.2009 9:47:13 | Computer Name = Cremator-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter

Error - 29.10.2009 9:47:13 | Computer Name = Cremator-PC | Source = atikmdag | ID = 43029
Description = Display is not active

Error - 29.10.2009 9:47:36 | Computer Name = Cremator-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Steam Client Service bylo dosaženo
časového limitu (30000 ms).

Error - 29.10.2009 9:47:36 | Computer Name = Cremator-PC | Source = Service Control Manager | ID = 7000
Description = Služba Steam Client Service neuspěla při spuštění v důsledku následující
chyby: %%1053


< End of report >
Nahoru
Crema
Level 1
Level 1
Příspěvky: 76
Registrován: březen 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod Crema » 29 říj 2009 23:42

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 7 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009.10.29 23:30:45 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Users\Cremator\Desktop\OTL.exe
PRC - [2009.10.28 21:41:39 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2009.10.24 06:20:57 | 01,217,808 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Valve\Steam\Steam.exe
PRC - [2009.09.26 22:53:38 | 00,277,104 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009.08.17 17:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009.08.17 17:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009.08.17 17:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009.08.17 17:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009.08.17 16:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009.07.18 04:12:12 | 00,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
PRC - [2009.04.22 06:23:15 | 00,674,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
PRC - [2003.12.22 14:36:14 | 00,561,152 | ---- | M] () -- C:\Program Files (x86)\Ventrilo\Ventrilo.exe

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009.08.18 01:36:20 | 00,203,264 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility [Auto | Running])
SRV:64bit: - [2009.08.17 17:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV:64bit: - [2009.08.17 17:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV:64bit: - [2009.08.17 17:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV:64bit: - [2009.08.17 16:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV:64bit: - [2009.04.22 06:41:48 | 00,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc [On_Demand | Stopped])
SRV:64bit: - [2009.04.22 06:41:31 | 00,201,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc [On_Demand | Stopped])
SRV:64bit: - [2009.04.22 06:41:29 | 00,195,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService [On_Demand | Stopped])
SRV:64bit: - [2009.04.22 06:41:29 | 00,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\umpo.dll -- (Power [Auto | Running])
SRV:64bit: - [2009.04.22 06:41:26 | 00,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\themeservice.dll -- (Themes [Auto | Running])
SRV:64bit: - [2009.04.22 06:41:20 | 00,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify [On_Demand | Stopped])
SRV:64bit: - [2009.04.22 06:41:01 | 00,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc [On_Demand | Stopped])
SRV:64bit: - [2009.04.22 06:40:58 | 00,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper [Unknown | Running])
SRV:64bit: - [2009.04.22 06:40:56 | 00,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider [On_Demand | Running])
SRV:64bit: - [2009.04.22 06:40:54 | 00,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc [On_Demand | Running])
SRV:64bit: - [2009.04.22 06:40:54 | 00,327,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc [On_Demand | Running])
SRV:64bit: - [2009.04.22 06:40:54 | 00,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg [On_Demand | Stopped])
SRV:64bit: - [2009.04.22 06:40:52 | 01,361,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\peerdistsvc.dll -- (PeerDistSvc [On_Demand | Stopped])
SRV:64bit: - [2009.04.22 06:40:14 | 01,011,200 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV:64bit: - [2009.04.22 06:40:08 | 00,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener [On_Demand | Running])
SRV:64bit: - [2009.04.22 06:39:46 | 01,126,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll -- (FontCache [On_Demand | Stopped])
SRV:64bit: - [2009.04.22 06:39:30 | 00,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp [Auto | Running])
SRV:64bit: - [2009.04.22 06:39:29 | 00,291,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc [On_Demand | Stopped])
SRV:64bit: - [2009.04.22 06:39:25 | 00,689,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cscsvc.dll -- (CscService [Auto | Running])
SRV:64bit: - [2009.04.22 06:39:08 | 00,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bthserv.dll -- (bthserv [On_Demand | Stopped])
SRV:64bit: - [2009.04.22 06:39:06 | 00,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC [Unknown | Stopped])
SRV:64bit: - [2009.04.22 06:39:03 | 00,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AxInstSV.dll -- (AxInstSV [On_Demand | Stopped])
SRV:64bit: - [2009.04.22 06:38:59 | 00,193,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt [On_Demand | Running])
SRV:64bit: - [2009.04.22 06:38:59 | 00,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc [On_Demand | Stopped])
SRV:64bit: - [2009.04.22 06:38:49 | 01,529,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])
SRV:64bit: - [2009.04.22 06:38:44 | 01,503,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbengine.exe -- (wbengine [On_Demand | Stopped])
SRV:64bit: - [2009.04.22 06:38:24 | 03,524,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc [Auto | Stopped])
SRV:64bit: - [2009.04.22 06:38:06 | 00,689,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fxssvc.exe -- (Fax [On_Demand | Stopped])
SRV - [2009.10.28 21:41:39 | 00,316,664 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service [On_Demand | Running])
SRV - [2009.09.26 22:53:43 | 00,182,768 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2009.09.18 22:32:23 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe -- (gupdate [Auto | Stopped])
SRV - [2009.04.22 08:16:44 | 00,000,000 | ---D | M] -- C:\Windows\Vss -- (VSS [On_Demand | Stopped])
SRV - [2009.04.22 08:16:43 | 00,000,000 | ---D | M] -- C:\Windows\SysWow64\Msdtc -- (MSDTC [Unknown | Stopped])
SRV - [2009.04.22 06:38:04 | 00,696,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2009.04.22 06:38:04 | 00,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2009.04.22 06:21:43 | 00,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\provsvc.dll -- (HomeGroupProvider [On_Demand | Running])
SRV - [2009.04.22 06:20:14 | 00,252,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore.dll -- (Dhcp [Auto | Running])
SRV - [2009.04.22 01:32:06 | 00,061,056 | ---- | M] () -- C:\Windows\SysWow64\Wbem\vds.mof -- (vds [On_Demand | Stopped])
SRV - [2009.04.04 21:05:06 | 00,067,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009.04.04 21:04:48 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009.04.04 21:04:26 | 00,090,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64 [On_Demand | Stopped])
SRV - [2009.04.04 21:04:14 | 00,857,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])

========== Driver Services (SafeList) ==========

DRV:64bit: - [2009.10.15 23:38:46 | 00,033,344 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\DRIVERS\hamachi.sys -- (hamachi [On_Demand | Stopped])
DRV:64bit: - [2009.09.28 16:25:27 | 00,007,808 | ---- | M] (SweetLow) -- C:\Windows\SysNative\DRIVERS\hidusbf.sys -- (hidusbf [On_Demand | Running])
DRV:64bit: - [2009.08.18 02:48:48 | 06,037,504 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag [On_Demand | Running])
DRV:64bit: - [2009.08.17 17:06:05 | 00,089,680 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP [System | Running])
DRV:64bit: - [2009.08.17 17:05:43 | 00,022,096 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\DRIVERS\aswFsBlk.sys -- (aswFsBlk [Auto | Running])
DRV:64bit: - [2009.08.17 17:05:31 | 00,065,616 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\DRIVERS\aswMonFlt.sys -- (aswMonFlt [Auto | Running])
DRV:64bit: - [2009.08.17 17:04:43 | 00,058,448 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi [System | Running])
DRV:64bit: - [2009.08.17 17:04:32 | 00,027,216 | ---- | M] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr [System | Running])
DRV:64bit: - [2009.06.01 13:50:52 | 00,033,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\point64k.sys -- (Point64 [On_Demand | Running])
DRV:64bit: - [2009.04.22 06:53:06 | 00,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\DRIVERS\amdsbs.sys -- (amdsbs [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 06:53:04 | 00,105,040 | ---- | M] (AMD) -- C:\Windows\SysNative\DRIVERS\amdsata.sys -- (amdsata [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 06:52:53 | 00,028,752 | ---- | M] (AMD) -- C:\Windows\SysNative\DRIVERS\amdxata.sys -- (amdxata [Boot | Running])
DRV:64bit: - [2009.04.22 06:48:23 | 00,153,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Drivers\ksecpkg.sys -- (KSecPkg [Boot | Running])
DRV:64bit: - [2009.04.22 06:48:16 | 00,077,904 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\DRIVERS\HpSAMD.sys -- (HpSAMD [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 06:48:15 | 00,065,616 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\DRIVERS\lsi_sas2.sys -- (LSI_SAS2 [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 06:48:14 | 00,054,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FsDepends.sys -- (FsDepends [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 06:48:11 | 00,050,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw [Boot | Running])
DRV:64bit: - [2009.04.22 06:48:04 | 00,014,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy [Boot | Running])
DRV:64bit: - [2009.04.22 06:45:33 | 00,228,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\vhdmp.sys -- (vhdmp [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 06:45:27 | 00,214,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost [Boot | Running])
DRV:64bit: - [2009.04.22 06:45:27 | 00,203,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\vmbus.sys -- (vmbus [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 06:45:25 | 00,047,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\vmstorfl.sys -- (storflt [Boot | Running])
DRV:64bit: - [2009.04.22 06:45:20 | 00,036,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\storvsc.sys -- (storvsc [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 06:45:20 | 00,024,640 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\DRIVERS\stexstor.sys -- (stexstor [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 06:45:20 | 00,022,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 06:45:19 | 00,036,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\vdrvroot.sys -- (vdrvroot [Boot | Running])
DRV:64bit: - [2009.04.22 06:45:10 | 00,458,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Drivers\cng.sys -- (CNG [Boot | Running])
DRV:64bit: - [2009.04.22 06:44:54 | 00,222,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\fvevol.sys -- (fvevol [Boot | Running])
DRV:64bit: - [2009.04.22 05:26:27 | 00,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\rdpbus.sys -- (rdpbus [On_Demand | Running])
DRV:64bit: - [2009.04.22 05:25:20 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdprefmp.sys -- (RDPREFMP [System | Running])
DRV:64bit: - [2009.04.22 05:19:00 | 00,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\AgileVpn.sys -- (RasAgileVpn [On_Demand | Running])
DRV:64bit: - [2009.04.22 05:18:10 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\wfplwf.sys -- (WfpLwf [System | Running])
DRV:64bit: - [2009.04.22 05:16:55 | 00,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\ndiscap.sys -- (NdisCap [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 05:15:56 | 00,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 05:15:43 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\1394ohci.sys -- (1394ohci [On_Demand | Running])
DRV:64bit: - [2009.04.22 05:15:37 | 00,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService [On_Demand | Running])
DRV:64bit: - [2009.04.22 05:15:28 | 00,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\umpass.sys -- (UmPass [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 05:15:18 | 00,109,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbaudio.sys -- (usbaudio [On_Demand | Running])
DRV:64bit: - [2009.04.22 05:15:08 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\WinUsb.sys -- (WinUsb [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 05:15:05 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 05:14:25 | 00,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WudfPf.sys -- (WudfPf [On_Demand | Running])
DRV:64bit: - [2009.04.22 05:10:55 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\MTConfig.sys -- (MTConfig [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 05:09:18 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\CompositeBus.sys -- (CompositeBus [On_Demand | Running])
DRV:64bit: - [2009.04.22 05:08:57 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\beep.sys -- (Beep [System | Running])
DRV:64bit: - [2009.04.22 04:59:57 | 00,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\appid.sys -- (AppID [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 04:57:24 | 00,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\scfilter.sys -- (scfilter [Unknown | Stopped])
DRV:64bit: - [2009.04.22 04:49:33 | 00,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\vms3cap.sys -- (s3cap [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 04:49:14 | 00,021,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\VMBusHID.sys -- (VMBusHID [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 04:43:33 | 00,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\discache.sys -- (discache [System | Running])
DRV:64bit: - [2009.04.22 04:34:55 | 00,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\HidBatt.sys -- (HidBatt [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 04:34:53 | 00,017,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 04:29:34 | 00,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\acpipmi.sys -- (AcpiPmi [On_Demand | Stopped])
DRV:64bit: - [2009.04.22 04:27:28 | 00,514,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\csc.sys -- (CSC [System | Running])
DRV:64bit: - [2009.04.22 04:23:12 | 00,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DRIVERS\amdppm.sys -- (AmdPPM [On_Demand | Stopped])
DRV:64bit: - [2009.03.17 05:35:14 | 00,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\DRIVERS\bxvbda.sys -- (b06bdrv [On_Demand | Stopped])
DRV:64bit: - [2009.03.06 08:43:48 | 00,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\DRIVERS\b57nd60a.sys -- (b57nd60a [On_Demand | Stopped])
DRV:64bit: - [2009.02.06 04:41:49 | 03,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\DRIVERS\evbda.sys -- (ebdrv [On_Demand | Stopped])
DRV:64bit: - [2009.01.24 05:08:24 | 00,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir [On_Demand | Stopped])
DRV:64bit: - [2009.01.08 18:26:00 | 00,408,960 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\DRIVERS\nvm62x64.sys -- (NVENETFD [On_Demand | Running])
DRV:64bit: - [2007.04.13 07:15:50 | 00,984,064 | ---- | M] (C-Media Inc) -- C:\Windows\SysNative\drivers\CM10864.sys -- (CM1083264 [On_Demand | Running])
DRV - [2009.09.14 01:27:25 | 00,000,000 | ---D | M] -- C:\Windows\CSC -- (CSC [System | Running])
DRV - [2009.04.22 06:23:43 | 00,019,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\wimmount.sys -- (WIMMount [On_Demand | Stopped])
DRV - [2009.04.22 06:22:17 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\winusb.dll -- (WinUsb [On_Demand | Stopped])
DRV - [2009.04.22 06:21:17 | 00,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\netbios.dll -- (NetBIOS [System | Running])
DRV - [2009.03.20 16:27:01 | 00,001,088 | ---- | M] () -- C:\Windows\SysWow64\Wbem\mpsdrv.mof -- (mpsdrv [On_Demand | Running])
DRV - [2009.03.20 16:21:33 | 00,003,066 | ---- | M] () -- C:\Windows\SysWow64\Wbem\tcpip.mof -- (Tcpip [Boot | Running])
DRV - [2006.10.18 20:12:46 | 00,013,632 | R--- | M] () -- C:\Windows\SysWow64\drivers\AsIO.sys -- (AsIO [System | Running])

========== Modules (SafeList) ==========

MOD - [2009.10.29 23:30:45 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Users\Cremator\Desktop\OTL.exe
MOD - [2009.04.22 06:00:58 | 01,679,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7100.0_none_d75e6751736615f2\comctl32.dll

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3161405137-1547458109-1053553780-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3161405137-1547458109-1053553780-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-3161405137-1547458109-1053553780-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.atcomet.com/b/
IE - HKU\S-1-5-21-3161405137-1547458109-1053553780-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 00 28 5C 25 35 CA 01 [binary data]
IE - HKU\S-1-5-21-3161405137-1547458109-1053553780-1001\S-1-5-21-3161405137-1547458109-1053553780-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.04.22 10:45:19 | 00,000,000 | ---D | M]


O1 HOSTS File: (824 bytes) - C:\Windows\SysNative\drivers\etc\Hosts
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-3161405137-1547458109-1053553780-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CM108Sound] C:\Windows\Syswow64\CM108.CPL (C-Media Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3161405137-1547458109-1053553780-1001..\Run: [ICQ] C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-3161405137-1547458109-1053553780-1001..\Run: [Steam] c:\program files (x86)\valve\steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-3161405137-1547458109-1053553780-1001..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/da2/PCPitStop2.cab (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8d71280f-bbd5-11de-b78b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8d71280f-bbd5-11de-b78b-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Bin\Assetup.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 7 Days ==========

[2009.10.28 00:23:32 | 00,000,000 | ---D | C] -- C:\ProgramData\PCPitstop
[2009.10.23 17:24:04 | 00,000,000 | ---D | C] -- C:\Users\Cremator\AppData\Roaming\KC Softwares
[2009.10.23 17:48:23 | 00,000,000 | ---D | C] -- C:\Users\Cremator\AppData\Roaming\Thinstall
[2009.10.23 17:48:23 | 00,000,000 | ---D | C] -- C:\Users\Cremator\AppData\Local\Thinstall
[2009.10.23 18:53:00 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2009.10.28 16:27:13 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2009.10.28 00:23:32 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\PCPitstop
[2009.10.28 19:08:36 | 00,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2009.10.29 23:30:41 | 00,521,728 | ---- | C] (OldTimer Tools) -- C:\Users\Cremator\Desktop\OTL.exe
[2009.10.28 16:39:00 | 67,906,144 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Users\Cremator\Desktop\9-10_vista64_win7_64_dd_ccc_wdm_enu.exe
[2009.10.26 15:40:53 | 00,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2009.10.24 23:32:14 | 00,000,000 | ---D | C] -- C:\Users\Cremator\Desktop\dzony
[2009.10.24 22:25:44 | 00,000,000 | ---D | C] -- C:\Users\Cremator\Desktop\screey
[2009.10.24 21:17:03 | 00,000,000 | ---D | C] -- C:\Users\Cremator\Desktop\mojeee
[2009.10.23 18:53:07 | 00,434,252 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSVCRTD.DLL
[2009.10.23 18:53:06 | 00,962,612 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42d.dll
[2009.10.23 18:39:59 | 00,000,000 | ---D | C] -- C:\hhh

========== Files - Modified Within 7 Days ==========

[2009.10.29 23:30:45 | 00,521,728 | ---- | M] (OldTimer Tools) -- C:\Users\Cremator\Desktop\OTL.exe
[2009.10.29 22:37:00 | 00,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2009.10.29 19:20:30 | 00,013,408 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2009.10.29 19:20:30 | 00,013,408 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2009.10.29 19:02:35 | 00,057,952 | ---- | M] () -- C:\Users\Cremator\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.10.29 14:53:41 | 01,445,056 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009.10.29 14:53:41 | 00,622,022 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2009.10.29 14:53:41 | 00,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009.10.29 14:53:41 | 00,118,356 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2009.10.29 14:53:41 | 00,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009.10.29 14:47:29 | 00,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2009.10.29 14:47:19 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009.10.29 14:47:12 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009.10.29 14:47:04 | 53,568,3071 | -HS- | M] () -- C:\hiberfil.sys
[2009.10.29 05:03:54 | 08,241,260 | -H-- | M] () -- C:\Users\Cremator\AppData\Local\IconCache.db
[2009.10.28 23:41:07 | 01,774,025 | ---- | M] () -- C:\Users\Cremator\Documents\mmm.wma
[2009.10.28 23:35:02 | 02,815,705 | ---- | M] () -- C:\Users\Cremator\Documents\kabat.wma
[2009.10.28 23:29:33 | 00,076,805 | ---- | M] () -- C:\Users\Cremator\Documents\Bez názvu.wma
[2009.10.28 21:32:14 | 00,275,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2009.10.28 19:08:51 | 00,002,635 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Mouse.lnk
[2009.10.28 18:13:16 | 00,007,617 | ---- | M] () -- C:\Users\Cremator\AppData\Local\Resmon.ResmonCfg
[2009.10.28 16:39:00 | 67,906,144 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Users\Cremator\Desktop\9-10_vista64_win7_64_dd_ccc_wdm_enu.exe
[2009.10.28 16:27:14 | 00,001,889 | ---- | M] () -- C:\Users\Cremator\Desktop\CCleaner.lnk
[2009.10.25 22:00:53 | 00,921,654 | ---- | M] () -- C:\Users\Cremator\Desktop\de_dust20006.bmp

========== Files - No Company Name ==========
[2009.10.28 23:41:06 | 01,774,025 | ---- | C] () -- C:\Users\Cremator\Documents\mmm.wma
[2009.10.28 23:35:02 | 02,815,705 | ---- | C] () -- C:\Users\Cremator\Documents\kabat.wma
[2009.10.28 23:29:33 | 00,076,805 | ---- | C] () -- C:\Users\Cremator\Documents\Bez názvu.wma
[2009.10.28 19:08:51 | 00,002,635 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Mouse.lnk
[2009.10.28 16:27:14 | 00,001,889 | ---- | C] () -- C:\Users\Cremator\Desktop\CCleaner.lnk
[2009.10.25 22:00:53 | 00,921,654 | ---- | C] () -- C:\Users\Cremator\Desktop\de_dust20006.bmp
[2009.10.23 18:53:04 | 00,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009.10.23 18:53:04 | 00,013,632 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009.10.19 11:49:33 | 00,007,617 | ---- | C] () -- C:\Users\Cremator\AppData\Local\Resmon.ResmonCfg
[2009.09.26 22:55:16 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.09.19 00:31:26 | 00,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2009.09.19 00:31:26 | 00,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2009.09.19 00:31:26 | 00,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2009.09.14 12:40:37 | 00,057,952 | ---- | C] () -- C:\Users\Cremator\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.09.14 11:20:00 | 00,049,152 | R--- | C] () -- C:\Windows\SysWow64\CM108rm.dll
[2009.09.14 11:19:31 | 00,002,069 | R--- | C] () -- C:\Windows\Cm108.ini.cfg
[2009.09.14 11:19:31 | 00,000,741 | ---- | C] () -- C:\Windows\Cm108.ini.imi
[2009.09.14 11:19:31 | 00,000,290 | ---- | C] () -- C:\Windows\Cm108.ini.cfl
[2009.09.14 11:19:29 | 00,002,563 | R--- | C] () -- C:\Windows\cm108.ini
[2009.09.14 02:14:12 | 08,241,260 | -H-- | C] () -- C:\Users\Cremator\AppData\Local\IconCache.db
[2009.04.22 10:08:55 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2009.04.22 10:08:55 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2009.04.22 07:37:02 | 00,000,403 | ---- | C] () -- C:\Windows\win.ini
[2009.04.22 07:37:02 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009.04.22 04:40:32 | 00,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.04.22 02:04:20 | 00,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007.01.16 08:49:22 | 00,065,536 | R--- | C] () -- C:\Windows\VMix.dll
[2006.10.11 04:33:58 | 00,010,288 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2005.10.14 10:56:50 | 03,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2005.10.14 10:56:50 | 00,921,600 | ---- | C] () -- C:\Windows\SysWow64\VorbisEnc.dll
[2005.10.14 10:56:50 | 00,761,856 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2005.10.14 10:56:50 | 00,344,064 | ---- | C] () -- C:\Windows\SysWow64\xvid.dll
[2005.10.14 10:56:50 | 00,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll
[2005.10.14 10:56:50 | 00,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll
[2005.10.14 10:56:50 | 00,045,056 | ---- | C] () -- C:\Windows\SysWow64\ogg.dll
[2005.10.14 10:56:48 | 00,077,824 | ---- | C] () -- C:\Windows\SysWow64\MMSwitch.dll

========== LOP Check ==========

[2009.10.24 06:32:31 | 00,000,000 | ---D | M] -- C:\Users\Cremator\AppData\Roaming
[2009.09.15 16:53:04 | 00,000,000 | ---D | M] -- C:\Users\Cremator\AppData\Roaming\ATI
[2009.10.18 12:30:51 | 00,000,000 | ---D | M] -- C:\Users\Cremator\AppData\Roaming\Hamachi
[2009.09.14 12:27:20 | 00,000,000 | ---D | M] -- C:\Users\Cremator\AppData\Roaming\ICQ
[2009.10.23 17:24:04 | 00,000,000 | ---D | M] -- C:\Users\Cremator\AppData\Roaming\KC Softwares
[2009.04.22 13:34:59 | 00,000,000 | ---D | M] -- C:\Users\Cremator\AppData\Roaming\Media Center Programs
[2009.10.01 10:57:32 | 00,000,000 | ---D | M] -- C:\Users\Cremator\AppData\Roaming\Mumble
[2009.10.23 17:48:23 | 00,000,000 | ---D | M] -- C:\Users\Cremator\AppData\Roaming\Thinstall
[2009.09.14 10:58:50 | 00,000,000 | ---D | M] -- C:\Users\Cremator\AppData\Roaming\Ventrilo
[2009.04.22 13:34:59 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming
[2009.04.22 13:34:59 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Media Center Programs
[2009.04.22 13:34:59 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming
[2009.04.22 13:34:59 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Media Center Programs
[2009.10.29 14:47:29 | 00,000,898 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2009.10.29 22:37:00 | 00,000,902 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2009.10.29 14:47:19 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009.04.22 10:23:15 | 00,032,196 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========
Nahoru
Crema
Level 1
Level 1
Příspěvky: 76
Registrován: březen 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod Crema » 30 říj 2009 16:43

prosim nekdo kdo se vyzna v tim OTL a poradil me co ted stim
Nahoru
pitimir
Level 3.5
Level 3.5
Příspěvky: 850
Registrován: srpen 09
Pohlaví: Muž
Stav:
Offline

Re: prosim o kontrolu logu

Příspěvekod pitimir » 31 říj 2009 16:06

Log je OK.
Docistime to:

  • Stiahni OTC. Spust, klik na "CleanUp", potvrd okna a restart.
  • Pouzi TFC (spust program a klikni na "Start". Pozor, PC moze byt restartovane).

A hotovo.
Nemam rad amaterizmus...

A adresat odkazu to vie :)
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 49 hostů