Prosím o kontrolu systému

sima · Příspěvekod **sima** » 26 čer 2010 19:23

Prosím o kontrolu PC,operační systém mi hlásí chybu přestože jsem všechna data zálohovala a systém nechala obnovit do počátečního stavu. OS Win XP. I druhý notebook, kde jsem data přestěhovala (Win7) mi včera nečekaně ukončil práci a restartoval. Mám strach, že je problém v obou :mad:

Reklama

guest · Příspěvekod **guest** » 26 čer 2010 19:25

To sem ale musíš vložit log z HijackThis, jinak chlapi nemají co kontrolovat.

// chlapi i jedna dáma!!! pozn. jaro3

sima · Příspěvekod **sima** » 26 čer 2010 19:42

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:41:48, on 26.6.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\BUtilityBar\BisonBar.exe
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\DOCUME~1\Sima\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [BisonBar] C:\WINDOWS\BUtilityBar\BisonBar.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 9549 bytes

guest · Příspěvekod **guest** » 26 čer 2010 19:44

Blue Spirit píše:To sem ale musíš vložit log z HijackThis, jinak chlapi nemají co kontrolovat.

// chlapi i jedna dáma!!! pozn. jaro3

Já vím bledulka, nějak jsem nevzpoměl.

sima · Příspěvekod **sima** » 26 čer 2010 21:17

prosím, mohu dostat vyjádření k tomu logu? Děkuji :-)

bledulka · Příspěvekod **bledulka** » 26 čer 2010 22:16

Ahoj,
tento log vypadá ok, ale poprosím Tě o jiný, podrobnější.
Můžeš mi napsat, jakou chybu Ti to hlásí?

Stáhni OTL
http://oldtimer.geekstogo.com/OTL.exe
-do spodního okénka vlož tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c

-dej fajfku do čtverečku u řádku Pro všechny uživatele
-nech ostatní položky jak je nastaveno na screenu
- potvrď tlačítko Prohledat.
-provede se sken, log OTL.Txt sem vlož

sima · Příspěvekod **sima** » 26 čer 2010 22:35

OTL logfile created on: 26.6.2010 22:24:31 - Run 1
OTL by OldTimer - Version 3.2.7.0 Folder = C:\Documents and Settings\Sima\Plocha
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 630,00 Mb Available Physical Memory | 62,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 53,68 Gb Total Space | 46,52 Gb Free Space | 86,67% Space Free | Partition Type: FAT32
Drive D: | 54,18 Gb Total Space | 54,18 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: ACER-1F5ADAF30F
Current User Name: Sima
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.06.26 22:23:32 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sima\Plocha\OTL.exe
PRC - [2010.03.25 18:42:36 | 000,388,096 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
PRC - [2006.09.08 11:49:56 | 000,245,760 | ---- | M] () -- C:\WINDOWS\BUtilityBar\BisonBar.exe
PRC - [2006.08.30 13:45:26 | 001,119,888 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
PRC - [2006.08.30 13:33:40 | 000,208,896 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\Sima\Local Settings\Temp\RtkBtMnt.exe
PRC - [2006.08.08 14:15:14 | 000,634,880 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\LManager.exe
PRC - [2006.07.18 11:37:30 | 000,438,272 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2006.06.28 17:01:32 | 000,520,192 | ---- | M] () -- C:\Acer\Empowering Technology\eLock\LockServ.exe
PRC - [2006.06.28 12:24:30 | 000,348,160 | ---- | M] ( ) -- C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
PRC - [2006.06.07 20:18:12 | 000,208,896 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
PRC - [2006.06.01 14:40:54 | 000,413,696 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
PRC - [2006.05.11 15:22:48 | 000,028,672 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
PRC - [2006.04.27 12:10:30 | 000,254,050 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
PRC - [2006.04.27 12:10:30 | 000,114,784 | ---- | M] () -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
PRC - [2006.04.27 12:10:10 | 000,151,552 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer\Acer Arcade\PCMService.exe
PRC - [2006.04.27 12:09:50 | 001,077,376 | ---- | M] (Cyberlink) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
PRC - [2006.04.27 12:09:50 | 000,061,440 | ---- | M] (Cyberlink) -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
PRC - [2006.03.17 15:00:50 | 000,345,088 | ---- | M] (HiTRUST) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
PRC - [2005.10.22 01:34:42 | 000,046,704 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
PRC - [2005.10.22 01:34:18 | 000,133,744 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton AntiVirus\navapsvc.exe
PRC - [2005.09.25 07:10:56 | 000,749,696 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
PRC - [2005.09.20 02:24:20 | 000,214,672 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
PRC - [2005.09.17 15:27:12 | 000,169,584 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
PRC - [2005.09.17 15:27:06 | 000,192,112 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
PRC - [2005.09.17 15:27:02 | 000,052,848 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2005.09.16 07:21:14 | 001,160,800 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
PRC - [2004.12.14 04:44:30 | 000,065,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
PRC - [2004.08.18 05:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2010.06.26 22:23:32 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sima\Plocha\OTL.exe
MOD - [2006.03.17 14:59:44 | 000,176,128 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\sysenv.dll
MOD - [2006.03.08 17:11:40 | 000,022,016 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\MSNChatHook.dll
MOD - [2006.03.06 21:25:40 | 000,199,168 | ---- | M] (HiTRUST) -- C:\WINDOWS\system32\CryptoAPI.dll
MOD - [2006.02.22 11:19:46 | 001,047,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\MFC71u.dll
MOD - [2005.10.11 13:18:54 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePower\SysHook.dll
MOD - [2004.08.18 05:00:00 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
MOD - [2004.08.18 05:00:00 | 001,028,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42.dll
MOD - [2004.08.18 05:00:00 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2004.08.18 05:00:00 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004.08.18 05:00:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2003.03.18 20:14:50 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
MOD - [2003.02.21 05:42:20 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll

========== Win32 Services (SafeList) ==========

SRV - [2006.08.30 13:45:26 | 001,119,888 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006.06.28 17:01:32 | 000,520,192 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\eLock\LockServ.exe -- (LockServ)
SRV - [2006.05.11 15:22:48 | 000,028,672 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2006.04.27 12:10:30 | 000,254,050 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2006.04.27 12:10:30 | 000,114,784 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2006.04.27 12:09:50 | 000,061,440 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005.11.14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005.10.22 01:34:42 | 000,046,704 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe -- (NPFMntor)
SRV - [2005.10.22 01:34:18 | 000,133,744 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton AntiVirus\navapsvc.exe -- (navapsvc)
SRV - [2005.09.25 07:10:56 | 000,749,696 | ---- | M] (Symantec Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE -- (NSCService)
SRV - [2005.09.20 02:24:20 | 000,214,672 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
SRV - [2005.09.17 15:27:12 | 000,169,584 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe -- (ccSetMgr)
SRV - [2005.09.17 15:27:06 | 000,192,112 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe -- (ccEvtMgr)
SRV - [2005.09.16 07:21:14 | 001,160,800 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe -- (SPBBCSvc)
SRV - [2005.08.27 05:22:48 | 000,198,368 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Norton AntiVirus\SAVScan.exe -- (SAVScan)

========== Driver Services (SafeList) ==========

DRV - [2006.08.30 13:45:26 | 000,010,344 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\symlcbrd.sys -- (symlcbrd)
DRV - [2006.08.30 13:35:44 | 000,006,144 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2006.07.24 02:15:04 | 004,353,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.07.20 20:58:00 | 003,685,152 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006.06.30 10:40:40 | 000,775,936 | ---- | M] (Bison Electronics. Inc. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BisonCam.sys -- (Cam5603D)
DRV - [2006.06.08 17:54:24 | 000,017,664 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2BurnerLockDriver.sys -- (eLock2BurnerLockDriver)
DRV - [2006.06.06 18:36:30 | 000,090,112 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\eLock2FSCTLDriver.sys -- (eLock2FSCTLDriver)
DRV - [2006.06.02 13:59:54 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\TVicPort.sys -- (tvicport)
DRV - [2006.06.02 13:59:52 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\zntport.sys -- (zntport)
DRV - [2006.06.02 13:59:50 | 000,069,632 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\int15.sys -- (int15)
DRV - [2006.05.25 04:40:58 | 000,193,088 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2006.05.17 18:32:38 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2006.05.10 12:22:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.04.07 20:17:34 | 000,012,288 | ---- | M] (HiTRUST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psdfilter.sys -- (psdfilter)
DRV - [2006.03.08 17:10:52 | 000,060,416 | ---- | M] (HiTRUST) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psdvdisk.sys -- (psdvdisk)
DRV - [2006.03.07 05:49:36 | 000,011,136 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2006.03.04 06:31:04 | 000,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006.03.04 06:31:02 | 000,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2006.01.27 15:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2006.01.20 14:42:38 | 000,017,408 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DKbFltr.SYS -- (DKbFltr)
DRV - [2006.01.13 01:20:54 | 000,008,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EPINDD.SYS -- (epindd)
DRV - [2005.10.24 10:20:52 | 000,218,496 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005.10.18 16:53:24 | 000,998,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.10.18 16:52:30 | 000,721,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.10.12 16:00:00 | 000,667,352 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20051012.006\NAVEX15.SYS -- (NAVEX15)
DRV - [2005.10.12 16:00:00 | 000,077,816 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20051012.006\NAVENG.SYS -- (NAVENG)
DRV - [2005.09.20 02:23:52 | 000,196,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2005.09.20 02:23:48 | 000,024,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2005.09.20 02:23:40 | 000,031,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2005.09.20 02:23:36 | 000,027,792 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2005.09.20 02:23:32 | 000,109,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2005.09.20 02:23:26 | 000,012,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2005.09.17 15:20:06 | 000,108,168 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2005.09.16 07:21:14 | 000,389,728 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2005.09.02 10:07:36 | 000,199,408 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\SymcData\ids-diskless\20050901.036\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2005.08.27 05:22:50 | 000,053,896 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Norton AntiVirus\Savrtpel.sys -- (SAVRTPEL)
DRV - [2005.08.27 05:22:48 | 000,334,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Norton AntiVirus\savrt.sys -- (SAVRT)
DRV - [2005.01.13 14:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)
DRV - [2005.01.10 15:47:14 | 000,449,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.12.17 02:14:44 | 000,013,952 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2004.08.03 23:07:44 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2004.08.03 23:07:44 | 000,041,088 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2004.08.03 23:00:52 | 000,028,672 | ---- | M] (National Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nscirda.sys -- (NSCIRDA)
DRV - [2001.10.24 11:54:40 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
DRV - [2001.08.17 22:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001.08.17 22:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001.08.17 22:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001.08.17 22:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001.08.17 22:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001.08.17 21:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001.08.17 21:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001.08.17 21:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001.08.17 21:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001.08.17 21:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001.08.17 21:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001.08.17 21:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001.08.17 21:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001.08.17 21:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3531743834-2746139219-4077932126-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
IE - HKU\S-1-5-21-3531743834-2746139219-4077932126-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://global.acer.com/
IE - HKU\S-1-5-21-3531743834-2746139219-4077932126-1006\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-3531743834-2746139219-4077932126-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://global.acer.com/"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.26 21:02:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.06.26 21:02:58 | 000,000,000 | ---D | M]

[2010.06.26 21:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sima\Data aplikací\Mozilla\Extensions
[2010.06.26 21:03:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sima\Data aplikací\Mozilla\Firefox\Profiles\v5xqao8l.default\extensions
[2010.06.26 21:02:58 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.01.16 02:50:40 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.01.16 02:50:40 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.01.16 02:50:40 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.01.16 02:50:40 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.01.16 02:50:40 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2004.08.18 05:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (CNavExtBho Class) - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-3531743834-2746139219-4077932126-1006\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKU\S-1-5-21-3531743834-2746139219-4077932126-1006\..\Toolbar\ShellBrowser: (Norton AntiVirus) - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-3531743834-2746139219-4077932126-1006\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe (Acer Inc.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [BisonBar] C:\WINDOWS\BUtilityBar\BisonBar.exe ()
O4 - HKLM..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe ()
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe (HiTRUST)
O4 - HKLM..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe ( )
O4 - HKLM..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe ()
O4 - HKLM..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe (Acer Inc.)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Acer\Acer Arcade\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [preload] C:\WINDOWS\RUNXMLPL.EXE (Wistron)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe (Acer Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3531743834-2746139219-4077932126-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.84.132.6 62.84.128.6
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Acertx.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Acertx.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004.09.17 11:58:54 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - File not found
Drivers32: msacm.mkdmp3enc - C:\PROGRA~1\Acer\ACERAR~1\Kernel\Burner\MKDMP3Enc.ACM File not found
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)

========== Files/Folders - Created Within 30 Days ==========

[2010.06.26 22:23:59 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sima\Plocha\OTL.exe
[2010.06.26 22:08:44 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\Sima\Plocha\ATF-Cleaner.exe
[2010.06.26 21:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sima\Local Settings\Data aplikací\Mozilla
[2010.06.26 21:03:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sima\Data aplikací\Mozilla
[2010.06.26 21:02:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010.06.26 19:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.06.26 19:39:03 | 000,000,000 | -HSD | C] -- C:\Recycled
[2010.06.25 21:27:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sima\Data aplikací\AdobeUM
[2010.06.25 21:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sima\Local Settings\Data aplikací\Adobe
[2010.06.25 21:27:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sima\Data aplikací\Adobe
[2010.06.25 21:26:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Yahoo! Companion
[2010.06.25 21:13:33 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2010.06.25 21:13:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Snapshot
[2010.06.25 21:13:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\BUtilityBar
[2010.06.25 21:10:17 | 000,014,544 | ---- | C] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\TVicPort.sys
[2010.06.25 21:10:17 | 000,008,704 | ---- | C] (EnTech Taiwan) -- C:\WINDOWS\System32\drivers\TVicPort64.sys
[2010.06.25 21:10:16 | 000,006,144 | ---- | C] (Zeal SoftStudio) -- C:\WINDOWS\System32\drivers\zntport64.sys
[2010.06.25 21:10:16 | 000,006,080 | ---- | C] (Zeal SoftStudio) -- C:\WINDOWS\System32\drivers\zntport.sys
[2010.06.25 21:09:40 | 001,168,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ERUpdateHidden.EXE
[2010.06.25 21:09:40 | 000,258,048 | ---- | C] (Acer Inc.) -- C:\WINDOWS\System32\Uninstall_eRecovery.exe
[2010.06.25 21:09:40 | 000,258,048 | ---- | C] (Acer Inc.) -- C:\WINDOWS\System32\CheckD2DSystem.exe
[2010.06.25 21:09:40 | 000,159,744 | ---- | C] (acer inc.) -- C:\WINDOWS\System32\CloseProcessWindow.dll
[2010.06.25 21:09:40 | 000,016,384 | ---- | C] ( ) -- C:\WINDOWS\System32\ClearEvent.exe
[2010.06.25 21:08:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2010.06.25 21:07:31 | 000,090,112 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\eLock2FSCTLDriver.sys
[2010.06.25 21:07:31 | 000,017,664 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\WINDOWS\System32\eLock2BurnerLockDriver.sys
[2010.06.25 21:06:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sima\Dokumenty\Symantec
[2010.06.25 21:05:58 | 000,078,208 | ---- | C] (Acer Value Labs, USA) -- C:\WINDOWS\System32\drivers\epm-shd.sys
[2010.06.25 21:05:58 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acpimof.dll
[2010.06.25 21:05:58 | 000,045,056 | ---- | C] (Acer Labs USA) -- C:\WINDOWS\System32\Epm-Po.dll
[2010.06.25 21:05:58 | 000,004,096 | ---- | C] (Acer Value Labs, USA) -- C:\WINDOWS\System32\drivers\epm-psd.sys
[2010.06.25 21:04:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sima\Local Settings\Data aplikací\Acer Arcade
[2010.06.25 21:04:31 | 000,221,215 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\System32\Divxdec.ax
[2010.06.25 21:04:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\CyberLink
[2010.06.25 21:04:04 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4r.dll
[2010.06.25 21:04:04 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml4a.dll
[2010.06.25 21:03:30 | 000,000,000 | ---D | C] -- C:\Program Files\Acer
[2010.06.25 21:03:09 | 000,000,000 | ---D | C] -- C:\Program Files\Launch Manager
[2010.06.25 21:03:08 | 000,147,456 | ---- | C] (Dritek System Inc.) -- C:\WINDOWS\UNINST32.EXE
[2010.06.25 21:03:07 | 000,017,408 | ---- | C] (Dritek System Inc.) -- C:\WINDOWS\System32\drivers\DKbFltr.SYS
[2010.06.25 21:03:07 | 000,005,120 | ---- | C] (Dritek System Inc.) -- C:\WINDOWS\System32\FILTRCOI.DLL
[2010.06.25 21:02:46 | 000,069,632 | ---- | C] (Acer Inc.) -- C:\WINDOWS\System32\eRecUtil.dll
[2010.06.25 21:02:43 | 000,602,112 | ---- | C] (acer inc.) -- C:\WINDOWS\System32\Acer.Empowering.Windows.Forms.dll
[2010.06.25 21:02:42 | 000,602,112 | ---- | C] (acer inc.) -- C:\WINDOWS\System32\Acer.Empowering.Windows.Forms_v820.dll
[2010.06.25 21:02:42 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2010.06.25 21:02:42 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
[2010.06.25 21:02:33 | 000,000,000 | ---D | C] -- C:\Acer
[2010.06.25 21:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\CyberLink
[2010.06.25 21:01:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2010.06.25 21:00:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Options
[2010.06.25 21:00:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sima\Data aplikací\Macromedia
[2010.06.25 21:00:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Acer
[2010.06.25 20:59:12 | 000,208,896 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvuide.exe
[2010.06.25 20:58:40 | 000,008,448 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\EPINDD.SYS
[2010.06.25 20:58:32 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Sima\Data aplikací\Microsoft
[2010.06.25 20:58:32 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Sima\Cookies
[2010.06.25 20:58:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sima\SendTo
[2010.06.25 20:58:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sima\Recent
[2010.06.25 20:58:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Sima\Data aplikací
[2010.06.25 20:58:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sima\Dokumenty\Obrázky
[2010.06.25 20:58:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sima\Oblíbené položky
[2010.06.25 20:58:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sima\Dokumenty\Hudba
[2010.06.25 20:58:32 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sima\Dokumenty
[2010.06.25 20:58:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sima\Okolní tiskárny
[2010.06.25 20:58:32 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sima\Okolní síť
[2010.06.25 20:58:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sima\Data aplikací\Symantec
[2010.06.25 20:58:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sima\Plocha
[2010.06.25 20:58:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sima\Data aplikací\Identities
[2010.06.25 20:58:31 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Sima\Nabídka Start
[2010.06.25 20:58:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sima\Šablony
[2010.06.25 20:58:31 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Sima\Local Settings
[2010.06.25 20:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sima\Local Settings\Data aplikací\Microsoft
[2010.06.25 20:58:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sima\Local Settings\Data aplikací\ApplicationHistory
[2010.06.25 20:55:12 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2010.06.25 20:54:51 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2010.06.25 20:54:51 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2010.06.25 20:54:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2010.06.25 20:54:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\BisonCam
[2010.06.25 20:54:50 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2010.06.25 20:54:50 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2010.06.25 20:53:22 | 000,775,936 | ---- | C] (Bison Electronics. Inc. ) -- C:\WINDOWS\System32\drivers\BisonCam.sys
[2010.06.25 20:53:22 | 000,077,942 | ---- | C] (Bison Inc.) -- C:\WINDOWS\System32\BisonRem.dll
[2010.06.25 20:52:33 | 000,290,304 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\idecoiins.dll
[2010.06.25 20:52:33 | 000,290,304 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\idecoi.dll
[2010.06.25 20:52:33 | 000,099,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nvata.sys
[2010.06.25 20:52:33 | 000,035,840 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\NVCOI.DLL
[2010.06.25 20:52:29 | 000,167,936 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrszht.dll
[2010.06.25 20:52:29 | 000,163,840 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrszhc.dll
[2010.06.25 20:52:28 | 000,335,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrses.dll
[2010.06.25 20:52:28 | 000,327,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsfr.dll
[2010.06.25 20:52:28 | 000,323,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrspt.dll
[2010.06.25 20:52:28 | 000,323,584 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsit.dll
[2010.06.25 20:52:28 | 000,319,488 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsptb.dll
[2010.06.25 20:52:28 | 000,319,488 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsnl.dll
[2010.06.25 20:52:28 | 000,315,392 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsru.dll
[2010.06.25 20:52:28 | 000,311,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsde.dll
[2010.06.25 20:52:28 | 000,303,104 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrstr.dll
[2010.06.25 20:52:28 | 000,303,104 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsfi.dll
[2010.06.25 20:52:28 | 000,299,008 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsno.dll
[2010.06.25 20:52:28 | 000,294,912 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrssv.dll
[2010.06.25 20:52:28 | 000,294,912 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsda.dll
[2010.06.25 20:52:28 | 000,286,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrseng.dll
[2010.06.25 20:52:28 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsar.dll
[2010.06.25 20:52:28 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrshe.dll
[2010.06.25 20:52:28 | 000,212,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsja.dll
[2010.06.25 20:52:28 | 000,196,608 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvwrsko.dll
[2010.06.25 20:52:27 | 000,327,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrshe.dll
[2010.06.25 20:52:27 | 000,327,680 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsar.dll
[2010.06.25 20:52:27 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfr.dll
[2010.06.25 20:52:27 | 000,282,624 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrses.dll
[2010.06.25 20:52:27 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsit.dll
[2010.06.25 20:52:27 | 000,278,528 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsde.dll
[2010.06.25 20:52:27 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrspt.dll
[2010.06.25 20:52:27 | 000,270,336 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsnl.dll
[2010.06.25 20:52:27 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsru.dll
[2010.06.25 20:52:27 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsptb.dll
[2010.06.25 20:52:27 | 000,266,240 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsja.dll
[2010.06.25 20:52:27 | 000,262,144 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsko.dll
[2010.06.25 20:52:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrstr.dll
[2010.06.25 20:52:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrssv.dll
[2010.06.25 20:52:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsno.dll
[2010.06.25 20:52:27 | 000,253,952 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsda.dll
[2010.06.25 20:52:27 | 000,245,760 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrsfi.dll
[2010.06.25 20:52:27 | 000,245,760 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrseng.dll
[2010.06.25 20:52:27 | 000,221,184 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszhc.dll
[2010.06.25 20:52:27 | 000,122,880 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvrszht.dll
[2010.06.25 20:52:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\80211GI
[2010.06.25 20:52:22 | 000,000,000 | -HSD | C] -- C:\system volume information
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.06.26 22:28:44 | 001,048,576 | -H-- | M] () -- C:\Documents and Settings\Sima\NTUSER.DAT
[2010.06.26 22:23:32 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sima\Plocha\OTL.exe
[2010.06.26 21:13:08 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\Sima\Plocha\ATF-Cleaner.exe
[2010.06.26 21:03:06 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsreg.dat
[2010.06.26 21:03:00 | 000,001,510 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2010.06.26 19:41:40 | 000,002,439 | ---- | M] () -- C:\Documents and Settings\Sima\Plocha\HiJackThis.lnk
[2010.06.26 19:14:54 | 000,000,096 | ---- | M] () -- C:\WINDOWS\ComponentList.xml
[2010.06.26 19:14:52 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.06.26 19:14:30 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.06.26 19:14:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.06.26 19:14:12 | 1072,345,088 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.25 21:35:00 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Sima\ntuser.ini
[2010.06.25 21:34:52 | 000,888,948 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.25 21:34:52 | 000,382,026 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.25 21:34:52 | 000,381,126 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.06.25 21:34:52 | 000,063,172 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.06.25 21:34:52 | 000,053,770 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.06.25 21:34:44 | 003,341,936 | -H-- | M] () -- C:\Documents and Settings\Sima\Local Settings\Data aplikací\IconCache.db
[2010.06.25 21:13:56 | 000,000,169 | ---- | M] () -- C:\WINDOWS\User.xml
[2010.06.25 21:11:42 | 000,174,672 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.06.25 21:07:00 | 000,000,364 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2010.06.25 21:06:58 | 000,001,827 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Norton AntiVirus.lnk
[2010.06.25 21:06:54 | 000,000,522 | ---- | M] () -- C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Sima.job
[2010.06.25 21:06:24 | 000,000,092 | ---- | M] () -- C:\WINDOWS\GridV.UNI
[2010.06.25 21:06:24 | 000,000,000 | ---- | M] () -- C:\WINDOWS\setup.INI
[2010.06.25 21:06:16 | 000,034,232 | ---- | M] () -- C:\Documents and Settings\Sima\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.06.25 21:04:32 | 000,001,631 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Acer Arcade.lnk
[2010.06.25 21:03:12 | 000,000,083 | ---- | M] () -- C:\WINDOWS\LManager.UNI
[2010.06.25 21:02:42 | 000,001,585 | ---- | M] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk
[2010.06.25 21:02:40 | 000,000,124 | ---- | M] () -- C:\Documents and Settings\Sima\Local Settings\Data aplikací\fusioncache.dat
[2010.06.25 21:02:34 | 000,001,573 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Empowering Technology.lnk
[2010.06.25 21:01:54 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CyberLink PowerProducer.lnk
[2010.06.25 21:00:52 | 000,000,427 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Acer OrbiCam.lnk
[2010.06.25 21:00:04 | 000,001,169 | ---- | M] () -- C:\WINDOWS\YAHOOTBR.cfg
[2010.06.25 20:59:18 | 000,000,694 | ---- | M] () -- C:\Documents and Settings\Sima\Plocha\Windows Media Player.lnk
[2010.06.25 20:58:30 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.06.25 20:57:36 | 000,000,555 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2010.06.25 20:57:34 | 000,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2010.06.25 20:57:32 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2010.06.25 20:55:30 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.06.26 21:03:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.06.26 21:02:59 | 000,001,510 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2010.06.26 19:41:32 | 000,002,439 | ---- | C] () -- C:\Documents and Settings\Sima\Plocha\HiJackThis.lnk
[2010.06.25 21:10:16 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15.sys
[2010.06.25 21:10:16 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\drivers\int15_64.sys
[2010.06.25 21:09:40 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\setup.iss
[2010.06.25 21:07:31 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\cdinfo.exe
[2010.06.25 21:07:31 | 000,000,338 | ---- | C] () -- C:\WINDOWS\System32\ETF.resources
[2010.06.25 21:06:51 | 000,000,522 | ---- | C] () -- C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Sima.job
[2010.06.25 21:06:23 | 000,000,092 | ---- | C] () -- C:\WINDOWS\GridV.UNI
[2010.06.25 21:06:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\setup.INI
[2010.06.25 21:04:31 | 000,001,631 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Acer Arcade.lnk
[2010.06.25 21:03:11 | 000,000,083 | ---- | C] () -- C:\WINDOWS\LManager.UNI
[2010.06.25 21:02:43 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2010.06.25 21:02:41 | 000,001,585 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Acer Empowering Technology.lnk
[2010.06.25 21:02:33 | 000,001,573 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Empowering Technology.lnk
[2010.06.25 21:01:53 | 000,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CyberLink PowerProducer.lnk
[2010.06.25 21:00:51 | 000,000,427 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Acer OrbiCam.lnk
[2010.06.25 21:00:23 | 000,051,244 | ---- | C] () -- C:\WINDOWS\System32\nvapps.nvb
[2010.06.25 21:00:02 | 001,154,584 | ---- | C] () -- C:\WINDOWS\YTB.exe
[2010.06.25 21:00:02 | 000,001,169 | ---- | C] () -- C:\WINDOWS\YAHOOTBR.cfg
[2010.06.25 20:59:17 | 000,000,694 | ---- | C] () -- C:\Documents and Settings\Sima\Plocha\Windows Media Player.lnk
[2010.06.25 20:59:12 | 000,001,570 | ---- | C] () -- C:\WINDOWS\System32\nvide.nvu
[2010.06.25 20:58:32 | 000,014,604 | ---- | C] () -- C:\Documents and Settings\Sima\launApp.log
[2010.06.25 20:58:32 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\Sima\Local Settings\Data aplikací\fusioncache.dat
[2010.06.25 20:58:31 | 001,048,576 | -H-- | C] () -- C:\Documents and Settings\Sima\NTUSER.DAT
[2010.06.25 20:58:31 | 000,016,384 | -H-- | C] () -- C:\Documents and Settings\Sima\ntuser.dat.LOG
[2010.06.25 20:58:31 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\Sima\ntuser.ini
[2010.06.25 20:58:18 | 1072,345,088 | -HS- | C] () -- C:\hiberfil.sys
[2010.06.25 20:57:32 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2010.06.25 20:57:32 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\NTUSER.DAT.LOG
[2010.06.25 20:55:29 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010.06.25 20:53:24 | 000,000,728 | ---- | C] () -- C:\Patch.rev
[2010.06.25 20:53:22 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System\StillDrv.dll
[2010.06.25 20:53:22 | 000,126,976 | ---- | C] () -- C:\WINDOWS\System\BisonCam.dll
[2010.06.25 20:53:22 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System\BisonVfw.dll
[2010.06.25 20:53:22 | 000,015,190 | ---- | C] () -- C:\WINDOWS\M2000Twn.ini
[2010.06.25 20:53:22 | 000,013,448 | ---- | C] () -- C:\WINDOWS\M2000Twn.src
[2010.06.25 20:53:22 | 000,002,264 | ---- | C] () -- C:\WINDOWS\System\S20H0220.csr
[2010.06.25 20:53:22 | 000,002,264 | ---- | C] () -- C:\WINDOWS\System\S20F0220.csr
[2006.08.30 14:24:14 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.08.30 13:36:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006.08.30 13:35:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2006.08.30 13:35:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2006.08.30 13:35:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2006.08.30 13:35:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2006.07.21 17:40:08 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.07.20 05:58:00 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.07.20 05:58:00 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.07.20 05:58:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.07.20 05:58:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.07.20 05:58:00 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006.04.12 14:08:36 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\InstallCheck.dll
[2006.03.10 14:18:16 | 000,036,404 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2006.03.08 17:19:28 | 001,421,824 | ---- | C] () -- C:\WINDOWS\System32\UIVCL.dll
[2006.03.08 17:11:30 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll
[2005.12.15 13:30:40 | 000,204,800 | ---- | C] () -- C:\WINDOWS\Capsule.dll
[2005.12.14 20:59:52 | 000,000,038 | ---- | C] () -- C:\WINDOWS\Acer.ini
[2005.11.10 11:27:42 | 000,003,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\WINIO.sys
[2004.12.17 02:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004.08.18 05:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2004.08.18 05:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004.08.18 05:00:00 | 000,003,568 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003.11.24 15:55:48 | 000,743,424 | ---- | C] () -- C:\WINDOWS\libxml2.dll
[2003.11.24 15:55:32 | 000,872,448 | ---- | C] () -- C:\WINDOWS\iconv.dll
[2001.12.26 16:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001.09.03 23:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001.07.30 16:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001.07.23 22:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.18 05:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2004.08.17 15:58:18 | 001,667,584 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< MD5 for: AGP440.SYS >
[2004.08.18 05:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\I386\sp2.cab:AGP440.sys
[2004.08.18 05:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\dllcache\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\AGP440.SYS

< MD5 for: ATAPI.SYS >
[2004.08.18 05:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\I386\sp2.cab:atapi.sys
[2004.08.18 05:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004.08.18 07:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.18 05:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2004.08.18 05:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.18 05:00:00 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.18 05:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\I386\sp2.cab:hal.dll
[2004.08.18 05:00:00 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2005.09.29 01:35:26 | 000,134,272 | ---- | M] (Microsoft Corporation) MD5=A3961B9456DE472D2F152C9DE950FFA5 -- C:\WINDOWS\system32\HAL.DLL
[2004.08.03 22:59:14 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=DFCE51FD96909D1B97D4A1A72D060D77 -- C:\WINDOWS\$NtUninstallKB896256$\hal.dll

< MD5 for: LSASS.EXE >
[2004.08.18 07:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.18 05:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2004.08.18 05:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.18 05:00:00 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.18 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.18 05:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATA.SYS >
[2006.01.27 15:04:16 | 000,099,584 | ---- | M] (NVIDIA Corporation) MD5=3AC5EEDD35B7437D53960F3998BFA462 -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: SCECLI.DLL >
[2004.08.18 07:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.18 05:00:00 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.18 07:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.18 05:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2004.08.18 05:00:00 | 000,481,792 | ---- | M] (Microsoft Corporation) MD5=CB56F803D2CAF6B3F32E82D2F73F4B3A -- C:\I386\SYSTEM32\SMSS.EXE

< MD5 for: SVCHOST.EXE >
[2004.08.18 07:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.18 05:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2004.08.18 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.18 05:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.18 07:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.18 05:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.18 07:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.18 05:00:00 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2004.08.18 05:00:00 | 000,357,888 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2006.01.09 20:08:42 | 000,205,312 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[2004.08.18 05:00:00 | 001,392,671 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\msvbvm60.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< >
< End of report >

Napsal jen, že přerušil práci Windows, aby nedošlo k poškození... po vypnutí "natvrdo" provedl kontrolu disků a naběhl. Já už mám ale obavy, ... chci se ještě zeptat, když jsem NOD32 vyměnila za AVG, nemělo by to mít na nic vliv, že?

bledulka · Příspěvekod **bledulka** » 26 čer 2010 22:51

Otestuj na http://www.virustotal.com

C:\WINDOWS\system32\sysenv.dll
C:\WINDOWS\system32\MSNChatHook.dll
C:\WINDOWS\system32\CryptoAPI.dll
C:\WINDOWS\System32\Interop.Shell32.dll
C:\WINDOWS\System32\SysMonitor.exe
C:\WINDOWS\YTB.exe
C:\Patch.rev
C:\WINDOWS\smscfg.ini
C:\WINDOWS\system32\dxtmsft.dll
C:\WINDOWS\system32\dxtrans.dll
C:\WINDOWS\system32\msvbvm60.dll

-Do okénka zkopíruj cestu k souboru , pokud napíše, že soubor byl už testován, dej otestovat znovu.
-Sem vlož link s výsledky.

Můžeš se podívat, co je v této složce?
C:\WINDOWS\80211GI

Teď píšeš o tom druhém systému - s tím Nodem,ne? Může se stát, že tam zůstali zbytky od Nodu a kolidují s AVG, pak na to mrkneme.

Jakou chybu Ti to hlásí na tomto systému?

sima · Příspěvekod **sima** » 26 čer 2010 23:06

Soubor sysenv.dll přijatý 2010.06.26 20:58:27 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO

Výsledek: 0/41 (0%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: ___.
Odhadovaný čas začátku mezi ___ a ___ .
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 5.0.0.30 2010.06.22 -
AhnLab-V3 2010.06.22.00 2010.06.22 -
AntiVir 8.2.2.6 2010.06.21 -
Antiy-AVL 2.0.3.7 2010.06.22 -
Authentium 5.2.0.5 2010.06.22 -
Avast 4.8.1351.0 2010.06.21 -
Avast5 5.0.332.0 2010.06.21 -
AVG 9.0.0.787 2010.06.21 -
BitDefender 7.2 2010.06.22 -
CAT-QuickHeal 10.00 2010.06.22 -
ClamAV 0.96.0.3-git 2010.06.22 -
Comodo 5180 2010.06.22 -
DrWeb 5.0.2.03300 2010.06.22 -
eSafe 7.0.17.0 2010.06.20 -
eTrust-Vet 36.1.7657 2010.06.22 -
F-Prot 4.6.1.107 2010.06.21 -
F-Secure 9.0.15370.0 2010.06.22 -
Fortinet 4.1.133.0 2010.06.21 -
GData 21 2010.06.22 -
Ikarus T3.1.1.84.0 2010.06.22 -
Jiangmin 13.0.900 2010.06.15 -
Kaspersky 7.0.0.125 2010.06.22 -
McAfee 5.400.0.1158 2010.06.22 -
McAfee-GW-Edition 2010.1 2010.06.22 -
Microsoft 1.5902 2010.06.22 -
NOD32 5216 2010.06.21 -
Norman 6.05.06 2010.06.21 -
nProtect 2010-06-21.01 2010.06.21 -
Panda 10.0.2.7 2010.06.21 -
PCTools 7.0.3.5 2010.06.22 -
Prevx 3.0 2010.06.26 -
Rising 22.53.01.04 2010.06.22 -
Sophos 4.54.0 2010.06.22 -
Sunbelt 6483 2010.06.21 -
Symantec 20101.1.0.89 2010.06.22 -
TheHacker 6.5.2.0.302 2010.06.22 -
TrendMicro 9.120.0.1004 2010.06.22 -
TrendMicro-HouseCall 9.120.0.1004 2010.06.22 -
VBA32 3.12.12.5 2010.06.22 -
ViRobot 2010.6.21.3896 2010.06.22 -
VirusBuster 5.0.27.0 2010.06.21 -
Rozšiřující informace
File size: 176128 bytes
MD5...: 4c909bc6eb70df2474e5a883211ff882
SHA1..: 80e6f4d931f0405b1b8700469c2d2a2bcff714b4
SHA256: 6d5ea34c410e1a7af58b319db632ec2d74204b8974163e5ce4303945d0bddf1e
ssdeep: 3072:SwSU1m+BT2azFe2t6/3UJniGB+8nJn55IL8BlrVO+8+9nCS:SwB1XBnzFZs
v8xrJnm8/VO+8+9r

PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x84db
timedatestamp.....: 0x441a5e5e (Fri Mar 17 06:59:42 2006)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1add6 0x1b000 6.61 787cdbd146c6d04bb5fe97702fc1098c
.rdata 0x1c000 0x6d24 0x7000 5.07 8f4b4054eb457fe54c54c6f7eafa9893
.data 0x23000 0x5884 0x2000 3.66 4bad39c5ca898c77e4d9088a040ab268
.rsrc 0x29000 0x310 0x1000 0.82 240bc692414580156a0b7cbe2b5d6c53
.reloc 0x2a000 0x4ea6 0x5000 3.54 fc6994dbbec4d0ec1883d88cfdb15fb1

( 11 imports )
> VERSION.dll: VerQueryValueW, GetFileVersionInfoSizeW, GetFileVersionInfoW
> SHLWAPI.dll: StrStrA, PathFindExtensionA, PathFindFileNameA, StrStrW
> KERNEL32.dll: InterlockedExchange, GetACP, GetLocaleInfoA, GetThreadLocale, GetVersionExA, MultiByteToWideChar, WideCharToMultiByte, GetLastError, GetVersion, lstrcmpiA, lstrlenW, lstrlenA, CompareStringA, CompareStringW, DeviceIoControl, CloseHandle, CreateFileW, GetPrivateProfileStringA, lstrcatA, GetPrivateProfileStringW, lstrcatW, GetUserDefaultLangID, lstrcpyW, WaitForSingleObject, ReleaseMutex, GetCurrentThreadId, TerminateProcess, SetLastError, GetCurrentProcess, GetCurrentThread, InterlockedDecrement, FindResourceA, LoadResource, LockResource, SizeofResource, RaiseException, DeleteCriticalSection, InitializeCriticalSection, lstrcmpA, lstrcmpW, lstrcpynW, Sleep, LoadLibraryA, FreeLibrary, lstrcpyA, OpenProcess, GetProcAddress, GetModuleHandleA, HeapFree, CreateToolhelp32Snapshot, Process32First, SetProcessWorkingSetSize, Process32Next, GetProcessHeap, HeapAlloc, LocalFree, lstrcpynA, FormatMessageA, GlobalUnlock, GlobalLock, GlobalAlloc, GlobalFree, LocalAlloc, EnterCriticalSection, LeaveCriticalSection, EnumResourceLanguagesA, ConvertDefaultLocale, GetModuleFileNameA, GlobalDeleteAtom, GlobalAddAtomA, GlobalReAlloc, GlobalHandle, TlsGetValue, TlsAlloc, TlsSetValue, LocalReAlloc, TlsFree, SetErrorMode, InterlockedIncrement, ReadFile, WriteFile, SetFilePointer, FlushFileBuffers, SetEndOfFile, CreateFileA, WritePrivateProfileStringA, GlobalFlags, GlobalFindAtomA, GlobalGetAtomNameA, GetCPInfo, GetOEMCP, VirtualProtect, VirtualAlloc, GetSystemInfo, VirtualQuery, RtlUnwind, ExitProcess, GetSystemTimeAsFileTime, GetCommandLineA, HeapReAlloc, HeapSize, SetStdHandle, GetFileType, HeapDestroy, HeapCreate, VirtualFree, IsBadWritePtr, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetTimeZoneInformation, SetHandleCount, GetStdHandle, GetStartupInfoA, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, UnhandledExceptionFilter, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, SetEnvironmentVariableA
> USER32.dll: GetDlgItem, SetWindowLongA, ShowWindow, SetWindowPos, CopyRect, GetWindowPlacement, IsIconic, SystemParametersInfoA, CallWindowProcA, DefWindowProcA, RegisterClassA, GetClassInfoA, AdjustWindowRectEx, GetMenu, GetClientRect, SetForegroundWindow, MapWindowPoints, LoadIconA, GetMessagePos, GetMessageTime, DestroyWindow, GetTopWindow, GetForegroundWindow, RemovePropA, GrayStringA, SetPropA, GetClassInfoExA, GetClassLongA, PtInRect, GetCapture, WinHelpA, RegisterWindowMessageA, DestroyMenu, wsprintfA, GetWindowTextA, LoadCursorA, GetSystemMetrics, GetDC, ReleaseDC, GetSysColor, GetSysColorBrush, SetMenuItemBitmaps, GetFocus, ModifyMenuA, EnableMenuItem, CheckMenuItem, GetMenuCheckMarkDimensions, LoadBitmapA, SetWindowsHookExA, CallNextHookEx, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, IsWindowVisible, GetKeyState, PeekMessageA, GetCursorPos, ValidateRect, GetParent, GetWindowLongA, GetLastActivePopup, IsWindowEnabled, EnableWindow, SendMessageA, SetCursor, UnhookWindowsHookEx, PostMessageA, PostQuitMessage, GetMenuState, GetMenuItemID, GetMenuItemCount, GetSubMenu, DrawTextExA, DrawTextA, TabbedTextOutA, ClientToScreen, GetWindow, GetDlgCtrlID, GetPropA, GetWindowRect, CharLowerA, wsprintfW, MessageBoxA, UnregisterClassA, SetWindowTextA, GetClassNameA, CreateWindowExA
> ADVAPI32.dll: RegOpenKeyExW, RegCreateKeyExA, RegQueryValueA, RegEnumKeyA, RegDeleteKeyA, RegOpenKeyA, RegSetValueExA, RegSetValueExW, FreeSid, RegQueryValueExW, RegOpenKeyExA, RegQueryValueExA, RegCloseKey, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueA, AdjustTokenPrivileges, AllocateAndInitializeSid, CheckTokenMembership
> SHELL32.dll: ShellExecuteA
> OLEAUT32.dll: -, -, -
> COMCTL32.dll: -
> OLEACC.dll: LresultFromObject, CreateStdAccessibleObject
> GDI32.dll: PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SelectObject, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, GetDeviceCaps, DeleteDC, GetStockObject, GetClipBox, SetMapMode, SetTextColor, SetBkColor, RestoreDC, SaveDC, DeleteObject, CreateBitmap
> WINSPOOL.DRV: ClosePrinter, OpenPrinterA, DocumentPropertiesA

( 60 exports )
HT_CheckExeRunningA, HT_CheckOtherAPsRunning, HT_DisableCCPSDRunAsStartup, HT_DisablePSDRunAsStartup, HT_EnableCCPSDRunAsStartupA, HT_EnableCCPSDRunAsStartupW, HT_EnablePSDRunAsStartup, HT_EnableRunCngSuPwdAsStartup, HT_EnsureDSBlackList, HT_EnsureLDRunning, HT_FinializeDSBlackListChecking, HT_GetLangINIUnicodeString, HT_GetLastErrorCode, HT_GetPSDDiskFilePathA, HT_GetPSDDiskFilePathW, HT_GetTempPSDDiskFilePathA, HT_GetTempPSDDiskFilePathW, HT_GetUserDefaultLang, HT_GetUserDefaultLangStringA, HT_GetUserDefaultLangStringW, HT_Get_TRACE_LOG_PATH, HT_HidePSDAsStartup, HT_ISCCPSDActiveAsStartup, HT_ISCCPSDEnd, HT_ISCCPSDStart, HT_ISCopyDone, HT_ISCopyinProgress, HT_ISCreateTempDone, HT_ISCreateTempinProgress, HT_ISEDSLoaderRunning, HT_ISGDSRunning, HT_ISGDS_Installed, HT_ISPSDActiveAsStartup, HT_ISPSDHideAsStartup, HT_ISUSB_FixHardDisk, HT_ISWinXPSP1orLater, HT_InitializeDSBlackListChecking, HT_IsBuildinLocalAdminGroup, HT_MonitorGoogleBlackListA, HT_MonitorINIFileItemA, HT_MonitorINIFileItemW, HT_QueryCCPSDStatus, HT_QueryPSDStatusAsStartup, HT_ReadINIFileA, HT_ReadINIFileW, HT_ReadLangINIFileA, HT_ReadLangINIFileEXA, HT_ReadLangINIFileEXW, HT_ReadLangINIFileW, HT_RemoveFromGDSIndexA, HT_RemoveFromGDSIndexW, HT_SetPSDDiskFilePathA, HT_SetPSDDiskFilePathW, HT_UpdateCCPSDStatus, HT_ValidatePasswordA, HT_ValidatePasswordW, HT_WriteINIFileA, HT_WriteINIFileW, IsGDSVersion3Plus, _HT_EnsureDSBlackListValid_GDS_V3

RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: HiTRUST
copyright....: Copyright (C) 2005
product......: SysEnv
description..: SysEnv
original name: SysEnv.dll
internal name: SysEnv.dll
file version.: 2, 2, 0, 44
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

bledulka · Příspěvekod **bledulka** » 26 čer 2010 23:10

Prosím Tě dávej jen odkazy - linky

sima · Příspěvekod **sima** » 26 čer 2010 23:17

Omlouvám se, musím se odhlásit... zatím moc děkuji za snahu :-))

bledulka · Příspěvekod **bledulka** » 26 čer 2010 23:59

Není zač, pokračování zítra :smile:

Prosím o kontrolu systému Vyřešeno

Prosím o kontrolu systému

Re: Prosím o kontrolu systému

Re: Prosím o kontrolu systému

Re: Prosím o kontrolu systému

Re: Prosím o kontrolu systému

Re: Prosím o kontrolu systému

Re: Prosím o kontrolu systému

Re: Prosím o kontrolu systému

Re: Prosím o kontrolu systému

Re: Prosím o kontrolu systému

Re: Prosím o kontrolu systému

Re: Prosím o kontrolu systému Vyřešeno

Kdo je online