OTL logfile created on: 10.12.2010 16:47:26 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Piškoti\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 65,83 Gb Free Space | 44,16% Space Free | Partition Type: NTFS
Drive D: | 74,53 Gb Total Space | 21,70 Gb Free Space | 29,12% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 112,70 Gb Free Space | 37,81% Space Free | Partition Type: NTFS
Computer Name: PIŠKOTI-PC | User Name: Piškoti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Piškoti\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
PRC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)
PRC - C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe ()
PRC - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
PRC - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
========== Modules (SafeList) ==========
MOD - C:\Users\Piškoti\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe File not found
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe File not found
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (WDDMService) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Autodesk Licensing Service) -- C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe (Autodesk)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) Protokol PNRP (Peer Name Resolution Protocol) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) Instalační program ovládacích prvků ActiveX (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (WDSmartWareBackgroundService) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe (Memeo)
SRV - (mi-raysat_3dsmax2010_32) -- C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe ()
SRV - (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
========== Driver Services (SafeList) ==========
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys File not found
DRV - (pgusbmme) -- C:\Windows\System32\drivers\pgusbmm3.sys File not found
DRV - (MAYA44) -- C:\Windows\System32\Drivers\Maya44.sys File not found
DRV - (Hardlock) -- C:\Windows\System32\drivers\hardlock.sys File not found
DRV - (DwProt) -- File not found
DRV - (catchme) -- C:\Users\PIKOTI~1\AppData\Local\Temp\catchme.sys File not found
DRV - (IDMWFP) -- C:\Windows\System32\drivers\idmwfp.sys (Tonec Inc.)
DRV - (eamonm) -- C:\Windows\System32\drivers\eamonm.sys (ESET)
DRV - (epfw) -- C:\Windows\System32\drivers\epfw.sys (ESET)
DRV - (ehdrv) -- C:\Windows\System32\drivers\ehdrv.sys (ESET)
DRV - (epfwwfp) -- C:\Windows\System32\drivers\epfwwfp.sys (ESET)
DRV - (Epfwndis) -- C:\Windows\System32\drivers\epfwndis.sys (ESET)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (Point32) -- C:\Windows\System32\drivers\point32k.sys (Microsoft Corporation)
DRV - (VD_FileDisk) -- C:\Windows\System32\drivers\vd_filedisk.sys (Flint Incorporation)
DRV - (03153812) -- C:\Windows\system32\DRIVERS\03153812.sys (Kaspersky Lab)
DRV - (setup_9.0.0.722_09.12.2010_22-23drv) -- C:\Windows\System32\drivers\0315381.sys (Kaspersky Lab)
DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (03153811) -- C:\Windows\System32\drivers\03153811.sys (Kaspersky Lab)
DRV - (timounter) -- C:\Windows\system32\DRIVERS\timntr.sys (Acronis)
DRV - (tifsfilter) -- C:\Windows\System32\drivers\tifsfilt.sys (Acronis)
DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) Ovladač zvuků USB (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (NSHE) -- C:\Windows\System32\drivers\NSHE.SYS (T0r0 2008)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) -- C:\Program Files\CyberLink\PowerDVD8\000.fcl (Cyberlink Corp.)
DRV - (P17) -- C:\Windows\System32\drivers\P17.sys (Creative Technology Ltd.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 18 3D 5F 15 AF 8C CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}:6.0.14
FF - prefs.js..extensions.enabledItems: refspoof@mozdev.org:0.9.5
FF - prefs.js..extensions.enabledItems: {b9bfaf1c-a63f-47cd-8b9a-29526ced9060}:1.0.4
FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:7.1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.12
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.12.27 15:56:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.29 07:46:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.29 07:46:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010.12.10 12:56:44 | 000,000,000 | ---D | M]
[2010.02.13 08:49:45 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\mozilla\Extensions
[2010.02.13 08:49:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Piškoti\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009.08.29 12:57:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Piškoti\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009.12.29 21:46:03 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\mozilla\Extensions\MediaCoder
[2009.12.29 22:08:17 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\mozilla\Extensions\MediaCoder-Setup-Wizard
[2010.12.09 19:57:39 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\mozilla\Firefox\Profiles\i8xfseyw.default\extensions
[2010.07.30 11:08:29 | 000,000,000 | ---D | M] () -- C:\Users\Piškoti\AppData\Roaming\mozilla\Firefox\Profiles\i8xfseyw.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}
[2009.12.06 13:50:21 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\mozilla\Firefox\Profiles\i8xfseyw.default\extensions\refspoof@mozdev.org
[2010.12.08 19:47:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.10.29 07:46:10 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.12.28 09:03:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009.08.29 17:37:08 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2010.10.29 07:46:09 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.10.29 07:46:09 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007.04.10 16:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2008.11.04 09:15:38 | 000,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2009.08.29 17:37:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2010.10.29 07:46:10 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007.05.10 21:52:00 | 000,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009.10.23 19:41:36 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009.10.23 19:41:36 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009.10.23 19:41:36 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009.10.23 19:41:36 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009.10.23 19:41:36 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009.10.23 19:41:37 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009.10.23 19:41:37 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2010.07.18 16:36:44 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.07.18 16:36:44 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.07.18 16:36:44 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.07.18 16:36:44 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.07.18 16:36:44 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.07.18 16:36:44 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml
O1 HOSTS File: ([2010.12.09 07:40:31 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Tonec Inc.)
O2 - BHO: (Podpora odkazu pro Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Program Files\Internet Download Manager\IEGetVL.htm ()
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\Piškoti\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Piškoti\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.12.10 15:32:52 | 000,000,000 | ---D | C] -- C:\Users\Piškoti\DoctorWeb
[2010.12.10 14:56:49 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Piškoti\Desktop\OTL.exe
[2010.12.10 12:56:43 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.12.09 22:42:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.12.09 22:40:56 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\0315381.sys
[2010.12.09 22:40:56 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\03153811.sys
[2010.12.09 22:40:56 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\03153812.sys
[2010.12.09 22:40:56 | 000,000,000 | ---D | C] -- C:\Users\Piškoti\Desktop\Virus Removal Tool
[2010.12.09 22:32:35 | 085,231,328 | ---- | C] ( ) -- C:\Users\Piškoti\Desktop\setup_9.0.0.722_09.12.2010_22-23.exe
[2010.12.09 16:45:51 | 000,000,000 | ---D | C] -- C:\_OTM
[2010.12.09 16:44:55 | 000,519,680 | ---- | C] (OldTimer Tools) -- C:\OTM.exe
[2010.12.09 13:16:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.12.09 12:51:34 | 000,000,000 | ---D | C] -- C:\Program Files\RegScrubXP
[2010.12.09 12:50:33 | 000,000,000 | ---D | C] -- C:\Program Files\RegCleaner
[2010.12.09 12:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\BeClean
[2010.12.09 07:38:44 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2010.12.09 07:31:11 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010.12.08 16:34:06 | 000,000,000 | ---D | C] -- C:\Users\Piškoti\AppData\Local\temp
[2010.12.08 16:21:13 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010.12.08 16:21:13 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010.12.08 16:21:13 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010.12.08 16:20:52 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.12.08 16:20:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.12.08 15:56:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.08 15:56:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.08 15:56:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.12.08 15:19:59 | 000,000,000 | ---D | C] -- C:\Users\Piškoti\AppData\Roaming\KeePass
[2010.12.08 14:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\HiJackThis
[2010.12.08 14:47:26 | 000,000,000 | ---D | C] -- C:\Program Files\KeePass Password Safe 2
[2010.11.12 09:58:52 | 000,000,000 | ---D | C] -- C:\Users\Piškoti\AppData\Local\Western_Digital
[2010.11.12 09:55:22 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2 C:\Users\Piškoti\AppData\Roaming\*.tmp files -> C:\Users\Piškoti\AppData\Roaming\*.tmp -> ]
[1 C:\Users\Piškoti\Desktop\*.tmp files -> C:\Users\Piškoti\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.12.10 15:01:22 | 053,162,040 | ---- | M] () -- C:\Users\Piškoti\Desktop\launch.exe
[2010.12.10 14:57:00 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Piškoti\Desktop\OTL.exe
[2010.12.10 13:07:42 | 000,668,960 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.12.10 13:07:42 | 000,654,354 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.10 13:07:42 | 000,140,592 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.12.10 13:07:42 | 000,121,226 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.10 13:03:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.10 13:03:10 | 2616,893,440 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.10 13:02:25 | 000,017,040 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.10 13:02:25 | 000,017,040 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.09 22:40:12 | 085,231,328 | ---- | M] ( ) -- C:\Users\Piškoti\Desktop\setup_9.0.0.722_09.12.2010_22-23.exe
[2010.12.09 16:45:05 | 000,519,680 | ---- | M] (OldTimer Tools) -- C:\OTM.exe
[2010.12.09 07:40:31 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.12.08 20:13:16 | 000,000,000 | ---- | M] () -- C:\Users\Piškoti\defogger_reenable
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.28 16:04:39 | 000,000,912 | ---- | M] () -- C:\Users\Piškoti\AppData\Local\SRDownloader.nast
[2010.11.28 16:03:14 | 000,000,293 | ---- | M] () -- C:\Users\Piškoti\AppData\Local\SRDownloader.err
[2 C:\Users\Piškoti\AppData\Roaming\*.tmp files -> C:\Users\Piškoti\AppData\Roaming\*.tmp -> ]
[1 C:\Users\Piškoti\Desktop\*.tmp files -> C:\Users\Piškoti\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.12.10 14:56:27 | 053,162,040 | ---- | C] () -- C:\Users\Piškoti\Desktop\launch.exe
[2010.12.08 20:13:16 | 000,000,000 | ---- | C] () -- C:\Users\Piškoti\defogger_reenable
[2010.12.08 16:21:13 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010.12.08 16:21:13 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010.12.08 16:21:13 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2010.12.08 16:21:13 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010.12.08 16:21:13 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.11.28 16:01:41 | 000,000,912 | ---- | C] () -- C:\Users\Piškoti\AppData\Local\SRDownloader.nast
[2010.11.28 16:01:07 | 000,000,293 | ---- | C] () -- C:\Users\Piškoti\AppData\Local\SRDownloader.err
[2010.10.31 20:30:53 | 000,045,056 | ---- | C] () -- C:\Users\Piškoti\AppData\Roaming\chrtmp
[2010.10.31 19:53:40 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010.07.25 15:33:54 | 000,007,598 | ---- | C] () -- C:\Users\Piškoti\AppData\Local\Resmon.ResmonCfg
[2010.06.13 21:40:39 | 000,002,528 | ---- | C] () -- C:\Users\Piškoti\AppData\Roaming\$_hpcst$.hpc
[2010.04.02 13:57:52 | 000,004,096 | -H-- | C] () -- C:\Users\Piškoti\AppData\Local\keyfile3.drm
[2010.01.10 11:14:04 | 000,000,400 | ---- | C] () -- C:\Windows\g_lfolqn405.ini
[2009.12.11 07:28:43 | 000,155,648 | ---- | C] () -- C:\Windows\System32\libssl32.dll
[2009.11.28 08:43:08 | 000,000,031 | ---- | C] () -- C:\Windows\CADSymbols.ini
[2009.11.14 16:29:43 | 000,034,308 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2009.11.01 21:19:35 | 000,005,632 | ---- | C] () -- C:\Users\Piškoti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.10.09 20:44:14 | 000,120,832 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009.08.29 19:26:42 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009.08.29 17:34:45 | 000,000,761 | ---- | C] () -- C:\Windows\m3jp2k.ini
[2009.08.29 17:34:45 | 000,000,702 | ---- | C] () -- C:\Windows\mmtvmj.ini
[2009.08.29 17:34:44 | 000,000,714 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2009.08.29 17:34:41 | 000,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll
[2009.08.29 17:34:40 | 000,152,064 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.08.29 17:34:38 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.08.29 12:36:29 | 000,105,472 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2009.08.29 12:36:29 | 000,067,072 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2009.08.29 12:31:30 | 000,003,348 | ---- | C] () -- C:\Windows\System32\ludap17.ini
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.19 20:06:22 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009.06.19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.06.07 12:25:42 | 000,001,578 | ---- | C] () -- C:\Windows\P17EPLS.ini
[2007.04.09 08:42:00 | 000,148,480 | ---- | C] () -- C:\Windows\System32\OemSpiE.dll
[2007.03.20 16:23:56 | 000,001,669 | ---- | C] () -- C:\Windows\P17EP.ini
[2005.03.08 13:17:00 | 000,000,054 | ---- | C] () -- C:\Windows\System32\ctzapxx.ini
[2004.03.18 18:40:32 | 000,155,648 | ---- | C] () -- C:\Windows\System32\ssleay32.dll
[2004.03.18 18:40:24 | 000,667,648 | ---- | C] () -- C:\Windows\System32\libeay32.dll
========== LOP Check ==========
[2009.09.06 18:27:29 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Ableton
[2009.09.17 19:55:11 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\AltrixSoft
[2010.08.30 07:44:51 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Ashampoo
[2010.11.08 10:39:54 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Autodesk
[2010.10.31 19:58:53 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\BITS
[2009.12.29 22:31:21 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Broad Intelligence
[2010.02.27 08:18:09 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\CPS Labs
[2009.09.10 17:47:36 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\DAEMON Tools Lite
[2010.03.29 18:29:48 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\DassaultSystemes
[2010.12.07 19:15:39 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\DMCache
[2010.03.18 20:19:24 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\EPSON
[2009.08.29 12:40:29 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\ESET
[2010.03.11 15:28:10 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\esmska
[2010.10.31 19:52:56 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\FlashGet
[2010.10.31 19:52:18 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\FlashGetBHO
[2009.11.21 11:53:46 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Foxit
[2010.06.16 08:22:43 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\GHISLER
[2009.09.19 17:28:02 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Hardcore
[2010.09.11 10:21:32 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\HEXelon
[2010.11.06 10:00:54 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\IDM
[2010.03.29 14:05:46 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\IMSI
[2010.08.18 23:20:27 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\IMSIDesign
[2009.09.19 17:28:03 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Juce VST Host
[2010.12.08 15:27:05 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\KeePass
[2010.03.14 13:43:04 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\MilkShape 3D 1.x.x
[2009.09.04 19:43:42 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\NetMedia Providers
[2010.09.21 19:52:32 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Nokia
[2010.05.18 11:26:31 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\PC Suite
[2010.09.22 08:18:19 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\PhotoScape
[2009.09.04 19:44:24 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Publish Providers
[2010.11.05 10:19:48 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Sony
[2009.09.16 21:22:22 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Sony Creative Software
[2009.11.29 09:29:07 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Super-Cow
[2009.08.30 12:35:42 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Thinstall
[2010.12.09 19:06:15 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\uTorrent
[2010.11.12 09:56:31 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\Western Digital
[2009.09.16 18:19:56 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\WinPatrol
[2010.11.25 18:48:15 | 000,000,000 | ---D | M] -- C:\Users\Piškoti\AppData\Roaming\XnView
[2010.09.03 05:58:10 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:DF462FF6
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:74BA98C1
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:19F783D8
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:99671BE2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:C8B8CEBD
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:FD34FE88
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86
< End of report >
Prosím o kontrolu logu. Děkuji Vyřešeno
Re: Prosím o kontrolu logu. Děkuji
OTL Extras logfile created on: 10.12.2010 16:47:26 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Piškoti\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 65,83 Gb Free Space | 44,16% Space Free | Partition Type: NTFS
Drive D: | 74,53 Gb Total Space | 21,70 Gb Free Space | 29,12% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 112,70 Gb Free Space | 37,81% Space Free | Partition Type: NTFS
Computer Name: PIŠKOTI-PC | User Name: Piškoti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{06A1BE8A-4CA4-4A39-B9E4-E815AA8FE05C}" = Sony Noise Reduction Plug-In 2.0h
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare
"{26A24AE4-039D-4CA4-87B4-2F83216014F0}" = Java(TM) 6 Update 14
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{29988DC6-9C4A-49B2-AC86-5C380B29ADB9}_is1" = Loaris Trojan Remover 1.2
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft Visual C++ 8.0 Support DLLs
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4AEA9A23-D627-4699-8A0F-FC474308C2E6}" = Sony Sound Forge 9.0
"{539F9408-904B-4302-A975-F1C781D7D076}" = ESET Smart Security
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{60A08432-00DD-0409-AC2C-143C75460878}" = Autodesk 3ds Max 2010 32-bit Components
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6E15BBA7-CFFD-4983-9189-C4D86D3DDD0C}_is1" = Smarty Uninstaller Pro
"{6E5AB107-172B-4F17-8ABB-357C59EF1B08}" = Vegas Pro 9.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}" = 3dsmax ancillary install
"{885A63EA-382B-4DD4-A755-14809B8557D6}" = Macromedia Flash Player 8
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum zařízení Windows Mobile
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C5978D89-FE99-40D2-94FF-F8E6159E742C}" = AnimationLab v4
"{CCAC7B28-CA5C-4520-ABBB-184524C01A51}" = Sony CD Architect 5.2
"{CD708B26-34AB-48A6-9B32-AD333659C928}" = TurboCAD Professional 17
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BA}" = WinZip 14.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}" = Autodesk 3ds Max 2010 Tutorials Files
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8236DB8-CF1E-476B-A718-0ADBDBD97863}" = Autodesk SketchBookPro 2010
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AMP WinOFF" = AMP WinOFF
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.1
"Ashampoo Snap 3_is1" = Ashampoo Snap 3.31
"ASIO4ALL" = ASIO4ALL
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010
"BeClean_is1" = BeClean
"CCleaner" = CCleaner
"CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only)
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 4.1)
"EPSON PX700W Series" = EPSON PX700W Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW User’s Guide" = EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW Manual
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.50
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.3)
"FotoResize" = FotoResize
"GOM Player" = GOM Player
"HaaliMkx" = Haali Media Splitter
"Hard Disk Sentinel_is1" = Hard Disk Sentinel PRO
"HijackThis" = HijackThis 2.0.2
"ImTOO 3GP Video Converter" = ImTOO 3GP Video Converter
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"Internet Download Manager" = Internet Download Manager
"IrfanView" = IrfanView (remove only)
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.13
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mastering Effects Bundle 2 for Sound Forge Pro_is1" = Mastering Effects Bundle 2 for Sound Forge Pro
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenSSL_is1" = OpenSSL 0.9.6m
"Optimik" = Optimik
"PhotoScape" = PhotoScape
"PowerISO" = PowerISO
"Recuva" = Recuva (remove only)
"RegScrubXP_is1" = RegScrubXP 3.25
"TC UP" = Total Commander Ultima Prime 5.2.0.0
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR archiver
"XnView_is1" = XnView 1.96.1
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Piškoti\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 55,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 65,83 Gb Free Space | 44,16% Space Free | Partition Type: NTFS
Drive D: | 74,53 Gb Total Space | 21,70 Gb Free Space | 29,12% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 112,70 Gb Free Space | 37,81% Space Free | Partition Type: NTFS
Computer Name: PIŠKOTI-PC | User Name: Piškoti | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{06A1BE8A-4CA4-4A39-B9E4-E815AA8FE05C}" = Sony Noise Reduction Plug-In 2.0h
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}" = WD SmartWare
"{26A24AE4-039D-4CA4-87B4-2F83216014F0}" = Java(TM) 6 Update 14
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 15
"{29988DC6-9C4A-49B2-AC86-5C380B29ADB9}_is1" = Loaris Trojan Remover 1.2
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}" = Autodesk 3ds Max 2010 32-bit
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft Visual C++ 8.0 Support DLLs
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2008.1
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{48F22622-1CC2-4A83-9C1E-644DD96F832D}" = Epson Event Manager
"{4AEA9A23-D627-4699-8A0F-FC474308C2E6}" = Sony Sound Forge 9.0
"{539F9408-904B-4302-A975-F1C781D7D076}" = ESET Smart Security
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{60A08432-00DD-0409-AC2C-143C75460878}" = Autodesk 3ds Max 2010 32-bit Components
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6E15BBA7-CFFD-4983-9189-C4D86D3DDD0C}_is1" = Smarty Uninstaller Pro
"{6E5AB107-172B-4F17-8ABB-357C59EF1B08}" = Vegas Pro 9.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}" = 3dsmax ancillary install
"{885A63EA-382B-4DD4-A755-14809B8557D6}" = Macromedia Flash Player 8
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Centrum zařízení Windows Mobile
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A346205-EA92-4406-B1AB-50379DA3F057}" = Autodesk DWF Viewer 7
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C5978D89-FE99-40D2-94FF-F8E6159E742C}" = AnimationLab v4
"{CCAC7B28-CA5C-4520-ABBB-184524C01A51}" = Sony CD Architect 5.2
"{CD708B26-34AB-48A6-9B32-AD333659C928}" = TurboCAD Professional 17
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BA}" = WinZip 14.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD
"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}" = Autodesk 3ds Max 2010 Tutorials Files
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8236DB8-CF1E-476B-A718-0ADBDBD97863}" = Autodesk SketchBookPro 2010
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AMP WinOFF" = AMP WinOFF
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.1
"Ashampoo Snap 3_is1" = Ashampoo Snap 3.31
"ASIO4ALL" = ASIO4ALL
"Autodesk FBX Plugin 2009.4 - 3ds Max 2010" = Autodesk FBX Plugin 2009.4 - 3ds Max 2010
"BeClean_is1" = BeClean
"CCleaner" = CCleaner
"CoreAVC Professional Edition" = CoreAVC Professional Edition (remove only)
"E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 4.1)
"EPSON PX700W Series" = EPSON PX700W Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW User’s Guide" = EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW Manual
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.50
"F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.3)
"FotoResize" = FotoResize
"GOM Player" = GOM Player
"HaaliMkx" = Haali Media Splitter
"Hard Disk Sentinel_is1" = Hard Disk Sentinel PRO
"HijackThis" = HijackThis 2.0.2
"ImTOO 3GP Video Converter" = ImTOO 3GP Video Converter
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"Internet Download Manager" = Internet Download Manager
"IrfanView" = IrfanView (remove only)
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.13
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mastering Effects Bundle 2 for Sound Forge Pro_is1" = Mastering Effects Bundle 2 for Sound Forge Pro
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenSSL_is1" = OpenSSL 0.9.6m
"Optimik" = Optimik
"PhotoScape" = PhotoScape
"PowerISO" = PowerISO
"Recuva" = Recuva (remove only)
"RegScrubXP_is1" = RegScrubXP 3.25
"TC UP" = Total Commander Ultima Prime 5.2.0.0
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR archiver
"XnView_is1" = XnView 1.96.1
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43290
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu. Děkuji
Odinstaluj:
AVP Tool , Virus Removal Tool (Kaspersky Lab)
Dr.Web CureIt! (launch)
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
Aktualizuj javu:
Java SE Runtime Environment 6u22
Vyber OS ( předpokládám Windows), dej zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u22-windows-i586-p.exe
Ostatní javy odeber v přidat/odebrat programy.
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
AVP Tool , Virus Removal Tool (Kaspersky Lab)
Dr.Web CureIt! (launch)
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
Aktualizuj javu:
Java SE Runtime Environment 6u22
Vyber OS ( předpokládám Windows), dej zatržítko agree-continue
Vyber:
Windows Offline Installation
jre-6u22-windows-i586-p.exe
Ostatní javy odeber v přidat/odebrat programy.
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV - (StarWindServiceAE) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe File not found
SRV - (AcrSch2Svc) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe File not found
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys File not found
DRV - (pgusbmme) -- C:\Windows\System32\drivers\pgusbmm3.sys File not found
DRV - (MAYA44) -- C:\Windows\System32\Drivers\Maya44.sys File not found
DRV - (Hardlock) -- C:\Windows\System32\drivers\hardlock.sys File not found
DRV - (DwProt) -- File not found
DRV - (catchme) -- C:\Users\PIKOTI~1\AppData\Local\Temp\catchme.sys File not found
DRV - (03153812) -- C:\Windows\system32\DRIVERS\03153812.sys (Kaspersky Lab)
DRV - (setup_9.0.0.722_09.12.2010_22-23drv) -- C:\Windows\System32\drivers\0315381.sys (Kaspersky Lab)
DRV - (03153811) -- C:\Windows\System32\drivers\03153811.sys (Kaspersky Lab)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
O1 - Hosts: 127.0.0.1 localhost
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_15)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
[2010.12.10 13:07:42 | 000,668,960 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2010.12.10 13:07:42 | 000,654,354 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.10 13:07:42 | 000,140,592 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2010.12.10 13:07:42 | 000,121,226 | ---- | M] () -- C:\Windows\System32\perfc009.dat
@Alternate Data Stream - 183 bytes -> C:\ProgramData\TEMP:DF462FF6
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:74BA98C1
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:19F783D8
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:99671BE2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:C8B8CEBD
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:FD34FE88
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Users\Piškoti\Desktop\*.tmp
C:\Users\Piškoti\AppData\Roaming\*.tmp
C:\Windows\System32\drivers\0315381.sys
C:\Windows\System32\drivers\03153811.sys
C:\Windows\System32\drivers\03153812.sys
C:\Users\Piškoti\Desktop\Virus Removal Tool
C:\Users\Piškoti\Desktop\setup_9.0.0.722_09.12.2010_22-23.exe
C:\Windows\SWXCACLS.exe
C:\Windows\SWREG.exe
C:\Windows\SWSC.exe
C:\Windows\NIRCMD.exe
C:\Windows\PEV.exe
C:\Windows\sed.exe
C:\Windows\MBR.exe
C:\Windows\grep.exe
C:\Windows\zip.exe
C:\Windows\g_lfolqn405.ini
C:\Users\Piškoti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Windows\mmtvmj.ini
:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu. Děkuji
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service StarWindServiceAE stopped successfully!
Service StarWindServiceAE deleted successfully!
File C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe File not found not found.
Service AcrSch2Svc stopped successfully!
Service AcrSch2Svc deleted successfully!
File C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe File not found not found.
Service sptd stopped successfully!
Service sptd deleted successfully!
File C:\Windows\System32\Drivers\sptd.sys File not found not found.
Service pgusbmme stopped successfully!
Service pgusbmme deleted successfully!
File C:\Windows\System32\drivers\pgusbmm3.sys File not found not found.
Service MAYA44 stopped successfully!
Service MAYA44 deleted successfully!
File C:\Windows\System32\Drivers\Maya44.sys File not found not found.
Service Hardlock stopped successfully!
Service Hardlock deleted successfully!
File C:\Windows\System32\drivers\hardlock.sys File not found not found.
Error: No service named DwProt was found to stop!
Service\Driver key DwProt not found.
File File not found not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\Users\PIKOTI~1\AppData\Local\Temp\catchme.sys File not found not found.
Error: No service named 03153812 was found to stop!
Service\Driver key 03153812 not found.
File C:\Windows\system32\DRIVERS\03153812.sys not found.
Error: No service named setup_9.0.0.722_09.12.2010_22-23drv was found to stop!
Service\Driver key setup_9.0.0.722_09.12.2010_22-23drv not found.
File C:\Windows\System32\drivers\0315381.sys not found.
Error: No service named 03153811 was found to stop!
Service\Driver key 03153811 not found.
File C:\Windows\System32\drivers\03153811.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
ADS C:\ProgramData\TEMP:DF462FF6 deleted successfully.
ADS C:\ProgramData\TEMP:74BA98C1 deleted successfully.
ADS C:\ProgramData\TEMP:19F783D8 deleted successfully.
ADS C:\ProgramData\TEMP:99671BE2 deleted successfully.
ADS C:\ProgramData\TEMP:C8B8CEBD deleted successfully.
ADS C:\ProgramData\TEMP:FD34FE88 deleted successfully.
ADS C:\ProgramData\TEMP:888AFB86 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Users\Piškoti\Desktop\~WRL0001.tmp moved successfully.
C:\Users\Piškoti\AppData\Roaming\isfree3_0.tmp moved successfully.
C:\Users\Piškoti\AppData\Roaming\isfree3_1.tmp moved successfully.
File\Folder C:\Windows\System32\drivers\0315381.sys not found.
File\Folder C:\Windows\System32\drivers\03153811.sys not found.
File\Folder C:\Windows\System32\drivers\03153812.sys not found.
File\Folder C:\Users\Piškoti\Desktop\Virus Removal Tool not found.
File\Folder C:\Users\Piškoti\Desktop\setup_9.0.0.722_09.12.2010_22-23.exe not found.
File\Folder C:\Windows\SWXCACLS.exe not found.
File\Folder C:\Windows\SWREG.exe not found.
File\Folder C:\Windows\SWSC.exe not found.
File\Folder C:\Windows\NIRCMD.exe not found.
File\Folder C:\Windows\PEV.exe not found.
File\Folder C:\Windows\sed.exe not found.
File\Folder C:\Windows\MBR.exe not found.
File\Folder C:\Windows\grep.exe not found.
File\Folder C:\Windows\zip.exe not found.
C:\Windows\g_lfolqn405.ini moved successfully.
C:\Users\Piškoti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Windows\mmtvmj.ini moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: PiÜkoti
->Temp folder emptied: 0 bytes
User: Piškoti
->Temp folder emptied: 808867 bytes
->Temporary Internet Files folder emptied: 3120712 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 64502122 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 925 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 20620778 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 85,00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 12102010_222409
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service StarWindServiceAE stopped successfully!
Service StarWindServiceAE deleted successfully!
File C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe File not found not found.
Service AcrSch2Svc stopped successfully!
Service AcrSch2Svc deleted successfully!
File C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe File not found not found.
Service sptd stopped successfully!
Service sptd deleted successfully!
File C:\Windows\System32\Drivers\sptd.sys File not found not found.
Service pgusbmme stopped successfully!
Service pgusbmme deleted successfully!
File C:\Windows\System32\drivers\pgusbmm3.sys File not found not found.
Service MAYA44 stopped successfully!
Service MAYA44 deleted successfully!
File C:\Windows\System32\Drivers\Maya44.sys File not found not found.
Service Hardlock stopped successfully!
Service Hardlock deleted successfully!
File C:\Windows\System32\drivers\hardlock.sys File not found not found.
Error: No service named DwProt was found to stop!
Service\Driver key DwProt not found.
File File not found not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\Users\PIKOTI~1\AppData\Local\Temp\catchme.sys File not found not found.
Error: No service named 03153812 was found to stop!
Service\Driver key 03153812 not found.
File C:\Windows\system32\DRIVERS\03153812.sys not found.
Error: No service named setup_9.0.0.722_09.12.2010_22-23drv was found to stop!
Service\Driver key setup_9.0.0.722_09.12.2010_22-23drv not found.
File C:\Windows\System32\drivers\0315381.sys not found.
Error: No service named 03153811 was found to stop!
Service\Driver key 03153811 not found.
File C:\Windows\System32\drivers\03153811.sys not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
127.0.0.1 localhost removed from HOSTS file successfully
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found.
C:\Windows\System32\perfh005.dat moved successfully.
C:\Windows\System32\perfh009.dat moved successfully.
C:\Windows\System32\perfc005.dat moved successfully.
C:\Windows\System32\perfc009.dat moved successfully.
ADS C:\ProgramData\TEMP:DF462FF6 deleted successfully.
ADS C:\ProgramData\TEMP:74BA98C1 deleted successfully.
ADS C:\ProgramData\TEMP:19F783D8 deleted successfully.
ADS C:\ProgramData\TEMP:99671BE2 deleted successfully.
ADS C:\ProgramData\TEMP:C8B8CEBD deleted successfully.
ADS C:\ProgramData\TEMP:FD34FE88 deleted successfully.
ADS C:\ProgramData\TEMP:888AFB86 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Users\Piškoti\Desktop\~WRL0001.tmp moved successfully.
C:\Users\Piškoti\AppData\Roaming\isfree3_0.tmp moved successfully.
C:\Users\Piškoti\AppData\Roaming\isfree3_1.tmp moved successfully.
File\Folder C:\Windows\System32\drivers\0315381.sys not found.
File\Folder C:\Windows\System32\drivers\03153811.sys not found.
File\Folder C:\Windows\System32\drivers\03153812.sys not found.
File\Folder C:\Users\Piškoti\Desktop\Virus Removal Tool not found.
File\Folder C:\Users\Piškoti\Desktop\setup_9.0.0.722_09.12.2010_22-23.exe not found.
File\Folder C:\Windows\SWXCACLS.exe not found.
File\Folder C:\Windows\SWREG.exe not found.
File\Folder C:\Windows\SWSC.exe not found.
File\Folder C:\Windows\NIRCMD.exe not found.
File\Folder C:\Windows\PEV.exe not found.
File\Folder C:\Windows\sed.exe not found.
File\Folder C:\Windows\MBR.exe not found.
File\Folder C:\Windows\grep.exe not found.
File\Folder C:\Windows\zip.exe not found.
C:\Windows\g_lfolqn405.ini moved successfully.
C:\Users\Piškoti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Windows\mmtvmj.ini moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: PiÜkoti
->Temp folder emptied: 0 bytes
User: Piškoti
->Temp folder emptied: 808867 bytes
->Temporary Internet Files folder emptied: 3120712 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 64502122 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 925 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 20620778 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 85,00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 12102010_222409
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43290
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu. Děkuji
Spusť OTL a klikni na Vyčisti.
Pak můžeš OTL smazat , C:\_OTL
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Pak můžeš OTL smazat , C:\_OTL
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu. Děkuji
Vyčistil jsem OTL a smazal. Počítač funguje o poznání rychleji, ale NOD stále hlásí infiltraci.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43290
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu. Děkuji
Stáhni si z některého odkazu SysProt AntiRootkit:
Odkaz 1
Odkaz 2
Odkaz 3
Odkaz 4
Rozbal si ho na svojí plochu.
Spusť SysProt>> klikni na Log tab.
Zatrhni všechny čtverečky v sekci "Write to log" ( nedávej zatržítko na volbu "Hidden Objects Only").
Klikni na Create Log. Když se Tě zeptá na volbu skenu , vyber Scanning all drives >>klikni na na Start ( neklikej na "Ok" !).
Nech sken nerušeně běžet, až sken skončí , najdi log.txt ve složce SysProt . Zkopíruj sem prosím celý obsah toho logu.
+
Stáhni si windatfindbat of Karl83
Rozbal do složky, otevři jí poklepej na ní (ve vistě a win7 spusť jako správce). Otevře se okno DOS a posléze se objeví log.Jinak je pod názvem dirdat.txt v C:\ . Vlož sem prosím obsah toho logu, můžeš vybrat jen ty za poslední 3 měsíce.
Odkaz 1
Odkaz 2
Odkaz 3
Odkaz 4
Rozbal si ho na svojí plochu.
Spusť SysProt>> klikni na Log tab.
Zatrhni všechny čtverečky v sekci "Write to log" ( nedávej zatržítko na volbu "Hidden Objects Only").
Klikni na Create Log. Když se Tě zeptá na volbu skenu , vyber Scanning all drives >>klikni na na Start ( neklikej na "Ok" !).
Nech sken nerušeně běžet, až sken skončí , najdi log.txt ve složce SysProt . Zkopíruj sem prosím celý obsah toho logu.
+
Stáhni si windatfindbat of Karl83
Rozbal do složky, otevři jí poklepej na ní (ve vistě a win7 spusť jako správce). Otevře se okno DOS a posléze se objeví log.Jinak je pod názvem dirdat.txt v C:\ . Vlož sem prosím obsah toho logu, můžeš vybrat jen ty za poslední 3 měsíce.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu. Děkuji
SysProt AntiRootkit v1.0.1.0
by swatkat
******************************************************************************************
******************************************************************************************
No Processes found
******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \??\C:\Users\Piškoti\Desktop\SysProt\SysProtDrv.sys
Service Name: SysProtDrv.sys
Module Base: A2EF3000
Module End: A2EFE000
Hidden: No
Module Name: C:\Windows\system32\ntkrnlpa.exe
Service Name: ---
Module Base: 84243000
Module End: 84653000
Hidden: No
Module Name: C:\Windows\system32\halmacpi.dll
Service Name: ---
Module Base: 8420C000
Module End: 84243000
Hidden: No
Module Name: C:\Windows\system32\kdcom.dll
Service Name: ---
Module Base: 80BC1000
Module End: 80BC9000
Hidden: No
Module Name: C:\Windows\system32\mcupdate_AuthenticAMD.dll
Service Name: ---
Module Base: 8CC2C000
Module End: 8CC37000
Hidden: No
Module Name: C:\Windows\system32\PSHED.dll
Service Name: ---
Module Base: 8CC37000
Module End: 8CC48000
Hidden: No
Module Name: C:\Windows\system32\BOOTVID.dll
Service Name: ---
Module Base: 8CC48000
Module End: 8CC50000
Hidden: No
Module Name: C:\Windows\system32\CLFS.SYS
Service Name: CLFS
Module Base: 8CC50000
Module End: 8CC92000
Hidden: No
Module Name: C:\Windows\system32\CI.dll
Service Name: ---
Module Base: 8CC92000
Module End: 8CD3D000
Hidden: No
Module Name: C:\Windows\system32\drivers\Wdf01000.sys
Service Name: Wdf01000
Module Base: 8CD3D000
Module End: 8CDAE000
Hidden: No
Module Name: C:\Windows\system32\drivers\WDFLDR.SYS
Service Name: ---
Module Base: 8CDAE000
Module End: 8CDBC000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ACPI.sys
Service Name: ACPI
Module Base: 8CE27000
Module End: 8CE6F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\WMILIB.SYS
Service Name: ---
Module Base: 8CE6F000
Module End: 8CE78000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\msisadrv.sys
Service Name: msisadrv
Module Base: 8CE78000
Module End: 8CE80000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\vdrvroot.sys
Service Name: vdrvroot
Module Base: 8CE80000
Module End: 8CE8B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\pci.sys
Service Name: pci
Module Base: 8CE8B000
Module End: 8CEB5000
Hidden: No
Module Name: C:\Windows\System32\drivers\partmgr.sys
Service Name: partmgr
Module Base: 8CEB5000
Module End: 8CEC6000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\volmgr.sys
Service Name: volmgr
Module Base: 8CEC6000
Module End: 8CED6000
Hidden: No
Module Name: C:\Windows\System32\drivers\volmgrx.sys
Service Name: volmgrx
Module Base: 8CED6000
Module End: 8CF21000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\pciide.sys
Service Name: pciide
Module Base: 8CF21000
Module End: 8CF28000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\PCIIDEX.SYS
Service Name: ---
Module Base: 8CF28000
Module End: 8CF36000
Hidden: No
Module Name: C:\Windows\System32\drivers\mountmgr.sys
Service Name: mountmgr
Module Base: 8CF36000
Module End: 8CF4C000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\atapi.sys
Service Name: atapi
Module Base: 8CF4C000
Module End: 8CF55000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ataport.SYS
Service Name: ---
Module Base: 8CF55000
Module End: 8CF78000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nvstor.sys
Service Name: nvstor
Module Base: 8CF78000
Module End: 8CF9D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\storport.sys
Service Name: ---
Module Base: 8CF9D000
Module End: 8CFE4000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\amdxata.sys
Service Name: amdxata
Module Base: 8CFE4000
Module End: 8CFED000
Hidden: No
Module Name: C:\Windows\system32\drivers\fltmgr.sys
Service Name: FltMgr
Module Base: 8CDBC000
Module End: 8CDF0000
Hidden: No
Module Name: C:\Windows\system32\drivers\fileinfo.sys
Service Name: FileInfo
Module Base: 8CFED000
Module End: 8CFFE000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Ntfs.sys
Service Name: ---
Module Base: 8D007000
Module End: 8D136000
Hidden: No
Module Name: C:\Windows\System32\Drivers\msrpc.sys
Service Name: ---
Module Base: 8D136000
Module End: 8D161000
Hidden: No
Module Name: C:\Windows\System32\Drivers\ksecdd.sys
Service Name: KSecDD
Module Base: 8D161000
Module End: 8D174000
Hidden: No
Module Name: C:\Windows\System32\Drivers\cng.sys
Service Name: CNG
Module Base: 8D174000
Module End: 8D1D1000
Hidden: No
Module Name: C:\Windows\System32\drivers\pcw.sys
Service Name: pcw
Module Base: 8D1D1000
Module End: 8D1DF000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Fs_Rec.sys
Service Name: ---
Module Base: 8D1DF000
Module End: 8D1E8000
Hidden: No
Module Name: C:\Windows\system32\drivers\ndis.sys
Service Name: NDIS
Module Base: 8D226000
Module End: 8D2DD000
Hidden: No
Module Name: C:\Windows\system32\drivers\NETIO.SYS
Service Name: ---
Module Base: 8D2DD000
Module End: 8D31B000
Hidden: No
Module Name: C:\Windows\System32\Drivers\ksecpkg.sys
Service Name: KSecPkg
Module Base: 8D31B000
Module End: 8D340000
Hidden: No
Module Name: C:\Windows\System32\drivers\tcpip.sys
Service Name: Tcpip
Module Base: 8D424000
Module End: 8D56D000
Hidden: No
Module Name: C:\Windows\System32\drivers\fwpkclnt.sys
Service Name: ---
Module Base: 8D56D000
Module End: 8D59E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\timntr.sys
Service Name: timounter
Module Base: 8D340000
Module End: 8D3AB000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\vmstorfl.sys
Service Name: storflt
Module Base: 8D59E000
Module End: 8D5A7000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\volsnap.sys
Service Name: volsnap
Module Base: 8D5A7000
Module End: 8D5E6000
Hidden: No
Module Name: C:\Windows\System32\Drivers\spldr.sys
Service Name: ---
Module Base: 8D5E6000
Module End: 8D5EE000
Hidden: No
Module Name: C:\Windows\System32\drivers\rdyboost.sys
Service Name: rdyboost
Module Base: 8D3AB000
Module End: 8D3D8000
Hidden: No
Module Name: C:\Windows\System32\Drivers\mup.sys
Service Name: Mup
Module Base: 8D5EE000
Module End: 8D5FE000
Hidden: No
Module Name: C:\Windows\System32\drivers\hwpolicy.sys
Service Name: hwpolicy
Module Base: 8D400000
Module End: 8D408000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\fvevol.sys
Service Name: fvevol
Module Base: 8D610000
Module End: 8D642000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\disk.sys
Service Name: Disk
Module Base: 8D642000
Module End: 8D653000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\CLASSPNP.SYS
Service Name: ---
Module Base: 8D653000
Module End: 8D678000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\cdrom.sys
Service Name: cdrom
Module Base: 8D6C5000
Module End: 8D6E4000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Null.SYS
Service Name: ---
Module Base: 8D6E4000
Module End: 8D6EB000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Beep.SYS
Service Name: ---
Module Base: 8D6EB000
Module End: 8D6F2000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ehdrv.sys
Service Name: ehdrv
Module Base: 8D6F2000
Module End: 8D711000
Hidden: No
Module Name: C:\Windows\System32\drivers\vga.sys
Service Name: vga
Module Base: 8D711000
Module End: 8D71D000
Hidden: No
Module Name: C:\Windows\System32\drivers\VIDEOPRT.SYS
Service Name: ---
Module Base: 8D71D000
Module End: 8D73E000
Hidden: No
Module Name: C:\Windows\System32\drivers\watchdog.sys
Service Name: ---
Module Base: 8D73E000
Module End: 8D74B000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\RDPCDD.sys
Service Name: RDPCDD
Module Base: 8D74B000
Module End: 8D753000
Hidden: No
Module Name: C:\Windows\system32\drivers\rdpencdd.sys
Service Name: RDPENCDD
Module Base: 8D753000
Module End: 8D75B000
Hidden: No
Module Name: C:\Windows\system32\drivers\rdprefmp.sys
Service Name: RDPREFMP
Module Base: 8D75B000
Module End: 8D763000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Msfs.SYS
Service Name: ---
Module Base: 8D763000
Module End: 8D76E000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Npfs.SYS
Service Name: ---
Module Base: 8D76E000
Module End: 8D77C000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\tdx.sys
Service Name: tdx
Module Base: 8D77C000
Module End: 8D793000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\TDI.SYS
Service Name: ---
Module Base: 8D793000
Module End: 8D79E000
Hidden: No
Module Name: C:\Windows\system32\drivers\afd.sys
Service Name: AFD
Module Base: 8D79E000
Module End: 8D7F8000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\netbt.sys
Service Name: NetBT
Module Base: 92A3C000
Module End: 92A6E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\wfplwf.sys
Service Name: WfpLwf
Module Base: 92A6E000
Module End: 92A75000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\pacer.sys
Service Name: Psched
Module Base: 92A75000
Module End: 92A94000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\netbios.sys
Service Name: NetBIOS
Module Base: 92A94000
Module End: 92AA2000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\serial.sys
Service Name: Serial
Module Base: 92AA2000
Module End: 92ABC000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\wanarp.sys
Service Name: WANARP
Module Base: 92ABC000
Module End: 92ACF000
Hidden: No
Module Name: C:\Windows\System32\Drivers\VD_FileDisk.SYS
Service Name: ---
Module Base: 92ACF000
Module End: 92AD3000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\termdd.sys
Service Name: TermDD
Module Base: 92AD3000
Module End: 92AE3000
Hidden: No
Module Name: C:\Windows\System32\Drivers\SCDEmu.SYS
Service Name: ---
Module Base: 92AE3000
Module End: 92AF0000
Hidden: No
Module Name: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
Service Name: SASKUTIL
Module Base: 92AF0000
Module End: 92B15000
Hidden: No
Module Name: \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
Service Name: SASDIFSV
Module Base: 92B15000
Module End: 92B1B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rdbss.sys
Service Name: rdbss
Module Base: 92B1B000
Module End: 92B5C000
Hidden: No
Module Name: C:\Windows\system32\drivers\nsiproxy.sys
Service Name: nsiproxy
Module Base: 92B5C000
Module End: 92B66000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mssmbios.sys
Service Name: mssmbios
Module Base: 92B66000
Module End: 92B70000
Hidden: No
Module Name: C:\Windows\System32\drivers\discache.sys
Service Name: discache
Module Base: 92B70000
Module End: 92B7C000
Hidden: No
Module Name: C:\Windows\system32\drivers\csc.sys
Service Name: CSC
Module Base: 92B7C000
Module End: 92BE0000
Hidden: No
Module Name: C:\Windows\System32\Drivers\dfsc.sys
Service Name: DfsC
Module Base: 92BE0000
Module End: 92BF8000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\blbdrive.sys
Service Name: blbdrive
Module Base: 92A00000
Module End: 92A0E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\tunnel.sys
Service Name: tunnel
Module Base: 92A0E000
Module End: 92A2F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\amdk8.sys
Service Name: AmdK8
Module Base: 8D408000
Module End: 8D41A000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbohci.sys
Service Name: usbohci
Module Base: 92A2F000
Module End: 92A39000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\USBPORT.SYS
Service Name: ---
Module Base: 92E38000
Module End: 92E83000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbehci.sys
Service Name: usbehci
Module Base: 92E83000
Module End: 92E92000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\1394ohci.sys
Service Name: 1394ohci
Module Base: 92E92000
Module End: 92EBE000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\HDAudBus.sys
Service Name: HDAudBus
Module Base: 92EBE000
Module End: 92EDD000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nvm62x32.sys
Service Name: NVENETFD
Module Base: 92EDD000
Module End: 92F32000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nvlddmkm.sys
Service Name: nvlddmkm
Module Base: 95212000
Module End: 95D1A000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nvBridge.kmd
Service Name: ---
Module Base: 95D1A000
Module End: 95D1C000
Hidden: No
Module Name: C:\Windows\System32\drivers\dxgkrnl.sys
Service Name: DXGKrnl
Module Base: 95D1C000
Module End: 95DD3000
Hidden: No
Module Name: C:\Windows\System32\drivers\dxgmms1.sys
Service Name: ---
Module Base: 92F32000
Module End: 92F6B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\fdc.sys
Service Name: fdc
Module Base: 95DD3000
Module End: 95DDE000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\serenum.sys
Service Name: Serenum
Module Base: 95DDE000
Module End: 95DE8000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\parport.sys
Service Name: Parport
Module Base: 95DE8000
Module End: 95E00000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\i8042prt.sys
Service Name: i8042prt
Module Base: 92F6B000
Module End: 92F83000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\kbdclass.sys
Service Name: kbdclass
Module Base: 95200000
Module End: 9520D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\CompositeBus.sys
Service Name: CompositeBus
Module Base: 92F83000
Module End: 92F90000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\Epfwndis.sys
Service Name: Epfwndis
Module Base: 92F90000
Module End: 92F9B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\AgileVpn.sys
Service Name: RasAgileVpn
Module Base: 92F9B000
Module End: 92FAD000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rasl2tp.sys
Service Name: Rasl2tp
Module Base: 92FAD000
Module End: 92FC5000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ndistapi.sys
Service Name: NdisTapi
Module Base: 92FC5000
Module End: 92FD0000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ndiswan.sys
Service Name: NdisWan
Module Base: 92FD0000
Module End: 92FF2000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\raspppoe.sys
Service Name: RasPppoe
Module Base: 92E00000
Module End: 92E18000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\raspptp.sys
Service Name: PptpMiniport
Module Base: 92E18000
Module End: 92E2F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rassstp.sys
Service Name: RasSstp
Module Base: 8D3D8000
Module End: 8D3EF000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rdpbus.sys
Service Name: rdpbus
Module Base: 92FF2000
Module End: 92FFC000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mouclass.sys
Service Name: mouclass
Module Base: 8D600000
Module End: 8D60D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\swenum.sys
Service Name: swenum
Module Base: 9520D000
Module End: 9520F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ks.sys
Service Name: ---
Module Base: 97819000
Module End: 9784D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\umbus.sys
Service Name: umbus
Module Base: 9784D000
Module End: 9785B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbhub.sys
Service Name: usbhub
Module Base: 9785B000
Module End: 9789F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\flpydisk.sys
Service Name: flpydisk
Module Base: 9789F000
Module End: 978A9000
Hidden: No
Module Name: C:\Windows\System32\Drivers\NDProxy.SYS
Service Name: ---
Module Base: 978A9000
Module End: 978BA000
Hidden: No
Module Name: C:\Windows\system32\drivers\RTKVHDA.sys
Service Name: IntcAzAudAddService
Module Base: 9B815000
Module End: 9BAB4000
Hidden: No
Module Name: C:\Windows\system32\drivers\portcls.sys
Service Name: ---
Module Base: 9BAB4000
Module End: 9BAE3000
Hidden: No
Module Name: C:\Windows\system32\drivers\drmk.sys
Service Name: ---
Module Base: 9BAE3000
Module End: 9BAFC000
Hidden: No
Module Name: C:\Windows\System32\Drivers\crashdmp.sys
Service Name: ---
Module Base: 9BAFC000
Module End: 9BB09000
Hidden: No
Module Name: \SystemRoot\System32\Drivers\dump_diskdump.sys
Service Name: ---
Module Base: 9BB09000
Module End: 9BB13000
Hidden: Yes
Module Name: \SystemRoot\System32\Drivers\dump_nvstor.sys
Service Name: ---
Module Base: 9BB13000
Module End: 9BB38000
Hidden: Yes
Module Name: \SystemRoot\System32\Drivers\dump_dumpfve.sys
Service Name: ---
Module Base: 9BB38000
Module End: 9BB49000
Hidden: Yes
Module Name: C:\Windows\System32\drivers\Dxapi.sys
Service Name: ---
Module Base: 9BB49000
Module End: 9BB53000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\hidusb.sys
Service Name: HidUsb
Module Base: 9BB53000
Module End: 9BB5E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\HIDCLASS.SYS
Service Name: ---
Module Base: 9BB5E000
Module End: 9BB71000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\HIDPARSE.SYS
Service Name: ---
Module Base: 9BB71000
Module End: 9BB78000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\USBD.SYS
Service Name: ---
Module Base: 9BB78000
Module End: 9BB7A000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mouhid.sys
Service Name: mouhid
Module Base: 9BB7A000
Module End: 9BB85000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\monitor.sys
Service Name: monitor
Module Base: 9BB85000
Module End: 9BB90000
Hidden: No
Module Name: C:\Windows\system32\drivers\luafv.sys
Service Name: luafv
Module Base: 9BB90000
Module End: 9BBAB000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\eamonm.sys
Service Name: eamonm
Module Base: 978BA000
Module End: 97960000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\tifsfilt.sys
Service Name: tifsfilter
Module Base: 9BBAB000
Module End: 9BBB5000
Hidden: No
Module Name: C:\Windows\system32\drivers\WudfPf.sys
Service Name: WudfPf
Module Base: 9BBB5000
Module End: 9BBCF000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\epfw.sys
Service Name: epfw
Module Base: 9BBCF000
Module End: 9BBF1000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\lltdio.sys
Service Name: lltdio
Module Base: 9B800000
Module End: 9B810000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rspndr.sys
Service Name: rspndr
Module Base: 97960000
Module End: 97973000
Hidden: No
Module Name: C:\Windows\system32\drivers\HTTP.sys
Service Name: HTTP
Module Base: 97973000
Module End: 979F8000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\bowser.sys
Service Name: bowser
Module Base: 97800000
Module End: 97819000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mrxsmb.sys
Service Name: mrxsmb
Module Base: 8D678000
Module End: 8D69B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mrxsmb10.sys
Service Name: mrxsmb10
Module Base: A0E0C000
Module End: A0E47000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mrxsmb20.sys
Service Name: mrxsmb20
Module Base: A0E47000
Module End: A0E62000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\parvdm.sys
Service Name: Parvdm
Module Base: A0E62000
Module End: A0E69000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\epfwwfp.sys
Service Name: epfwwfp
Module Base: A0E69000
Module End: A0E77000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\idmwfp.sys
Service Name: IDMWFP
Module Base: A0E77000
Module End: A0E8A000
Hidden: No
Module Name: C:\Windows\system32\drivers\peauth.sys
Service Name: PEAUTH
Module Base: A0E8A000
Module End: A0F21000
Hidden: No
Module Name: C:\Windows\System32\Drivers\secdrv.SYS
Service Name: ---
Module Base: A0F21000
Module End: A0F2B000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\srvnet.sys
Service Name: srvnet
Module Base: A0F2B000
Module End: A0F4C000
Hidden: No
Module Name: C:\Windows\System32\drivers\tcpipreg.sys
Service Name: tcpipreg
Module Base: A0F4C000
Module End: A0F59000
Hidden: No
Module Name: \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl
Service Name: {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}
Module Base: A0F59000
Module End: A0F7A000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\srv2.sys
Service Name: srv2
Module Base: A0F7A000
Module End: A0FC9000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\srv.sys
Service Name: srv
Module Base: A2E03000
Module End: A2E54000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nwifi.sys
Service Name: NativeWifiP
Module Base: A2E54000
Module End: A2E9A000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ndisuio.sys
Service Name: Ndisuio
Module Base: A2E9A000
Module End: A2EAA000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\asyncmac.sys
Service Name: AsyncMac
Module Base: A2EAA000
Module End: A2EB3000
Hidden: No
Module Name: C:\Windows\System32\Drivers\fastfat.SYS
Service Name: ---
Module Base: A2EBE000
Module End: A2EE8000
Hidden: No
******************************************************************************************
******************************************************************************************
No SSDT Hooks found
******************************************************************************************
******************************************************************************************
No Kernel Hooks found
******************************************************************************************
******************************************************************************************
No IRP Hooks found
******************************************************************************************
******************************************************************************************
Ports:
Local Address: PIŠKOTI-PC:NETBIOS-SSN
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49180
Remote Address: LOCALHOST:49179
Type: TCP
Process: 488 (PID)
State: ESTABLISHED
Local Address: PIŠKOTI-PC:49179
Remote Address: LOCALHOST:49180
Type: TCP
Process: 488 (PID)
State: ESTABLISHED
Local Address: PIŠKOTI-PC:49178
Remote Address: LOCALHOST:49177
Type: TCP
Process: 488 (PID)
State: ESTABLISHED
Local Address: PIŠKOTI-PC:49177
Remote Address: LOCALHOST:49178
Type: TCP
Process: 488 (PID)
State: ESTABLISHED
Local Address: PIŠKOTI-PC:7438
Remote Address: 0.0.0.0:0
Type: TCP
Process: 2740 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:DCCM
Remote Address: 0.0.0.0:0
Type: TCP
Process: 2740 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49157
Remote Address: 0.0.0.0:0
Type: TCP
Process: 680 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49156
Remote Address: 0.0.0.0:0
Type: TCP
Process: 704 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49155
Remote Address: 0.0.0.0:0
Type: TCP
Process: 1600 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49154
Remote Address: 0.0.0.0:0
Type: TCP
Process: 1124 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49153
Remote Address: 0.0.0.0:0
Type: TCP
Process: 1060 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49152
Remote Address: 0.0.0.0:0
Type: TCP
Process: 632 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:10243
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:MI-RAYSAT_3DSMAX2010_32
Remote Address: 0.0.0.0:0
Type: TCP
Process: 1376 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:WSD
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:ICSLAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:FTPS
Remote Address: 0.0.0.0:0
Type: TCP
Process: 2740 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:RTSP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 3840 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:MICROSOFT-DS
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:EPMAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 964 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:59740
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:50990
Remote Address: NA
Type: UDP
Process: 1124 (PID)
State: NA
Local Address: PIŠKOTI-PC:SSDP
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:138
Remote Address: NA
Type: UDP
Process: 4 (PID)
State: NA
Local Address: PIŠKOTI-PC:NETBIOS-NS
Remote Address: NA
Type: UDP
Process: 4 (PID)
State: NA
Local Address: PIŠKOTI-PC:59741
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:53251
Remote Address: NA
Type: UDP
Process: 2648 (PID)
State: NA
Local Address: PIŠKOTI-PC:SSDP
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:57506
Remote Address: NA
Type: UDP
Process: 1936 (PID)
State: NA
Local Address: PIŠKOTI-PC:55302
Remote Address: NA
Type: UDP
Process: 1308 (PID)
State: NA
Local Address: PIŠKOTI-PC:51359
Remote Address: NA
Type: UDP
Process: 1308 (PID)
State: NA
Local Address: PIŠKOTI-PC:51357
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:LLMNR
Remote Address: NA
Type: UDP
Process: 1400 (PID)
State: NA
Local Address: PIŠKOTI-PC:5005
Remote Address: NA
Type: UDP
Process: 3840 (PID)
State: NA
Local Address: PIŠKOTI-PC:5004
Remote Address: NA
Type: UDP
Process: 3840 (PID)
State: NA
Local Address: PIŠKOTI-PC:IPSEC-MSFT
Remote Address: NA
Type: UDP
Process: 1124 (PID)
State: NA
Local Address: PIŠKOTI-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 1308 (PID)
State: NA
Local Address: PIŠKOTI-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 1308 (PID)
State: NA
Local Address: PIŠKOTI-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:TEREDO
Remote Address: NA
Type: UDP
Process: 1124 (PID)
State: NA
Local Address: PIŠKOTI-PC:500
Remote Address: NA
Type: UDP
Process: 1124 (PID)
State: NA
******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: E:\MUSIC\BEATPORT MUSIC\BeatPort_Top_10__02.06.2009\Adsiz.jpg
Status: Hidden
Object: E:\MUSIC\MUSIC\Roztřídit\MP3torrent\House selection vol.4\Disc One\Dario Nunez - Come With Me (Original Mix).mp3
Status: Hidden
Object: E:\System Volume Information\tracking.log
Status: Access denied
Object: E:\System Volume Information\{47357f9a-003a-11e0-a719-001d7dd77889}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: D:\System Volume Information\tracking.log
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\Catalog\BackupGlobalCatalog
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\Catalog\GlobalCatalog
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\Catalog
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\SPPMetadataCache\{a7249ea6-88e5-4d7c-ac95-203cc571a729}
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\SPPMetadataCache\{da5c7587-e51d-4842-a1e2-8f58248cf760}
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\SPPMetadataCache
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\namespace
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\pq
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\sm
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\temp
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMsMpPsSession7.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTRAC_PS.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl
Status: Access denied
by swatkat
******************************************************************************************
******************************************************************************************
No Processes found
******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \??\C:\Users\Piškoti\Desktop\SysProt\SysProtDrv.sys
Service Name: SysProtDrv.sys
Module Base: A2EF3000
Module End: A2EFE000
Hidden: No
Module Name: C:\Windows\system32\ntkrnlpa.exe
Service Name: ---
Module Base: 84243000
Module End: 84653000
Hidden: No
Module Name: C:\Windows\system32\halmacpi.dll
Service Name: ---
Module Base: 8420C000
Module End: 84243000
Hidden: No
Module Name: C:\Windows\system32\kdcom.dll
Service Name: ---
Module Base: 80BC1000
Module End: 80BC9000
Hidden: No
Module Name: C:\Windows\system32\mcupdate_AuthenticAMD.dll
Service Name: ---
Module Base: 8CC2C000
Module End: 8CC37000
Hidden: No
Module Name: C:\Windows\system32\PSHED.dll
Service Name: ---
Module Base: 8CC37000
Module End: 8CC48000
Hidden: No
Module Name: C:\Windows\system32\BOOTVID.dll
Service Name: ---
Module Base: 8CC48000
Module End: 8CC50000
Hidden: No
Module Name: C:\Windows\system32\CLFS.SYS
Service Name: CLFS
Module Base: 8CC50000
Module End: 8CC92000
Hidden: No
Module Name: C:\Windows\system32\CI.dll
Service Name: ---
Module Base: 8CC92000
Module End: 8CD3D000
Hidden: No
Module Name: C:\Windows\system32\drivers\Wdf01000.sys
Service Name: Wdf01000
Module Base: 8CD3D000
Module End: 8CDAE000
Hidden: No
Module Name: C:\Windows\system32\drivers\WDFLDR.SYS
Service Name: ---
Module Base: 8CDAE000
Module End: 8CDBC000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ACPI.sys
Service Name: ACPI
Module Base: 8CE27000
Module End: 8CE6F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\WMILIB.SYS
Service Name: ---
Module Base: 8CE6F000
Module End: 8CE78000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\msisadrv.sys
Service Name: msisadrv
Module Base: 8CE78000
Module End: 8CE80000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\vdrvroot.sys
Service Name: vdrvroot
Module Base: 8CE80000
Module End: 8CE8B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\pci.sys
Service Name: pci
Module Base: 8CE8B000
Module End: 8CEB5000
Hidden: No
Module Name: C:\Windows\System32\drivers\partmgr.sys
Service Name: partmgr
Module Base: 8CEB5000
Module End: 8CEC6000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\volmgr.sys
Service Name: volmgr
Module Base: 8CEC6000
Module End: 8CED6000
Hidden: No
Module Name: C:\Windows\System32\drivers\volmgrx.sys
Service Name: volmgrx
Module Base: 8CED6000
Module End: 8CF21000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\pciide.sys
Service Name: pciide
Module Base: 8CF21000
Module End: 8CF28000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\PCIIDEX.SYS
Service Name: ---
Module Base: 8CF28000
Module End: 8CF36000
Hidden: No
Module Name: C:\Windows\System32\drivers\mountmgr.sys
Service Name: mountmgr
Module Base: 8CF36000
Module End: 8CF4C000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\atapi.sys
Service Name: atapi
Module Base: 8CF4C000
Module End: 8CF55000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ataport.SYS
Service Name: ---
Module Base: 8CF55000
Module End: 8CF78000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nvstor.sys
Service Name: nvstor
Module Base: 8CF78000
Module End: 8CF9D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\storport.sys
Service Name: ---
Module Base: 8CF9D000
Module End: 8CFE4000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\amdxata.sys
Service Name: amdxata
Module Base: 8CFE4000
Module End: 8CFED000
Hidden: No
Module Name: C:\Windows\system32\drivers\fltmgr.sys
Service Name: FltMgr
Module Base: 8CDBC000
Module End: 8CDF0000
Hidden: No
Module Name: C:\Windows\system32\drivers\fileinfo.sys
Service Name: FileInfo
Module Base: 8CFED000
Module End: 8CFFE000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Ntfs.sys
Service Name: ---
Module Base: 8D007000
Module End: 8D136000
Hidden: No
Module Name: C:\Windows\System32\Drivers\msrpc.sys
Service Name: ---
Module Base: 8D136000
Module End: 8D161000
Hidden: No
Module Name: C:\Windows\System32\Drivers\ksecdd.sys
Service Name: KSecDD
Module Base: 8D161000
Module End: 8D174000
Hidden: No
Module Name: C:\Windows\System32\Drivers\cng.sys
Service Name: CNG
Module Base: 8D174000
Module End: 8D1D1000
Hidden: No
Module Name: C:\Windows\System32\drivers\pcw.sys
Service Name: pcw
Module Base: 8D1D1000
Module End: 8D1DF000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Fs_Rec.sys
Service Name: ---
Module Base: 8D1DF000
Module End: 8D1E8000
Hidden: No
Module Name: C:\Windows\system32\drivers\ndis.sys
Service Name: NDIS
Module Base: 8D226000
Module End: 8D2DD000
Hidden: No
Module Name: C:\Windows\system32\drivers\NETIO.SYS
Service Name: ---
Module Base: 8D2DD000
Module End: 8D31B000
Hidden: No
Module Name: C:\Windows\System32\Drivers\ksecpkg.sys
Service Name: KSecPkg
Module Base: 8D31B000
Module End: 8D340000
Hidden: No
Module Name: C:\Windows\System32\drivers\tcpip.sys
Service Name: Tcpip
Module Base: 8D424000
Module End: 8D56D000
Hidden: No
Module Name: C:\Windows\System32\drivers\fwpkclnt.sys
Service Name: ---
Module Base: 8D56D000
Module End: 8D59E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\timntr.sys
Service Name: timounter
Module Base: 8D340000
Module End: 8D3AB000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\vmstorfl.sys
Service Name: storflt
Module Base: 8D59E000
Module End: 8D5A7000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\volsnap.sys
Service Name: volsnap
Module Base: 8D5A7000
Module End: 8D5E6000
Hidden: No
Module Name: C:\Windows\System32\Drivers\spldr.sys
Service Name: ---
Module Base: 8D5E6000
Module End: 8D5EE000
Hidden: No
Module Name: C:\Windows\System32\drivers\rdyboost.sys
Service Name: rdyboost
Module Base: 8D3AB000
Module End: 8D3D8000
Hidden: No
Module Name: C:\Windows\System32\Drivers\mup.sys
Service Name: Mup
Module Base: 8D5EE000
Module End: 8D5FE000
Hidden: No
Module Name: C:\Windows\System32\drivers\hwpolicy.sys
Service Name: hwpolicy
Module Base: 8D400000
Module End: 8D408000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\fvevol.sys
Service Name: fvevol
Module Base: 8D610000
Module End: 8D642000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\disk.sys
Service Name: Disk
Module Base: 8D642000
Module End: 8D653000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\CLASSPNP.SYS
Service Name: ---
Module Base: 8D653000
Module End: 8D678000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\cdrom.sys
Service Name: cdrom
Module Base: 8D6C5000
Module End: 8D6E4000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Null.SYS
Service Name: ---
Module Base: 8D6E4000
Module End: 8D6EB000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Beep.SYS
Service Name: ---
Module Base: 8D6EB000
Module End: 8D6F2000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ehdrv.sys
Service Name: ehdrv
Module Base: 8D6F2000
Module End: 8D711000
Hidden: No
Module Name: C:\Windows\System32\drivers\vga.sys
Service Name: vga
Module Base: 8D711000
Module End: 8D71D000
Hidden: No
Module Name: C:\Windows\System32\drivers\VIDEOPRT.SYS
Service Name: ---
Module Base: 8D71D000
Module End: 8D73E000
Hidden: No
Module Name: C:\Windows\System32\drivers\watchdog.sys
Service Name: ---
Module Base: 8D73E000
Module End: 8D74B000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\RDPCDD.sys
Service Name: RDPCDD
Module Base: 8D74B000
Module End: 8D753000
Hidden: No
Module Name: C:\Windows\system32\drivers\rdpencdd.sys
Service Name: RDPENCDD
Module Base: 8D753000
Module End: 8D75B000
Hidden: No
Module Name: C:\Windows\system32\drivers\rdprefmp.sys
Service Name: RDPREFMP
Module Base: 8D75B000
Module End: 8D763000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Msfs.SYS
Service Name: ---
Module Base: 8D763000
Module End: 8D76E000
Hidden: No
Module Name: C:\Windows\System32\Drivers\Npfs.SYS
Service Name: ---
Module Base: 8D76E000
Module End: 8D77C000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\tdx.sys
Service Name: tdx
Module Base: 8D77C000
Module End: 8D793000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\TDI.SYS
Service Name: ---
Module Base: 8D793000
Module End: 8D79E000
Hidden: No
Module Name: C:\Windows\system32\drivers\afd.sys
Service Name: AFD
Module Base: 8D79E000
Module End: 8D7F8000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\netbt.sys
Service Name: NetBT
Module Base: 92A3C000
Module End: 92A6E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\wfplwf.sys
Service Name: WfpLwf
Module Base: 92A6E000
Module End: 92A75000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\pacer.sys
Service Name: Psched
Module Base: 92A75000
Module End: 92A94000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\netbios.sys
Service Name: NetBIOS
Module Base: 92A94000
Module End: 92AA2000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\serial.sys
Service Name: Serial
Module Base: 92AA2000
Module End: 92ABC000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\wanarp.sys
Service Name: WANARP
Module Base: 92ABC000
Module End: 92ACF000
Hidden: No
Module Name: C:\Windows\System32\Drivers\VD_FileDisk.SYS
Service Name: ---
Module Base: 92ACF000
Module End: 92AD3000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\termdd.sys
Service Name: TermDD
Module Base: 92AD3000
Module End: 92AE3000
Hidden: No
Module Name: C:\Windows\System32\Drivers\SCDEmu.SYS
Service Name: ---
Module Base: 92AE3000
Module End: 92AF0000
Hidden: No
Module Name: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
Service Name: SASKUTIL
Module Base: 92AF0000
Module End: 92B15000
Hidden: No
Module Name: \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
Service Name: SASDIFSV
Module Base: 92B15000
Module End: 92B1B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rdbss.sys
Service Name: rdbss
Module Base: 92B1B000
Module End: 92B5C000
Hidden: No
Module Name: C:\Windows\system32\drivers\nsiproxy.sys
Service Name: nsiproxy
Module Base: 92B5C000
Module End: 92B66000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mssmbios.sys
Service Name: mssmbios
Module Base: 92B66000
Module End: 92B70000
Hidden: No
Module Name: C:\Windows\System32\drivers\discache.sys
Service Name: discache
Module Base: 92B70000
Module End: 92B7C000
Hidden: No
Module Name: C:\Windows\system32\drivers\csc.sys
Service Name: CSC
Module Base: 92B7C000
Module End: 92BE0000
Hidden: No
Module Name: C:\Windows\System32\Drivers\dfsc.sys
Service Name: DfsC
Module Base: 92BE0000
Module End: 92BF8000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\blbdrive.sys
Service Name: blbdrive
Module Base: 92A00000
Module End: 92A0E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\tunnel.sys
Service Name: tunnel
Module Base: 92A0E000
Module End: 92A2F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\amdk8.sys
Service Name: AmdK8
Module Base: 8D408000
Module End: 8D41A000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbohci.sys
Service Name: usbohci
Module Base: 92A2F000
Module End: 92A39000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\USBPORT.SYS
Service Name: ---
Module Base: 92E38000
Module End: 92E83000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbehci.sys
Service Name: usbehci
Module Base: 92E83000
Module End: 92E92000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\1394ohci.sys
Service Name: 1394ohci
Module Base: 92E92000
Module End: 92EBE000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\HDAudBus.sys
Service Name: HDAudBus
Module Base: 92EBE000
Module End: 92EDD000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nvm62x32.sys
Service Name: NVENETFD
Module Base: 92EDD000
Module End: 92F32000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nvlddmkm.sys
Service Name: nvlddmkm
Module Base: 95212000
Module End: 95D1A000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nvBridge.kmd
Service Name: ---
Module Base: 95D1A000
Module End: 95D1C000
Hidden: No
Module Name: C:\Windows\System32\drivers\dxgkrnl.sys
Service Name: DXGKrnl
Module Base: 95D1C000
Module End: 95DD3000
Hidden: No
Module Name: C:\Windows\System32\drivers\dxgmms1.sys
Service Name: ---
Module Base: 92F32000
Module End: 92F6B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\fdc.sys
Service Name: fdc
Module Base: 95DD3000
Module End: 95DDE000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\serenum.sys
Service Name: Serenum
Module Base: 95DDE000
Module End: 95DE8000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\parport.sys
Service Name: Parport
Module Base: 95DE8000
Module End: 95E00000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\i8042prt.sys
Service Name: i8042prt
Module Base: 92F6B000
Module End: 92F83000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\kbdclass.sys
Service Name: kbdclass
Module Base: 95200000
Module End: 9520D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\CompositeBus.sys
Service Name: CompositeBus
Module Base: 92F83000
Module End: 92F90000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\Epfwndis.sys
Service Name: Epfwndis
Module Base: 92F90000
Module End: 92F9B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\AgileVpn.sys
Service Name: RasAgileVpn
Module Base: 92F9B000
Module End: 92FAD000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rasl2tp.sys
Service Name: Rasl2tp
Module Base: 92FAD000
Module End: 92FC5000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ndistapi.sys
Service Name: NdisTapi
Module Base: 92FC5000
Module End: 92FD0000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ndiswan.sys
Service Name: NdisWan
Module Base: 92FD0000
Module End: 92FF2000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\raspppoe.sys
Service Name: RasPppoe
Module Base: 92E00000
Module End: 92E18000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\raspptp.sys
Service Name: PptpMiniport
Module Base: 92E18000
Module End: 92E2F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rassstp.sys
Service Name: RasSstp
Module Base: 8D3D8000
Module End: 8D3EF000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rdpbus.sys
Service Name: rdpbus
Module Base: 92FF2000
Module End: 92FFC000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mouclass.sys
Service Name: mouclass
Module Base: 8D600000
Module End: 8D60D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\swenum.sys
Service Name: swenum
Module Base: 9520D000
Module End: 9520F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ks.sys
Service Name: ---
Module Base: 97819000
Module End: 9784D000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\umbus.sys
Service Name: umbus
Module Base: 9784D000
Module End: 9785B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\usbhub.sys
Service Name: usbhub
Module Base: 9785B000
Module End: 9789F000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\flpydisk.sys
Service Name: flpydisk
Module Base: 9789F000
Module End: 978A9000
Hidden: No
Module Name: C:\Windows\System32\Drivers\NDProxy.SYS
Service Name: ---
Module Base: 978A9000
Module End: 978BA000
Hidden: No
Module Name: C:\Windows\system32\drivers\RTKVHDA.sys
Service Name: IntcAzAudAddService
Module Base: 9B815000
Module End: 9BAB4000
Hidden: No
Module Name: C:\Windows\system32\drivers\portcls.sys
Service Name: ---
Module Base: 9BAB4000
Module End: 9BAE3000
Hidden: No
Module Name: C:\Windows\system32\drivers\drmk.sys
Service Name: ---
Module Base: 9BAE3000
Module End: 9BAFC000
Hidden: No
Module Name: C:\Windows\System32\Drivers\crashdmp.sys
Service Name: ---
Module Base: 9BAFC000
Module End: 9BB09000
Hidden: No
Module Name: \SystemRoot\System32\Drivers\dump_diskdump.sys
Service Name: ---
Module Base: 9BB09000
Module End: 9BB13000
Hidden: Yes
Module Name: \SystemRoot\System32\Drivers\dump_nvstor.sys
Service Name: ---
Module Base: 9BB13000
Module End: 9BB38000
Hidden: Yes
Module Name: \SystemRoot\System32\Drivers\dump_dumpfve.sys
Service Name: ---
Module Base: 9BB38000
Module End: 9BB49000
Hidden: Yes
Module Name: C:\Windows\System32\drivers\Dxapi.sys
Service Name: ---
Module Base: 9BB49000
Module End: 9BB53000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\hidusb.sys
Service Name: HidUsb
Module Base: 9BB53000
Module End: 9BB5E000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\HIDCLASS.SYS
Service Name: ---
Module Base: 9BB5E000
Module End: 9BB71000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\HIDPARSE.SYS
Service Name: ---
Module Base: 9BB71000
Module End: 9BB78000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\USBD.SYS
Service Name: ---
Module Base: 9BB78000
Module End: 9BB7A000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mouhid.sys
Service Name: mouhid
Module Base: 9BB7A000
Module End: 9BB85000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\monitor.sys
Service Name: monitor
Module Base: 9BB85000
Module End: 9BB90000
Hidden: No
Module Name: C:\Windows\system32\drivers\luafv.sys
Service Name: luafv
Module Base: 9BB90000
Module End: 9BBAB000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\eamonm.sys
Service Name: eamonm
Module Base: 978BA000
Module End: 97960000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\tifsfilt.sys
Service Name: tifsfilter
Module Base: 9BBAB000
Module End: 9BBB5000
Hidden: No
Module Name: C:\Windows\system32\drivers\WudfPf.sys
Service Name: WudfPf
Module Base: 9BBB5000
Module End: 9BBCF000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\epfw.sys
Service Name: epfw
Module Base: 9BBCF000
Module End: 9BBF1000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\lltdio.sys
Service Name: lltdio
Module Base: 9B800000
Module End: 9B810000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\rspndr.sys
Service Name: rspndr
Module Base: 97960000
Module End: 97973000
Hidden: No
Module Name: C:\Windows\system32\drivers\HTTP.sys
Service Name: HTTP
Module Base: 97973000
Module End: 979F8000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\bowser.sys
Service Name: bowser
Module Base: 97800000
Module End: 97819000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mrxsmb.sys
Service Name: mrxsmb
Module Base: 8D678000
Module End: 8D69B000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mrxsmb10.sys
Service Name: mrxsmb10
Module Base: A0E0C000
Module End: A0E47000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\mrxsmb20.sys
Service Name: mrxsmb20
Module Base: A0E47000
Module End: A0E62000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\parvdm.sys
Service Name: Parvdm
Module Base: A0E62000
Module End: A0E69000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\epfwwfp.sys
Service Name: epfwwfp
Module Base: A0E69000
Module End: A0E77000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\idmwfp.sys
Service Name: IDMWFP
Module Base: A0E77000
Module End: A0E8A000
Hidden: No
Module Name: C:\Windows\system32\drivers\peauth.sys
Service Name: PEAUTH
Module Base: A0E8A000
Module End: A0F21000
Hidden: No
Module Name: C:\Windows\System32\Drivers\secdrv.SYS
Service Name: ---
Module Base: A0F21000
Module End: A0F2B000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\srvnet.sys
Service Name: srvnet
Module Base: A0F2B000
Module End: A0F4C000
Hidden: No
Module Name: C:\Windows\System32\drivers\tcpipreg.sys
Service Name: tcpipreg
Module Base: A0F4C000
Module End: A0F59000
Hidden: No
Module Name: \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl
Service Name: {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}
Module Base: A0F59000
Module End: A0F7A000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\srv2.sys
Service Name: srv2
Module Base: A0F7A000
Module End: A0FC9000
Hidden: No
Module Name: C:\Windows\System32\DRIVERS\srv.sys
Service Name: srv
Module Base: A2E03000
Module End: A2E54000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\nwifi.sys
Service Name: NativeWifiP
Module Base: A2E54000
Module End: A2E9A000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\ndisuio.sys
Service Name: Ndisuio
Module Base: A2E9A000
Module End: A2EAA000
Hidden: No
Module Name: C:\Windows\system32\DRIVERS\asyncmac.sys
Service Name: AsyncMac
Module Base: A2EAA000
Module End: A2EB3000
Hidden: No
Module Name: C:\Windows\System32\Drivers\fastfat.SYS
Service Name: ---
Module Base: A2EBE000
Module End: A2EE8000
Hidden: No
******************************************************************************************
******************************************************************************************
No SSDT Hooks found
******************************************************************************************
******************************************************************************************
No Kernel Hooks found
******************************************************************************************
******************************************************************************************
No IRP Hooks found
******************************************************************************************
******************************************************************************************
Ports:
Local Address: PIŠKOTI-PC:NETBIOS-SSN
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49180
Remote Address: LOCALHOST:49179
Type: TCP
Process: 488 (PID)
State: ESTABLISHED
Local Address: PIŠKOTI-PC:49179
Remote Address: LOCALHOST:49180
Type: TCP
Process: 488 (PID)
State: ESTABLISHED
Local Address: PIŠKOTI-PC:49178
Remote Address: LOCALHOST:49177
Type: TCP
Process: 488 (PID)
State: ESTABLISHED
Local Address: PIŠKOTI-PC:49177
Remote Address: LOCALHOST:49178
Type: TCP
Process: 488 (PID)
State: ESTABLISHED
Local Address: PIŠKOTI-PC:7438
Remote Address: 0.0.0.0:0
Type: TCP
Process: 2740 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:DCCM
Remote Address: 0.0.0.0:0
Type: TCP
Process: 2740 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49157
Remote Address: 0.0.0.0:0
Type: TCP
Process: 680 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49156
Remote Address: 0.0.0.0:0
Type: TCP
Process: 704 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49155
Remote Address: 0.0.0.0:0
Type: TCP
Process: 1600 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49154
Remote Address: 0.0.0.0:0
Type: TCP
Process: 1124 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49153
Remote Address: 0.0.0.0:0
Type: TCP
Process: 1060 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:49152
Remote Address: 0.0.0.0:0
Type: TCP
Process: 632 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:10243
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:MI-RAYSAT_3DSMAX2010_32
Remote Address: 0.0.0.0:0
Type: TCP
Process: 1376 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:WSD
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:ICSLAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:FTPS
Remote Address: 0.0.0.0:0
Type: TCP
Process: 2740 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:RTSP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 3840 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:MICROSOFT-DS
Remote Address: 0.0.0.0:0
Type: TCP
Process: 4 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:EPMAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: 964 (PID)
State: LISTENING
Local Address: PIŠKOTI-PC:59740
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:50990
Remote Address: NA
Type: UDP
Process: 1124 (PID)
State: NA
Local Address: PIŠKOTI-PC:SSDP
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:138
Remote Address: NA
Type: UDP
Process: 4 (PID)
State: NA
Local Address: PIŠKOTI-PC:NETBIOS-NS
Remote Address: NA
Type: UDP
Process: 4 (PID)
State: NA
Local Address: PIŠKOTI-PC:59741
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:53251
Remote Address: NA
Type: UDP
Process: 2648 (PID)
State: NA
Local Address: PIŠKOTI-PC:SSDP
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:57506
Remote Address: NA
Type: UDP
Process: 1936 (PID)
State: NA
Local Address: PIŠKOTI-PC:55302
Remote Address: NA
Type: UDP
Process: 1308 (PID)
State: NA
Local Address: PIŠKOTI-PC:51359
Remote Address: NA
Type: UDP
Process: 1308 (PID)
State: NA
Local Address: PIŠKOTI-PC:51357
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:LLMNR
Remote Address: NA
Type: UDP
Process: 1400 (PID)
State: NA
Local Address: PIŠKOTI-PC:5005
Remote Address: NA
Type: UDP
Process: 3840 (PID)
State: NA
Local Address: PIŠKOTI-PC:5004
Remote Address: NA
Type: UDP
Process: 3840 (PID)
State: NA
Local Address: PIŠKOTI-PC:IPSEC-MSFT
Remote Address: NA
Type: UDP
Process: 1124 (PID)
State: NA
Local Address: PIŠKOTI-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 1308 (PID)
State: NA
Local Address: PIŠKOTI-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 1308 (PID)
State: NA
Local Address: PIŠKOTI-PC:WS-DISCOVERY
Remote Address: NA
Type: UDP
Process: 3104 (PID)
State: NA
Local Address: PIŠKOTI-PC:TEREDO
Remote Address: NA
Type: UDP
Process: 1124 (PID)
State: NA
Local Address: PIŠKOTI-PC:500
Remote Address: NA
Type: UDP
Process: 1124 (PID)
State: NA
******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: E:\MUSIC\BEATPORT MUSIC\BeatPort_Top_10__02.06.2009\Adsiz.jpg
Status: Hidden
Object: E:\MUSIC\MUSIC\Roztřídit\MP3torrent\House selection vol.4\Disc One\Dario Nunez - Come With Me (Original Mix).mp3
Status: Hidden
Object: E:\System Volume Information\tracking.log
Status: Access denied
Object: E:\System Volume Information\{47357f9a-003a-11e0-a719-001d7dd77889}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Access denied
Object: D:\System Volume Information\tracking.log
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\Catalog\BackupGlobalCatalog
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\Catalog\GlobalCatalog
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\Catalog
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\SPPMetadataCache\{a7249ea6-88e5-4d7c-ac95-203cc571a729}
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\SPPMetadataCache\{da5c7587-e51d-4842-a1e2-8f58248cf760}
Status: Access denied
Object: C:\System Volume Information\WindowsImageBackup\SPPMetadataCache
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\namespace
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\pq
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\sm
Status: Access denied
Object: C:\Windows\CSC\v2.0.6\temp
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMsMpPsSession7.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTRAC_PS.etl
Status: Access denied
Object: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl
Status: Access denied
Re: Prosím o kontrolu logu. Děkuji
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 4CB5-B140.
Věpis adres ýe C:\
12.12.2010 14:37 0 dirdat.txt
12.12.2010 14:09 3˙489˙193˙984 pagefile.sys
12.12.2010 14:09 2˙616˙893˙440 hiberfil.sys
08.12.2010 13:53 20˙784 aaw7boot.log
02.06.2010 15:19 383˙562 bootmgr
31.05.2010 19:29 269˙865 NQMVZ
31.05.2010 19:29 20 win7.ld
13.02.2010 08:48 0 IO.SYS
13.02.2010 08:48 0 MSDOS.SYS
29.08.2009 12:21 8˙192 BOOTSECT.BAK
29.08.2009 11:48 171˙136 w7ldr
10.06.2009 22:42 10 config.sys
10.06.2009 22:42 24 autoexec.bat
Soubor…: 13, Bajt…: 6˙106˙941˙017
Adres ý…: 0, Volněch bajt…: 73˙571˙520˙512
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 4CB5-B140.
Věpis adres ýe C:\Windows\system
13.07.2009 22:41 24˙064 OLESVR.DLL
13.07.2009 22:41 12˙704 WFWNET.DRV
13.07.2009 22:41 32˙816 COMMDLG.DLL
13.07.2009 22:41 4˙048 TIMER.DRV
13.07.2009 22:41 68˙992 MMSYSTEM.DLL
13.07.2009 22:41 1˙152 mmtask.tsk
13.07.2009 22:41 2˙032 mouse.drv
13.07.2009 22:41 2˙176 vga.drv
13.07.2009 22:41 1˙744 sound.drv
13.07.2009 22:41 2˙000 keyboard.drv
13.07.2009 22:41 5˙120 SHELL.DLL
13.07.2009 22:41 3˙360 system.drv
10.06.2009 22:42 9˙008 ver.dll
10.06.2009 22:42 82˙944 olecli.dll
10.06.2009 22:42 9˙936 lzexpand.dll
10.06.2009 22:25 5˙532 stdole.tlb
10.06.2009 22:21 126˙912 msvideo.dll
10.06.2009 22:21 28˙160 mciwave.drv
10.06.2009 22:21 25˙264 mciseq.drv
10.06.2009 22:21 73˙376 mciavi.drv
10.06.2009 22:21 109˙456 avifile.dll
10.06.2009 22:21 69˙584 avicap.dll
Soubor…: 22, Bajt…: 700˙380
Adres ý…: 0, Volněch bajt…: 73˙571˙516˙416
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 4CB5-B140.
Věpis adres ýe C:\Windows
12.12.2010 14:10 355 AutoKMS.log
12.12.2010 14:09 56 setupact.log
12.12.2010 14:09 0 setuperr.log
12.12.2010 14:09 67˙584 bootstat.dat
12.12.2010 14:08 256˙681 WindowsUpdate.log
09.12.2010 07:40 9˙415 system.ini
31.10.2010 19:53 25 libem.INI
30.08.2010 07:03 472˙576 AutoKMS.exe
20.08.2010 22:00 253˙952 Setup1.exe
20.08.2010 22:00 73˙216 ST6UNST.EXE
20.07.2010 14:38 796˙672 GPInstall.exe
17.07.2010 14:00 478 win.ini
28.11.2009 08:43 31 CADSymbols.ini
31.10.2009 06:45 2˙614˙272 explorer.exe
29.08.2009 18:24 0 nsreg.dat
05.08.2009 15:10 831˙488 RtlExUpd.dll
14.07.2009 05:41 749 WindowsShell.Manifest
14.07.2009 02:16 51˙200 twain_32.dll
14.07.2009 02:14 9˙216 write.exe
14.07.2009 02:14 9˙728 winhlp32.exe
14.07.2009 02:14 31˙232 twunk_32.exe
14.07.2009 02:14 398˙336 regedit.exe
14.07.2009 02:14 179˙712 notepad.exe
14.07.2009 02:14 15˙360 hh.exe
14.07.2009 02:14 497˙152 HelpPane.exe
14.07.2009 02:14 13˙824 fveupdate.exe
14.07.2009 02:14 65˙024 bfsvc.exe
13.07.2009 23:58 43˙131 mib.bin
10.06.2009 22:42 707 _default.pif
10.06.2009 22:42 256˙192 winhelp.exe
10.06.2009 22:41 49˙680 twunk_16.exe
10.06.2009 22:41 94˙784 twain.dll
10.06.2009 22:34 316˙640 WMSysPr9.prx
10.06.2009 22:19 1˙405 msdfmap.ini
10.06.2009 22:14 51˙867 Ultimate.xml
10.06.2009 22:14 48˙201 Starter.xml
05.09.2007 06:02 545 PKUNZIP.PIF
05.09.2007 06:02 545 PKZIP.PIF
05.09.2007 06:02 545 RAR.PIF
05.09.2007 06:02 545 ARJ.PIF
05.09.2007 06:02 545 LHA.PIF
05.09.2007 06:02 545 NOCLOSE.PIF
05.09.2007 06:02 545 UC.PIF
07.06.2007 12:25 1˙578 P17EPLS.ini
20.03.2007 16:23 1˙669 P17EP.ini
15.12.2006 09:41 8˙192 ResDefE.exe
14.06.2005 18:07 11˙264 INRES.DLL
04.08.2004 08:56 18 8w5ufmfmr8p8xou
25.03.2003 04:49 714 m3jpeg.ini
25.03.2003 04:49 761 m3jp2k.ini
20.10.1999 17:28 7˙538 Czech_CZ.gpl
13.11.1998 12:58 307˙200 IsUn0405.exe
29.10.1998 15:45 306˙688 IsUninst.exe
Soubor…: 53, Bajt…: 8˙160˙378
Adres ý…: 0, Volněch bajt…: 73˙571˙512˙320
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 4CB5-B140.
Věpis adres ýe C:\Users\PIKOTI~1\AppData\Local\Temp
12.12.2010 14:37 0 IMGD23.tmp
12.12.2010 14:14 403 jusched.log
12.12.2010 14:12 0 CVR4D85.tmp.cvr
10.12.2010 22:26 0 FXSAPIDebugLogFile.txt
Soubor…: 4, Bajt…: 403
Adres ý…: 0, Volněch bajt…: 73˙571˙512˙320
S‚riov‚ źˇslo svazku je 4CB5-B140.
Věpis adres ýe C:\
12.12.2010 14:37 0 dirdat.txt
12.12.2010 14:09 3˙489˙193˙984 pagefile.sys
12.12.2010 14:09 2˙616˙893˙440 hiberfil.sys
08.12.2010 13:53 20˙784 aaw7boot.log
02.06.2010 15:19 383˙562 bootmgr
31.05.2010 19:29 269˙865 NQMVZ
31.05.2010 19:29 20 win7.ld
13.02.2010 08:48 0 IO.SYS
13.02.2010 08:48 0 MSDOS.SYS
29.08.2009 12:21 8˙192 BOOTSECT.BAK
29.08.2009 11:48 171˙136 w7ldr
10.06.2009 22:42 10 config.sys
10.06.2009 22:42 24 autoexec.bat
Soubor…: 13, Bajt…: 6˙106˙941˙017
Adres ý…: 0, Volněch bajt…: 73˙571˙520˙512
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 4CB5-B140.
Věpis adres ýe C:\Windows\system
13.07.2009 22:41 24˙064 OLESVR.DLL
13.07.2009 22:41 12˙704 WFWNET.DRV
13.07.2009 22:41 32˙816 COMMDLG.DLL
13.07.2009 22:41 4˙048 TIMER.DRV
13.07.2009 22:41 68˙992 MMSYSTEM.DLL
13.07.2009 22:41 1˙152 mmtask.tsk
13.07.2009 22:41 2˙032 mouse.drv
13.07.2009 22:41 2˙176 vga.drv
13.07.2009 22:41 1˙744 sound.drv
13.07.2009 22:41 2˙000 keyboard.drv
13.07.2009 22:41 5˙120 SHELL.DLL
13.07.2009 22:41 3˙360 system.drv
10.06.2009 22:42 9˙008 ver.dll
10.06.2009 22:42 82˙944 olecli.dll
10.06.2009 22:42 9˙936 lzexpand.dll
10.06.2009 22:25 5˙532 stdole.tlb
10.06.2009 22:21 126˙912 msvideo.dll
10.06.2009 22:21 28˙160 mciwave.drv
10.06.2009 22:21 25˙264 mciseq.drv
10.06.2009 22:21 73˙376 mciavi.drv
10.06.2009 22:21 109˙456 avifile.dll
10.06.2009 22:21 69˙584 avicap.dll
Soubor…: 22, Bajt…: 700˙380
Adres ý…: 0, Volněch bajt…: 73˙571˙516˙416
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 4CB5-B140.
Věpis adres ýe C:\Windows
12.12.2010 14:10 355 AutoKMS.log
12.12.2010 14:09 56 setupact.log
12.12.2010 14:09 0 setuperr.log
12.12.2010 14:09 67˙584 bootstat.dat
12.12.2010 14:08 256˙681 WindowsUpdate.log
09.12.2010 07:40 9˙415 system.ini
31.10.2010 19:53 25 libem.INI
30.08.2010 07:03 472˙576 AutoKMS.exe
20.08.2010 22:00 253˙952 Setup1.exe
20.08.2010 22:00 73˙216 ST6UNST.EXE
20.07.2010 14:38 796˙672 GPInstall.exe
17.07.2010 14:00 478 win.ini
28.11.2009 08:43 31 CADSymbols.ini
31.10.2009 06:45 2˙614˙272 explorer.exe
29.08.2009 18:24 0 nsreg.dat
05.08.2009 15:10 831˙488 RtlExUpd.dll
14.07.2009 05:41 749 WindowsShell.Manifest
14.07.2009 02:16 51˙200 twain_32.dll
14.07.2009 02:14 9˙216 write.exe
14.07.2009 02:14 9˙728 winhlp32.exe
14.07.2009 02:14 31˙232 twunk_32.exe
14.07.2009 02:14 398˙336 regedit.exe
14.07.2009 02:14 179˙712 notepad.exe
14.07.2009 02:14 15˙360 hh.exe
14.07.2009 02:14 497˙152 HelpPane.exe
14.07.2009 02:14 13˙824 fveupdate.exe
14.07.2009 02:14 65˙024 bfsvc.exe
13.07.2009 23:58 43˙131 mib.bin
10.06.2009 22:42 707 _default.pif
10.06.2009 22:42 256˙192 winhelp.exe
10.06.2009 22:41 49˙680 twunk_16.exe
10.06.2009 22:41 94˙784 twain.dll
10.06.2009 22:34 316˙640 WMSysPr9.prx
10.06.2009 22:19 1˙405 msdfmap.ini
10.06.2009 22:14 51˙867 Ultimate.xml
10.06.2009 22:14 48˙201 Starter.xml
05.09.2007 06:02 545 PKUNZIP.PIF
05.09.2007 06:02 545 PKZIP.PIF
05.09.2007 06:02 545 RAR.PIF
05.09.2007 06:02 545 ARJ.PIF
05.09.2007 06:02 545 LHA.PIF
05.09.2007 06:02 545 NOCLOSE.PIF
05.09.2007 06:02 545 UC.PIF
07.06.2007 12:25 1˙578 P17EPLS.ini
20.03.2007 16:23 1˙669 P17EP.ini
15.12.2006 09:41 8˙192 ResDefE.exe
14.06.2005 18:07 11˙264 INRES.DLL
04.08.2004 08:56 18 8w5ufmfmr8p8xou
25.03.2003 04:49 714 m3jpeg.ini
25.03.2003 04:49 761 m3jp2k.ini
20.10.1999 17:28 7˙538 Czech_CZ.gpl
13.11.1998 12:58 307˙200 IsUn0405.exe
29.10.1998 15:45 306˙688 IsUninst.exe
Soubor…: 53, Bajt…: 8˙160˙378
Adres ý…: 0, Volněch bajt…: 73˙571˙512˙320
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je 4CB5-B140.
Věpis adres ýe C:\Users\PIKOTI~1\AppData\Local\Temp
12.12.2010 14:37 0 IMGD23.tmp
12.12.2010 14:14 403 jusched.log
12.12.2010 14:12 0 CVR4D85.tmp.cvr
10.12.2010 22:26 0 FXSAPIDebugLogFile.txt
Soubor…: 4, Bajt…: 403
Adres ý…: 0, Volněch bajt…: 73˙571˙512˙320
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43290
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu. Děkuji
Vypni obnovu systému---restartuj PC----po restartu si obnovu systému zase zapni.
Najdi a smaž:
C:\Users\PIKOTI~1\AppData\Local\Temp\IMGD23.tmp
C:\Users\PIKOTI~1\AppData\Local\Temp\CVR4D85.tmp.cvr
***************************************************************************************************************************************
Stáhni si z některého odkazu SystemLook
a ulož si ho na plochu.
Poklepej na stažený SystemLook , zkopíruj do hlavního text. okna tento následující text:
Klikni na Look ke startu skenu. Když program skončí objeví se v poznámkovém bloku zpráva skenu. Zkopíruj sem celý jeho obsah. Log se také nachází na ploše pod názvem SystemLook.txt.
Najdi a smaž:
C:\Users\PIKOTI~1\AppData\Local\Temp\IMGD23.tmp
C:\Users\PIKOTI~1\AppData\Local\Temp\CVR4D85.tmp.cvr
***************************************************************************************************************************************
Stáhni si z některého odkazu SystemLook
a ulož si ho na plochu.
Poklepej na stažený SystemLook , zkopíruj do hlavního text. okna tento následující text:
Kód: Vybrat vše
:filefind
8w5ufmfmr8p8xou.*
keygen.exe.*
Klikni na Look ke startu skenu. Když program skončí objeví se v poznámkovém bloku zpráva skenu. Zkopíruj sem celý jeho obsah. Log se také nachází na ploše pod názvem SystemLook.txt.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu. Děkuji
SystemLook 04.09.10 by jpshortstuff
Log created at 17:32 on 12/12/2010 by Piškoti
Administrator - Elevation successful
========== filefind ==========
Searching for "8w5ufmfmr8p8xou.*"
C:\Windows\8w5ufmfmr8p8xou --ah--- 18 bytes [07:56 04/08/2004] [07:56 04/08/2004] 7F33F1DE2ED3059EC46DAB658F6FBF75
Searching for "keygen.exe.*"
C:\Program Files\Sony\CD Architect 5.2\Keygen.exe --a---- 204800 bytes [06:01 22/09/2009] [21:20 02/09/2009] 088B7E3F2180C9259C27164782ACC882
C:\Program Files\Sony\Vegas Pro 8.0\Keygen.exe --a---- 141824 bytes [19:51 04/10/2009] [07:36 15/03/2009] 03889EF47642CD101FD9F673D98A1140
C:\Program Files\Sony\Vegas Pro 9.0\Keygen.exe --a---- 204800 bytes [12:34 24/10/2009] [19:59 20/05/2009] FD992237125EE6F616641D2E10F7F3D6
-= EOF =-
Log created at 17:32 on 12/12/2010 by Piškoti
Administrator - Elevation successful
========== filefind ==========
Searching for "8w5ufmfmr8p8xou.*"
C:\Windows\8w5ufmfmr8p8xou --ah--- 18 bytes [07:56 04/08/2004] [07:56 04/08/2004] 7F33F1DE2ED3059EC46DAB658F6FBF75
Searching for "keygen.exe.*"
C:\Program Files\Sony\CD Architect 5.2\Keygen.exe --a---- 204800 bytes [06:01 22/09/2009] [21:20 02/09/2009] 088B7E3F2180C9259C27164782ACC882
C:\Program Files\Sony\Vegas Pro 8.0\Keygen.exe --a---- 141824 bytes [19:51 04/10/2009] [07:36 15/03/2009] 03889EF47642CD101FD9F673D98A1140
C:\Program Files\Sony\Vegas Pro 9.0\Keygen.exe --a---- 204800 bytes [12:34 24/10/2009] [19:59 20/05/2009] FD992237125EE6F616641D2E10F7F3D6
-= EOF =-
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43290
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu. Děkuji
Najdi a smaž tuto složku:
C:\Windows\8w5ufmfmr8p8xou
Ty keygeny bys měl taky...
ESET Smart Security---pořád ukazuje ??
Vypni rez.ochrany a firewall.
Spusť F-Secure Online Scanner
Tento skener je možno použít jen v prohlížeči Internet Explorer! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .
C:\Windows\8w5ufmfmr8p8xou
Ty keygeny bys měl taky...
ESET Smart Security---pořád ukazuje ??
Vypni rez.ochrany a firewall.
Spusť F-Secure Online Scanner
Tento skener je možno použít jen v prohlížeči Internet Explorer! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 8 hostů