Rozběhnutí PC Vyřešeno

Zvukové karty, síťové karty, grafické karty, modemy…

Moderátoři: Pic, Mods_junior, Mods_senior, HW spec team

Zamčeno
alíík90
Level 2
Level 2
Příspěvky: 184
Registrován: listopad 11
Pohlaví: Muž
Stav:
Offline

Re: Rozběhnutí PC

Příspěvekod alíík90 » 08 pro 2011 11:42

C:\Documents and Settings\Bill Gates\Local Settings\Temp\_is8.exe Toto nemužu najít. To tam prostě není.

Stáhni si RKUnhookerLE

mirror:
http://www.kernelmode.info/ARKs/RKUnhookerLE.zip
a tohle cokoliv stáhnu,restartuje se mi pc.
http://www.kernelmode.info/ARKs/RkU3.8.388.590.rar a při tomhle se mi pc restartuje až při spuštění
Nahoru
Reklama
Top
alíík90
Level 2
Level 2
Příspěvky: 184
Registrován: listopad 11
Pohlaví: Muž
Stav:
Offline

Re: Rozběhnutí PC

Příspěvekod alíík90 » 09 pro 2011 13:45

Teď jsem dělal od Miliness test Proces monitor. Když jsem to udělal odeslal jsem mu,to co chtěl. Tak mi tam po spuštění windows naskočila nějaká nová hláška.
Tady je. http://leteckaposta.cz/450016730
Nahoru
Uživatelský avatar
MiliNess
člen BSOD týmu
Master Level 9.5
Master Level 9.5
Příspěvky: 9112
Registrován: říjen 09
Bydliště: Cheb
Pohlaví: Muž
Stav:
Offline

Re: Rozběhnutí PC

Příspěvekod MiliNess » 09 pro 2011 23:48

1)Zkus přeinstalovat Ralink Wireless LAN Card Utility.
2)Ta původní chyba se neobjevuje?
3)Podívej se do složky C:\Documents and Settings\All Users\Data aplikací\Microsoft\Dr Watson, jestli tam není nový user.dmp
Pokud ano, tak ho upni.
4)Taky se podívej po tom souboru C:\Documents and Settings\Bill Gates\Local Settings\Temp\WERb765.dir00\Mini120811-01.dmp
a též ho upni.
5)Podívej se do složky Windows\Minidump, podle všeho tam budou také .dmp soubory, tak je také upni.
-každý má svou pravdu a ta se nemusí vždycky shodovat s tvou vlastní
-naše problémy jsou pouze v naší hlavě
-okolní svět není ani dobrý ani špatný, je mu zcela lhostejné, jestli existuješ
-nejdůležitější v životě je láska. Všechno ostatní jsou zbytečnosti
Nahoru
alíík90
Level 2
Level 2
Příspěvky: 184
Registrován: listopad 11
Pohlaví: Muž
Stav:
Offline

Re: Rozběhnutí PC

Příspěvekod alíík90 » 10 pro 2011 15:33

Tak Ralink Wireless Lan Card Utility,nemužu nají instalačku. A otázka,k čemu to v tom pc je? Je to nějak potřebný pro chod pc? Jestli odinstaluju a odstraním to. Ta původní chyba tam je pořád. Z DR Watsnona tam nic nového není.
C:\Documents and Settings\Bill Gates\Local Settings\Temp\WERb765.dir00\Mini120811-01.dmp Tento soubor není,nemužu vyhledat.
A zde jsou ty .dmp soubory: http://leteckaposta.cz/434354152
Nahoru
Uživatelský avatar
MiliNess
člen BSOD týmu
Master Level 9.5
Master Level 9.5
Příspěvky: 9112
Registrován: říjen 09
Bydliště: Cheb
Pohlaví: Muž
Stav:
Offline

Re: Rozběhnutí PC

Příspěvekod MiliNess » 10 pro 2011 23:15

Ten soft patří k WiFi adaptéru.
Z DR Watsnona tam nic nového není.
Ten user.dmp se vždy přepíše, tak upni ten co tam máš.
V tom logu z Process Monitoru totiž nebyla ta operace s _IS8.exe zaznamenána.
-každý má svou pravdu a ta se nemusí vždycky shodovat s tvou vlastní
-naše problémy jsou pouze v naší hlavě
-okolní svět není ani dobrý ani špatný, je mu zcela lhostejné, jestli existuješ
-nejdůležitější v životě je láska. Všechno ostatní jsou zbytečnosti
Nahoru
Uživatelský avatar
bledulka
Level 5
Level 5
Příspěvky: 2242
Registrován: srpen 09
Pohlaví: Žena
Stav:
Offline

Re: Rozběhnutí PC

Příspěvekod bledulka » 10 pro 2011 23:43

Ahoj, zkus

Stáhni TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- ulož ho na plochu a 2x klikni na ikonu programu a spusť
- dej volbu Spustit kontrolu - pak potvrd start sken
- pokud program najde infikovaný soubor, ukáže se předvolená akce Cure, v tom případě potvrd tlačítko Continue
- když bude chtít program restartovat počítač, klikni na tlačítko Reboot Now
- pokud si restart nevyžádá, klikni na tlačítko Report. Měl by vyskočit log, zkopíruj ho zde.




Stáhni SystemLook
http://jpshortstuff.247fixes.com/SystemLook.exe

- ulož ho na plochu a spusť.
- do okénka zkopíruj

Kód: Vybrat vše

:filefind
_IS8.exe

:regfind
_IS8.exe



- klikni na Look, proběhne sken, na konci se zobrazí log, jehož obsah zkopíruješ sem
Nahoru
alíík90
Level 2
Level 2
Příspěvky: 184
Registrován: listopad 11
Pohlaví: Muž
Stav:
Offline

Re: Rozběhnutí PC

Příspěvekod alíík90 » 11 pro 2011 17:32

MiliNess píše:Ten soft patří k WiFi adaptéru.
Z DR Watsnona tam nic nového není.
Ten user.dmp se vždy přepíše, tak upni ten co tam máš.
V tom logu z Process Monitoru totiž nebyla ta operace s _IS8.exe zaznamenána.

Tady je http://leteckaposta.cz/344332627

--- Doplnění předchozího příspěvku (11 Pro 2011 17:37) ---

[quote="bledulka"]




17:33:51.0968 3400 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
17:33:52.0156 3400 ============================================================
17:33:52.0156 3400 Current date / time: 2011/12/11 17:33:52.0156
17:33:52.0156 3400 SystemInfo:
17:33:52.0156 3400
17:33:52.0156 3400 OS Version: 5.1.2600 ServicePack: 3.0
17:33:52.0156 3400 Product type: Workstation
17:33:52.0156 3400 ComputerName: BILL-0E3C4B2852
17:33:52.0156 3400 UserName: Bill Gates
17:33:52.0156 3400 Windows directory: C:\WINDOWS
17:33:52.0156 3400 System windows directory: C:\WINDOWS
17:33:52.0156 3400 Processor architecture: Intel x86
17:33:52.0156 3400 Number of processors: 2
17:33:52.0156 3400 Page size: 0x1000
17:33:52.0156 3400 Boot type: Normal boot
17:33:52.0156 3400 ============================================================
17:33:53.0937 3400 Initialize success
17:34:26.0890 1928 ============================================================
17:34:26.0890 1928 Scan started
17:34:26.0890 1928 Mode: Manual;
17:34:26.0890 1928 ============================================================
17:34:27.0078 1928 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
17:34:27.0078 1928 Aavmker4 - ok
17:34:27.0093 1928 Abiosdsk - ok
17:34:27.0109 1928 abp480n5 - ok
17:34:27.0140 1928 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:34:27.0140 1928 ACPI - ok
17:34:27.0171 1928 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
17:34:27.0171 1928 ACPIEC - ok
17:34:27.0187 1928 adpu160m - ok
17:34:27.0218 1928 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
17:34:27.0218 1928 aec - ok
17:34:27.0265 1928 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
17:34:27.0265 1928 AFD - ok
17:34:27.0265 1928 Aha154x - ok
17:34:27.0281 1928 aic78u2 - ok
17:34:27.0296 1928 aic78xx - ok
17:34:27.0312 1928 AliIde - ok
17:34:27.0375 1928 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
17:34:27.0421 1928 Ambfilt - ok
17:34:27.0437 1928 AmdTools - ok
17:34:27.0484 1928 amsint - ok
17:34:27.0515 1928 asc - ok
17:34:27.0531 1928 asc3350p - ok
17:34:27.0562 1928 asc3550 - ok
17:34:27.0625 1928 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
17:34:27.0625 1928 aswFsBlk - ok
17:34:27.0656 1928 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
17:34:27.0656 1928 aswMon2 - ok
17:34:27.0671 1928 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
17:34:27.0671 1928 aswRdr - ok
17:34:27.0718 1928 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
17:34:27.0718 1928 aswSnx - ok
17:34:27.0750 1928 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
17:34:27.0750 1928 aswSP - ok
17:34:27.0781 1928 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
17:34:27.0781 1928 aswTdi - ok
17:34:27.0812 1928 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:34:27.0812 1928 AsyncMac - ok
17:34:27.0843 1928 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
17:34:27.0843 1928 atapi - ok
17:34:27.0843 1928 Atdisk - ok
17:34:28.0078 1928 ati2mtag (0a8b257db810be78ac9fd1860b4ba22b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:34:28.0203 1928 ati2mtag - ok
17:34:28.0234 1928 AtiHDAudioService (b2a236dc65e90170a369164384efb460) C:\WINDOWS\system32\drivers\AtihdXP3.sys
17:34:28.0234 1928 AtiHDAudioService - ok
17:34:28.0265 1928 ATITool (0e4bb35c5305099ac82053ac992e3e0e) C:\WINDOWS\system32\DRIVERS\ATITool.sys
17:34:28.0265 1928 ATITool - ok
17:34:28.0281 1928 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:34:28.0281 1928 Atmarpc - ok
17:34:28.0312 1928 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
17:34:28.0312 1928 audstub - ok
17:34:28.0359 1928 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
17:34:28.0359 1928 Beep - ok
17:34:28.0375 1928 catchme - ok
17:34:28.0406 1928 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
17:34:28.0406 1928 cbidf2k - ok
17:34:28.0421 1928 cd20xrnt - ok
17:34:28.0421 1928 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
17:34:28.0421 1928 Cdaudio - ok
17:34:28.0453 1928 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
17:34:28.0453 1928 Cdfs - ok
17:34:28.0468 1928 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:34:28.0468 1928 Cdrom - ok
17:34:28.0484 1928 Changer - ok
17:34:28.0515 1928 CmdIde - ok
17:34:28.0531 1928 Cpqarray - ok
17:34:28.0562 1928 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\WINDOWS\system32\drivers\cpuz135_x32.sys
17:34:28.0562 1928 cpuz135 - ok
17:34:28.0578 1928 dac2w2k - ok
17:34:28.0578 1928 dac960nt - ok
17:34:28.0609 1928 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
17:34:28.0609 1928 Disk - ok
17:34:28.0671 1928 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
17:34:28.0687 1928 dmboot - ok
17:34:28.0734 1928 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
17:34:28.0734 1928 dmio - ok
17:34:28.0750 1928 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
17:34:28.0750 1928 dmload - ok
17:34:28.0796 1928 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
17:34:28.0796 1928 DMusic - ok
17:34:28.0812 1928 dpti2o - ok
17:34:28.0828 1928 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
17:34:28.0828 1928 drmkaud - ok
17:34:28.0875 1928 dtsoftbus01 (c0c7ceccb6c85994c2bc92d58e52d3f2) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
17:34:28.0875 1928 dtsoftbus01 - ok
17:34:28.0890 1928 EagleXNt - ok
17:34:28.0921 1928 ENTECH (fd9fc82f134b1c91004ffc76a5ae494b) C:\WINDOWS\system32\DRIVERS\ENTECH.sys
17:34:28.0921 1928 ENTECH - ok
17:34:28.0953 1928 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
17:34:28.0953 1928 Fastfat - ok
17:34:28.0968 1928 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
17:34:28.0968 1928 Fdc - ok
17:34:29.0000 1928 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
17:34:29.0000 1928 Fips - ok
17:34:29.0031 1928 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:34:29.0031 1928 Flpydisk - ok
17:34:29.0078 1928 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:34:29.0078 1928 FltMgr - ok
17:34:29.0109 1928 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:34:29.0109 1928 Fs_Rec - ok
17:34:29.0140 1928 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:34:29.0140 1928 Ftdisk - ok
17:34:29.0171 1928 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:34:29.0171 1928 Gpc - ok
17:34:29.0187 1928 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:34:29.0187 1928 HDAudBus - ok
17:34:29.0234 1928 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:34:29.0234 1928 hidusb - ok
17:34:29.0250 1928 hpn - ok
17:34:29.0296 1928 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
17:34:29.0312 1928 HTTP - ok
17:34:29.0343 1928 i2omgmt - ok
17:34:29.0375 1928 i2omp - ok
17:34:29.0406 1928 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:34:29.0406 1928 i8042prt - ok
17:34:29.0437 1928 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
17:34:29.0437 1928 Imapi - ok
17:34:29.0468 1928 ini910u - ok
17:34:29.0625 1928 IntcAzAudAddService (85ab23f3e4ba6696fae8beb9d434edd6) C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:34:29.0671 1928 IntcAzAudAddService - ok
17:34:29.0671 1928 IntelIde - ok
17:34:29.0703 1928 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:34:29.0703 1928 intelppm - ok
17:34:29.0734 1928 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:34:29.0734 1928 Ip6Fw - ok
17:34:29.0765 1928 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:34:29.0765 1928 IpFilterDriver - ok
17:34:29.0796 1928 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:34:29.0796 1928 IpInIp - ok
17:34:29.0828 1928 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:34:29.0828 1928 IpNat - ok
17:34:29.0859 1928 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:34:29.0859 1928 IPSec - ok
17:34:29.0906 1928 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
17:34:29.0906 1928 IRENUM - ok
17:34:29.0937 1928 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:34:29.0937 1928 isapnp - ok
17:34:29.0968 1928 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:34:29.0968 1928 Kbdclass - ok
17:34:30.0000 1928 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:34:30.0000 1928 kbdhid - ok
17:34:30.0031 1928 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
17:34:30.0031 1928 kmixer - ok
17:34:30.0062 1928 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
17:34:30.0062 1928 KSecDD - ok
17:34:30.0078 1928 lbrtfdc - ok
17:34:30.0125 1928 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
17:34:30.0125 1928 mnmdd - ok
17:34:30.0140 1928 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
17:34:30.0156 1928 Modem - ok
17:34:30.0203 1928 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
17:34:30.0234 1928 Monfilt - ok
17:34:30.0250 1928 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:34:30.0250 1928 Mouclass - ok
17:34:30.0265 1928 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:34:30.0265 1928 mouhid - ok
17:34:30.0281 1928 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
17:34:30.0281 1928 MountMgr - ok
17:34:30.0312 1928 mraid35x - ok
17:34:30.0359 1928 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:34:30.0359 1928 MRxDAV - ok
17:34:30.0406 1928 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:34:30.0421 1928 MRxSmb - ok
17:34:30.0437 1928 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
17:34:30.0437 1928 Msfs - ok
17:34:30.0468 1928 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:34:30.0484 1928 MSKSSRV - ok
17:34:30.0500 1928 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:34:30.0500 1928 MSPCLOCK - ok
17:34:30.0515 1928 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
17:34:30.0515 1928 MSPQM - ok
17:34:30.0562 1928 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:34:30.0562 1928 mssmbios - ok
17:34:30.0578 1928 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys
17:34:30.0578 1928 MTsensor - ok
17:34:30.0609 1928 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
17:34:30.0609 1928 Mup - ok
17:34:30.0640 1928 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
17:34:30.0640 1928 NDIS - ok
17:34:30.0671 1928 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:34:30.0687 1928 NdisTapi - ok
17:34:30.0703 1928 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:34:30.0718 1928 Ndisuio - ok
17:34:30.0734 1928 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:34:30.0734 1928 NdisWan - ok
17:34:30.0750 1928 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
17:34:30.0765 1928 NDProxy - ok
17:34:30.0781 1928 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
17:34:30.0781 1928 NetBIOS - ok
17:34:30.0828 1928 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
17:34:30.0828 1928 NetBT - ok
17:34:30.0875 1928 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
17:34:30.0875 1928 Npfs - ok
17:34:30.0906 1928 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
17:34:30.0906 1928 Ntfs - ok
17:34:30.0937 1928 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
17:34:30.0937 1928 Null - ok
17:34:31.0218 1928 nv (4b54dcd6adee535df80f07c59ddd8f14) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:34:31.0437 1928 nv - ok
17:34:31.0468 1928 NVENETFD (c61927d27b75ed56723f2508f1a6b1be) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
17:34:31.0484 1928 NVENETFD - ok
17:34:31.0484 1928 nvnetbus (c529b614ef88be0f62b886c67b516550) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
17:34:31.0500 1928 nvnetbus - ok
17:34:31.0531 1928 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:34:31.0531 1928 NwlnkFlt - ok
17:34:31.0562 1928 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:34:31.0562 1928 NwlnkFwd - ok
17:34:31.0593 1928 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
17:34:31.0593 1928 Parport - ok
17:34:31.0640 1928 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
17:34:31.0640 1928 PartMgr - ok
17:34:31.0671 1928 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
17:34:31.0671 1928 ParVdm - ok
17:34:31.0703 1928 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
17:34:31.0703 1928 PCI - ok
17:34:31.0718 1928 PCIDump - ok
17:34:31.0734 1928 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
17:34:31.0734 1928 PCIIde - ok
17:34:31.0765 1928 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
17:34:31.0765 1928 Pcmcia - ok
17:34:31.0796 1928 PDCOMP - ok
17:34:31.0812 1928 PDFRAME - ok
17:34:31.0843 1928 PDRELI - ok
17:34:31.0859 1928 PDRFRAME - ok
17:34:31.0890 1928 perc2 - ok
17:34:31.0921 1928 perc2hib - ok
17:34:31.0968 1928 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:34:31.0968 1928 PptpMiniport - ok
17:34:32.0000 1928 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
17:34:32.0000 1928 PSched - ok
17:34:32.0015 1928 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:34:32.0031 1928 Ptilink - ok
17:34:32.0046 1928 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:34:32.0062 1928 PxHelp20 - ok
17:34:32.0078 1928 ql1080 - ok
17:34:32.0109 1928 Ql10wnt - ok
17:34:32.0140 1928 ql12160 - ok
17:34:32.0140 1928 ql1240 - ok
17:34:32.0171 1928 ql1280 - ok
17:34:32.0203 1928 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:34:32.0203 1928 RasAcd - ok
17:34:32.0234 1928 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:34:32.0234 1928 Rasl2tp - ok
17:34:32.0250 1928 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:34:32.0250 1928 RasPppoe - ok
17:34:32.0265 1928 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
17:34:32.0265 1928 Raspti - ok
17:34:32.0296 1928 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:34:32.0296 1928 Rdbss - ok
17:34:32.0328 1928 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:34:32.0328 1928 RDPCDD - ok
17:34:32.0375 1928 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:34:32.0375 1928 rdpdr - ok
17:34:32.0421 1928 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
17:34:32.0421 1928 RDPWD - ok
17:34:32.0437 1928 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
17:34:32.0437 1928 redbook - ok
17:34:32.0500 1928 rt2870 (f1fcf23c4a2c777fe77e3e703654eb66) C:\WINDOWS\system32\DRIVERS\rt2870.sys
17:34:32.0515 1928 rt2870 - ok
17:34:32.0546 1928 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:34:32.0546 1928 Secdrv - ok
17:34:32.0578 1928 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
17:34:32.0578 1928 serenum - ok
17:34:32.0593 1928 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
17:34:32.0593 1928 Serial - ok
17:34:32.0625 1928 sfdrv01 (9e7dee11fd5a4355941a45f13c0ed59a) C:\WINDOWS\system32\drivers\sfdrv01.sys
17:34:32.0625 1928 sfdrv01 - ok
17:34:32.0640 1928 sfhlp02 (ecefb59d2206d281e6d317af0ea0d8bd) C:\WINDOWS\system32\drivers\sfhlp02.sys
17:34:32.0640 1928 sfhlp02 - ok
17:34:32.0687 1928 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
17:34:32.0687 1928 Sfloppy - ok
17:34:32.0718 1928 sfsync04 (05e3038180cd846b0bca0e915163606a) C:\WINDOWS\system32\drivers\sfsync04.sys
17:34:32.0718 1928 sfsync04 - ok
17:34:32.0734 1928 sfvfs02 (d5a7e09d2c6a702809e49190d52adc9f) C:\WINDOWS\system32\drivers\sfvfs02.sys
17:34:32.0734 1928 sfvfs02 - ok
17:34:32.0765 1928 Simbad - ok
17:34:32.0781 1928 Sparrow - ok
17:34:32.0796 1928 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
17:34:32.0796 1928 splitter - ok
17:34:32.0843 1928 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
17:34:32.0843 1928 sr - ok
17:34:32.0875 1928 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
17:34:32.0890 1928 Srv - ok
17:34:32.0937 1928 SWDUMon (eda1bb3a23b4f880e1e967a644749438) C:\WINDOWS\system32\DRIVERS\SWDUMon.sys
17:34:32.0937 1928 SWDUMon - ok
17:34:32.0968 1928 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
17:34:32.0968 1928 swenum - ok
17:34:33.0000 1928 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
17:34:33.0000 1928 swmidi - ok
17:34:33.0031 1928 symc810 - ok
17:34:33.0046 1928 symc8xx - ok
17:34:33.0046 1928 sym_hi - ok
17:34:33.0062 1928 sym_u3 - ok
17:34:33.0093 1928 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
17:34:33.0093 1928 sysaudio - ok
17:34:33.0140 1928 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:34:33.0140 1928 Tcpip - ok
17:34:33.0171 1928 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
17:34:33.0171 1928 TDPIPE - ok
17:34:33.0187 1928 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
17:34:33.0187 1928 TDTCP - ok
17:34:33.0203 1928 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
17:34:33.0203 1928 TermDD - ok
17:34:33.0234 1928 TosIde - ok
17:34:33.0281 1928 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
17:34:33.0281 1928 Udfs - ok
17:34:33.0296 1928 ultra - ok
17:34:33.0328 1928 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
17:34:33.0343 1928 Update - ok
17:34:33.0390 1928 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:34:33.0390 1928 usbccgp - ok
17:34:33.0421 1928 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:34:33.0421 1928 usbehci - ok
17:34:33.0437 1928 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:34:33.0453 1928 usbhub - ok
17:34:33.0468 1928 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:34:33.0468 1928 usbohci - ok
17:34:33.0500 1928 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:34:33.0515 1928 USBSTOR - ok
17:34:33.0546 1928 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
17:34:33.0546 1928 VgaSave - ok
17:34:33.0562 1928 ViaIde - ok
17:34:33.0593 1928 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
17:34:33.0593 1928 VolSnap - ok
17:34:33.0625 1928 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:34:33.0625 1928 Wanarp - ok
17:34:33.0656 1928 WDICA - ok
17:34:33.0687 1928 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
17:34:33.0687 1928 wdmaud - ok
17:34:33.0750 1928 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\Drivers\wpdusb.sys
17:34:33.0750 1928 WpdUsb - ok
17:34:33.0781 1928 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:34:33.0781 1928 WudfPf - ok
17:34:33.0796 1928 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:34:33.0796 1928 WudfRd - ok
17:34:33.0828 1928 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
17:34:33.0890 1928 \Device\Harddisk0\DR0 - ok
17:34:33.0890 1928 Boot (0x1200) (f636b8e30a7ffc35b7140c318d4199df) \Device\Harddisk0\DR0\Partition0
17:34:33.0890 1928 \Device\Harddisk0\DR0\Partition0 - ok
17:34:33.0921 1928 Boot (0x1200) (e8901e6d0363161b6cac6aa2c0e47a73) \Device\Harddisk0\DR0\Partition1
17:34:33.0921 1928 \Device\Harddisk0\DR0\Partition1 - ok
17:34:33.0921 1928 ============================================================
17:34:33.0921 1928 Scan finished
17:34:33.0921 1928 ============================================================
17:34:33.0921 2752 Detected object count: 0
17:34:33.0921 2752 Actual detected object count: 0

A tady je ten druhý proces.
SystemLook 30.07.11 by jpshortstuff
Log created at 17:37 on 11/12/2011 by Bill Gates
Administrator - Elevation successful

No Context: :filefind

No Context: _IS8.exe

No Context: :regfind

No Context: _IS8.exe

-= EOF =-
Nahoru
Uživatelský avatar
bledulka
Level 5
Level 5
Příspěvky: 2242
Registrován: srpen 09
Pohlaví: Žena
Stav:
Offline

Re: Rozběhnutí PC

Příspěvekod bledulka » 13 pro 2011 00:34

Pořád Ti to po startu vyskakuje?

Stáhni OTL
http://oldtimer.geekstogo.com/OTL.exe
-do spodního okénka vlož tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c

-dej fajfku do čtverečku u řádku Pro všechny uživatele
-nech ostatní položky jak je nastaveno na screenu
- potvrď tlačítko Prohledat.
-provede se sken, log OTL.Txt sem vlož
Nahoru
alíík90
Level 2
Level 2
Příspěvky: 184
Registrován: listopad 11
Pohlaví: Muž
Stav:
Offline

Re: Rozběhnutí PC  Vyřešeno

Příspěvekod alíík90 » 13 pro 2011 10:20

Už ne. S Miliness jsme to vyřešili,vyhazovalo to Ralink Wireles,tak odinstalace to vyřešila. Jinak teď řešíme sekání se počítače,celkem častý zamrzání.
Zde je log OTL.Txt
OTL logfile created on: 13.12.2011 10:05:22 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Bill Gates\Dokumenty\Stažené soubory
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,98 Gb Total Physical Memory | 1,33 Gb Available Physical Memory | 67,14% Memory free
3,83 Gb Paging File | 3,30 Gb Available in Paging File | 86,14% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 53,71 Gb Total Space | 36,47 Gb Free Space | 67,89% Space Free | Partition Type: NTFS
Drive J: | 244,37 Gb Total Space | 237,04 Gb Free Space | 97,00% Space Free | Partition Type: NTFS

Computer Name: BILL-0E3C4B2852 | User Name: Bill Gates | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.12.13 10:04:10 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Bill Gates\Dokumenty\Stažené soubory\OTL.exe
PRC - [2011.12.07 22:23:19 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
PRC - [2011.12.07 22:23:17 | 000,218,440 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2011.12.04 10:34:22 | 000,912,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011.08.01 14:35:42 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe
PRC - [2011.03.31 10:45:18 | 000,375,872 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\Ralink\Common\RaRegistry.exe
PRC - [2010.01.21 00:52:14 | 000,167,528 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2010.01.21 00:52:12 | 000,370,792 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2008.04.14 07:52:28 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2000.01.01 01:00:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe


========== Modules (No Company Name) ==========

MOD - [2011.12.12 18:03:17 | 001,646,080 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11121201\algo.dll
MOD - [2011.12.12 16:57:38 | 000,241,528 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\11121201\aswRep.dll
MOD - [2011.12.07 22:23:19 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
MOD - [2011.12.07 22:23:17 | 000,218,440 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2011.12.04 10:34:23 | 000,849,368 | ---- | M] () -- C:\Program Files\Mozilla Firefox\js3250.dll
MOD - [2011.11.29 10:04:27 | 006,276,768 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011.10.14 12:03:49 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\60df958ca96c9b8945f836759b6abd34\System.Web.ni.dll
MOD - [2011.10.14 12:02:03 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll
MOD - [2011.10.14 12:01:05 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll
MOD - [2011.10.14 05:16:23 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll
MOD - [2011.10.14 05:16:16 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\71a2ae9ad561a62181cbd9fb11e9de7a\System.Windows.Forms.ni.dll
MOD - [2011.10.14 05:15:59 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c10bea3c4bb7ef654651141bf9419090\System.Drawing.ni.dll
MOD - [2011.10.14 05:14:23 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll
MOD - [2011.10.14 05:14:12 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011.10.13 22:03:30 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2011.09.08 12:20:28 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010.03.16 11:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
MOD - [2010.01.21 00:52:14 | 000,167,528 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
MOD - [2010.01.21 00:52:12 | 000,370,792 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
MOD - [2010.01.21 00:52:06 | 000,565,864 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
MOD - [2010.01.21 00:51:28 | 000,062,568 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
MOD - [2008.04.14 07:51:48 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


========== Win32 Services (SafeList) ==========

SRV - [2011.12.07 22:23:19 | 000,246,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.03.31 10:45:18 | 000,375,872 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\Ralink\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2011.03.04 17:34:06 | 000,621,632 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Ralink\Common\RaMediaServer.exe -- (RaMediaServer)
SRV - [2010.01.21 00:52:14 | 000,167,528 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2010.01.21 00:52:12 | 000,370,792 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV - [2008.04.14 07:52:28 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008.04.14 07:52:28 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2000.01.01 01:00:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)


========== Driver Services (SafeList) ==========

DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.10.01 19:35:09 | 000,232,512 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.09.08 19:24:14 | 007,180,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.11.17 13:03:56 | 000,101,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2010.11.09 14:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2010.03.04 17:02:10 | 000,013,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2010.03.04 17:02:08 | 000,070,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008.11.26 22:21:40 | 000,650,624 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2006.11.10 14:08:50 | 000,024,064 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ATITool.sys -- (ATITool)
DRV - [2006.03.26 13:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.03.24 17:27:01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006.03.13 10:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.11.03 15:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2004.08.13 09:56:00 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2000.01.01 01:00:00 | 006,435,432 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2000.01.01 01:00:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2000.01.01 01:00:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1123561945-1614895754-1417001333-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={36374CFA-8215-41D1-8E8F-1CEBD20109FD}&mid=f8bbe16a172847d1accad157ca24ae46-5677678fbe78d1fde014a35ef37fd91554eaa14e&lang=cs&ds=ts024&pr=&d=2011-12-07 22:23:21&v=8.0.0.34&sap=hp
IE - HKU\S-1-5-21-1123561945-1614895754-1417001333-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Seznam"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.7.0.8773
FF - prefs.js..extensions.enabledItems: avg@toolbar:8.0.0.40
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.3.0.1
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://isearch.avg.com/search?cid=%7B25086d0c-c40a-4d7c-97a9-690658d79ecc%7D&mid=f8bbe16a172847d1accad157ca24ae46-5677678fbe78d1fde014a35ef37fd91554eaa14e&ds=ts024&v=8.0.0.40&lang=cs&pr=&d=2011-12-07%2022%3A23%3A21&sap=ku&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.04 10:34:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.12.04 21:35:53 | 000,000,000 | ---D | M]

[2010.01.02 00:12:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bill Gates\Data aplikací\Mozilla\Extensions
[2011.12.12 23:40:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Bill Gates\Data aplikací\Mozilla\Firefox\Profiles\5o9trenf.default\extensions
[2011.11.30 22:45:54 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Bill Gates\Data aplikací\Mozilla\Firefox\Profiles\5o9trenf.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.12 22:37:06 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Documents and Settings\Bill Gates\Data aplikací\Mozilla\Firefox\Profiles\5o9trenf.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011.12.07 22:23:31 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Documents and Settings\Bill Gates\Data aplikací\Mozilla\Firefox\Profiles\5o9trenf.default\extensions\avg@toolbar
[2011.12.07 22:44:27 | 000,003,847 | ---- | M] () -- C:\Documents and Settings\Bill Gates\Data aplikací\Mozilla\Firefox\Profiles\5o9trenf.default\searchplugins\avg-secure-search.xml
[2011.12.12 22:36:00 | 000,003,915 | ---- | M] () -- C:\Documents and Settings\Bill Gates\Data aplikací\Mozilla\Firefox\Profiles\5o9trenf.default\searchplugins\sweetim.xml
[2011.12.12 23:40:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.12.05 15:04:47 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\BILL GATES\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\5O9TRENF.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\BILL GATES\DATA APLIKACĂ­\MOZILLA\FIREFOX\PROFILES\5O9TRENF.DEFAULT\EXTENSIONS\AVG@TOOLBAR
[2011.12.04 10:34:27 | 000,000,638 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\jyxo-cz.xml
[2011.12.04 10:34:27 | 000,001,687 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mall-cz.xml
[2011.12.04 10:34:27 | 000,001,367 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\seznam-cz.xml
[2011.12.04 10:34:27 | 000,000,654 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\slunecnice-cz.xml
[2011.12.04 10:34:27 | 000,001,179 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Bill Gates\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.7.0.8773_0\

O1 HOSTS File: ([2011.12.07 17:41:23 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-1123561945-1614895754-1417001333-1005\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" File not found
O4 - HKU\S-1-5-21-1123561945-1614895754-1417001333-1005..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled [2011.12.12 16:18:51 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\GamePark klient 2.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1123561945-1614895754-1417001333-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123561945-1614895754-1417001333-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1123561945-1614895754-1417001333-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1123561945-1614895754-1417001333-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1123561945-1614895754-1417001333-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1123561945-1614895754-1417001333-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{49A8CD82-61A3-4A7D-B915-823173F7D463}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8196CFE2-8255-407C-A2F9-311287EAF0E6}: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Bill Gates\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Bill Gates\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.10.01 17:50:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: VIDC.FMVC - C:\WINDOWS\System32\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.RTV1 - C:\WINDOWS\System32\rtvcvfw32.dll ()
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.12.13 09:51:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011.12.13 08:19:38 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Bill Gates\Recent
[2011.12.12 22:34:27 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM
[2011.12.12 22:34:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\SweetIM
[2011.12.12 22:33:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Data aplikací\Systweak
[2011.12.12 22:32:43 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\System32\roboot.exe
[2011.12.12 22:25:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Data aplikací\JAM Software
[2011.12.12 22:25:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\HeavyLoad
[2011.12.12 22:25:39 | 000,000,000 | ---D | C] -- C:\Program Files\JAM Software
[2011.12.12 16:18:51 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
[2011.12.11 17:33:29 | 001,577,776 | ---- | C] (Kaspersky Lab ZAO) -- J:\Důležité soubory\Plocha\tdsskiller.exe
[2011.12.08 22:07:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2011.12.08 11:38:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Rootkit Unhooker LE
[2011.12.07 22:23:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Local Settings\Data aplikací\SlimWare Utilities Inc
[2011.12.07 22:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Data aplikací\AVG Secure Search
[2011.12.07 22:23:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2011.12.07 22:23:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2011.12.07 22:23:14 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2011.12.07 21:31:07 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011.12.07 17:27:39 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011.12.07 17:26:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011.12.07 17:26:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011.12.07 17:26:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011.12.07 17:26:01 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011.12.07 17:25:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011.12.07 17:25:40 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011.12.07 17:25:30 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.12.07 17:25:24 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Bill Gates\Nabídka Start\Programy\Nástroje pro správu
[2011.12.07 16:12:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Data aplikací\Malwarebytes
[2011.12.07 16:11:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2011.12.07 16:11:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2011.12.07 16:11:36 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.12.07 16:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.12.07 11:10:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Nabídka Start\Programy\HiJackThis
[2011.12.07 11:10:17 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011.12.07 00:10:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Dokumenty\NIKITA
[2011.12.07 00:10:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dokumenty\NIKITA
[2011.12.06 00:42:06 | 000,000,000 | ---D | C] -- C:\temp
[2011.12.05 17:25:03 | 000,000,000 | ---D | C] -- C:\Program Files\Cyanide
[2011.12.05 17:25:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Nabídka Start\Programy\Cyanide
[2011.12.05 15:23:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011.12.05 15:04:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Data aplikací\Skype
[2011.12.05 15:04:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Skype
[2011.12.05 15:04:18 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.12.05 15:04:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Skype
[2011.12.05 15:03:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Plocha
[2011.12.05 12:48:08 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2011.12.05 12:47:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Data aplikací\Leadertech
[2011.12.05 12:33:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Local Settings\Data aplikací\Downloaded Installations
[2011.12.05 11:32:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Dokumenty\Downloads
[2011.12.04 21:46:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Local Settings\Data aplikací\Identities
[2011.12.02 23:24:25 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011.11.30 12:18:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Data aplikací\McAfee
[2011.11.30 11:13:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\setup.pss
[2011.11.29 12:33:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011.11.29 12:10:38 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011.11.29 12:10:38 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011.11.29 12:10:38 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011.11.29 12:10:36 | 002,000,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011.11.29 11:45:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Data aplikací\NVIDIA
[2011.11.29 11:44:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Dokumenty\My Games
[2011.11.29 11:43:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\TopCD
[2011.11.29 11:29:10 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2011.11.29 11:28:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Data aplikací\uTorrent
[2011.11.29 10:03:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\McAfee
[2011.11.25 19:47:18 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2011.11.25 19:47:17 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2011.11.25 19:47:05 | 000,032,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2011.11.20 12:37:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Data aplikací\eType
[2011.11.13 18:59:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Data aplikací\PhotoFiltre Studio X
[2011.11.13 18:59:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Bill Gates\Nabídka Start\Programy\PhotoFiltre Studio X
[2011.11.13 18:59:03 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoFiltre Studio X

========== Files - Modified Within 30 Days ==========

[2011.12.13 10:09:41 | 000,000,476 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2F5D3815-8C5D-4812-B49E-EDC02A63BB26}.job
[2011.12.13 08:16:50 | 000,465,554 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.12.13 08:16:50 | 000,464,594 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2011.12.13 08:16:50 | 000,087,886 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2011.12.13 08:16:50 | 000,075,758 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.12.13 08:12:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.12.13 08:11:37 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.13 08:11:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.12.12 23:38:00 | 000,000,948 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.12 22:46:50 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\CPUID HWMonitor.lnk
[2011.12.12 20:22:09 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.12.11 17:36:43 | 000,139,264 | ---- | M] () -- J:\Důležité soubory\Plocha\SystemLook.exe
[2011.12.11 17:33:06 | 001,577,776 | ---- | M] (Kaspersky Lab ZAO) -- J:\Důležité soubory\Plocha\tdsskiller.exe
[2011.12.10 13:37:25 | 000,031,232 | ---- | M] () -- C:\Documents and Settings\Bill Gates\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.10 13:30:22 | 000,002,329 | ---- | M] () -- J:\Důležité soubory\Plocha\HiJackThis.lnk
[2011.12.09 12:35:51 | 050,447,116 | ---- | M] () -- C:\Documents and Settings\Bill Gates\Dokumenty\Dokumenty.rar
[2011.12.09 12:31:25 | 265,352,367 | ---- | M] () -- C:\Documents and Settings\Bill Gates\Dokumenty\proces monitor-1.PML
[2011.12.09 12:31:25 | 222,173,537 | ---- | M] () -- C:\Documents and Settings\Bill Gates\Dokumenty\proces monitor.PML
[2011.12.09 12:31:25 | 055,920,227 | ---- | M] () -- C:\Documents and Settings\Bill Gates\Dokumenty\proces monitor-2.PML
[2011.12.08 11:51:52 | 000,828,761 | ---- | M] () -- C:\Documents and Settings\Bill Gates\Dokumenty\Logfile.rar
[2011.12.08 11:50:48 | 007,673,309 | ---- | M] () -- C:\Documents and Settings\Bill Gates\Dokumenty\Logfile.PML
[2011.12.07 23:02:52 | 001,985,200 | ---- | M] () -- C:\Documents and Settings\Bill Gates\Dokumenty\AutoRuns.arn
[2011.12.07 22:35:20 | 000,285,176 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.12.07 22:35:20 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.12.07 22:35:11 | 000,285,176 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.12.07 17:41:23 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011.12.07 17:27:47 | 000,000,327 | -HS- | M] () -- C:\boot.ini
[2011.12.07 16:11:43 | 000,000,790 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.12.06 19:36:46 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011.12.06 16:39:11 | 000,000,213 | ---- | M] () -- C:\WINDOWS\boot.ini
[2011.12.05 12:48:08 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[2011.12.02 23:24:25 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011.11.29 12:33:38 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.11.29 11:43:10 | 000,000,628 | ---- | M] () -- J:\Důležité soubory\Plocha\Traktor 2.lnk
[2011.11.29 11:29:10 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\µTorrent.lnk
[2011.11.29 10:04:27 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.11.28 19:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011.11.28 19:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011.11.28 18:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011.11.21 15:38:51 | 000,001,819 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2011.11.13 18:59:05 | 000,000,777 | ---- | M] () -- J:\Důležité soubory\Plocha\PhotoFiltre Studio X.lnk

========== Files Created - No Company Name ==========

[2011.12.12 22:46:50 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\CPUID HWMonitor.lnk
[2011.12.11 17:36:49 | 000,139,264 | ---- | C] () -- J:\Důležité soubory\Plocha\SystemLook.exe
[2011.12.09 12:32:23 | 050,447,116 | ---- | C] () -- C:\Documents and Settings\Bill Gates\Dokumenty\Dokumenty.rar
[2011.12.09 12:30:45 | 055,920,227 | ---- | C] () -- C:\Documents and Settings\Bill Gates\Dokumenty\proces monitor-2.PML
[2011.12.09 12:30:16 | 265,352,367 | ---- | C] () -- C:\Documents and Settings\Bill Gates\Dokumenty\proces monitor-1.PML
[2011.12.09 12:29:56 | 222,173,537 | ---- | C] () -- C:\Documents and Settings\Bill Gates\Dokumenty\proces monitor.PML
[2011.12.08 11:51:51 | 000,828,761 | ---- | C] () -- C:\Documents and Settings\Bill Gates\Dokumenty\Logfile.rar
[2011.12.08 11:50:48 | 007,673,309 | ---- | C] () -- C:\Documents and Settings\Bill Gates\Dokumenty\Logfile.PML
[2011.12.07 23:02:51 | 001,985,200 | ---- | C] () -- C:\Documents and Settings\Bill Gates\Dokumenty\AutoRuns.arn
[2011.12.07 22:34:18 | 000,003,250 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2011.12.07 17:27:47 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011.12.07 17:27:45 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2011.12.07 17:26:02 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011.12.07 17:26:01 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011.12.07 17:26:01 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011.12.07 17:26:01 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011.12.07 17:26:01 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011.12.07 16:11:43 | 000,000,790 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2011.12.07 11:10:18 | 000,002,329 | ---- | C] () -- J:\Důležité soubory\Plocha\HiJackThis.lnk
[2011.12.06 16:39:11 | 000,000,213 | ---- | C] () -- C:\WINDOWS\boot.ini
[2011.12.05 15:04:23 | 000,002,283 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2011.11.29 11:43:10 | 000,000,628 | ---- | C] () -- J:\Důležité soubory\Plocha\Traktor 2.lnk
[2011.11.29 11:29:10 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\µTorrent.lnk
[2011.11.13 18:59:05 | 000,000,777 | ---- | C] () -- J:\Důležité soubory\Plocha\PhotoFiltre Studio X.lnk
[2011.10.24 20:50:34 | 000,563,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfi.dat
[2011.10.14 22:30:06 | 000,031,232 | ---- | C] () -- C:\Documents and Settings\Bill Gates\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.10.08 16:57:32 | 000,137,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011.10.08 16:57:16 | 000,214,520 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011.10.08 16:57:06 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011.10.07 18:02:24 | 000,480,608 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2011.10.07 18:02:24 | 000,034,080 | ---- | C] () -- C:\WINDOWS\System32\CTAAEI.dll
[2011.10.07 18:02:24 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2011.10.07 18:02:24 | 000,000,449 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2011.10.01 20:20:20 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\rtvcvfw32.dll
[2011.10.01 19:31:01 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011.10.01 19:31:00 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2011.10.01 19:30:56 | 000,644,608 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011.10.01 19:30:56 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2011.10.01 19:30:55 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2011.10.01 19:14:39 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys
[2011.10.01 19:13:12 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.10.01 19:12:03 | 000,123,728 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.10.01 19:08:12 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2011.10.01 19:04:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.10.01 19:04:26 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2011.10.01 19:04:26 | 000,239,869 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2011.10.01 19:04:26 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011.10.01 17:51:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.10.01 17:47:40 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.10.01 17:47:13 | 000,058,716 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2011.10.01 17:47:13 | 000,014,691 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2011.10.01 17:47:12 | 000,018,097 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2011.09.14 10:47:40 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2010.01.01 09:03:02 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010.01.01 09:03:02 | 000,285,176 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010.01.01 09:03:02 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010.01.01 09:02:49 | 002,130,002 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2008.04.14 08:16:08 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006.12.31 06:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.11.10 14:08:50 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATITool.sys
[2001.10.25 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.10.25 15:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.10.25 15:00:00 | 000,465,554 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.10.25 15:00:00 | 000,464,594 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2001.10.25 15:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.10.25 15:00:00 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2001.10.25 15:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.10.25 15:00:00 | 000,087,886 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2001.10.25 15:00:00 | 000,075,758 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.10.25 15:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.10.25 15:00:00 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2001.10.25 15:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.10.25 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.10.25 15:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun -- [2011.08.02 08:33:30 | 004,910,912 | ---- | M] (DT Soft Ltd)
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2011.10.13 11:45:22 | 019,550,344 | R--- | M] (Skype Technologies S.A.)

< c:\windows\*.* /U >


< MD5 for: AGP440.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008.04.13 23:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 07:51:42 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 07:52:24 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2008.04.14 08:10:02 | 020,102,206 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2008.04.13 23:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\Documents and Settings\Bill Gates\Local Settings\Data aplikací\SlimWare Utilities Inc\SlimDrivers\Backups\20111207T212511828125\acpiapic_mp\hal.dll
[2008.04.13 23:01:30 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll

< MD5 for: LSASS.EXE >
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\ERDNT\cache\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 07:52:30 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\ERDNT\cache\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.13 23:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 07:51:52 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: SCECLI.DLL >
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 07:51:56 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 07:52:48 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\ERDNT\cache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 07:52:50 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 07:52:52 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\ERDNT\cache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 07:52:54 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\ERDNT\cache\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 07:52:08 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< End of report >
Nahoru
Zamčeno

Zpět na “Problémy s hardwarem”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 9 hostů