Nezobrazují se ikonky default. prohlížeče u *.htm a *.html »

Zpráva

Agolas · #181 Příspěvek od **Agolas** » 09 led 2011 11:05

1. co teda s pc bylo? jakou havěť jsem tam měl a čím jsem to mohl způsobit?
2. ještě jednou moc děkuji a rád bych přispěl na vaše fórum nějakou částkou, případně zda-li můžu přímo vám nebo fóru jako takovému?.

#182 Příspěvek od **Rudy** » 09 led 2011 11:25

CF jsme smazali ovladač Akamai, který se obecně považuje za nelegitimní. CF také pravděpodobně smazal nelegitimní registry klíč (o tom nepodává zprávu). Na možnost podpory našeho fóra klikněte v mém podpisu na "Podpořte fórum". Nemáte zač!

Agolas · #183 Příspěvek od **Agolas** » 17 led 2011 19:42

Přijemný večer,prosím o kontrolu logu

předem děkuji.

Logfile of random's system information tool 1.08 (written by random/random)
Run by hnizdil at 2011-01-17 19:40:37
Microsoft Windows 7 Home Premium
System drive C: has 9 GB (9%) free of 100 GB
Total RAM: 1024 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:40:50, on 17.1.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\hnizdil\Downloads\RSIT.exe
C:\Program Files\trend micro\hnizdil.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/facesmooch/{0 ... 4FCDB5FC3A}
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll
O4 - HKLM\..\Run: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [EEventManager] c:\progra~1\epsons~1\eventm~1\eeventmanager.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WIA6EB~1\Datamngr\DATAMN~1.EXE
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~1\wia6eb~1\datamngr\datamngr.dll c:\progra~1\bandoo\bndhook.dll
O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 5806 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}]
Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll [2010-02-10 87488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-22 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{7FF99715-3016-4381-84CE-E4E4C9673020} - Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll [2010-02-10 87488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=c:\program files\eset\eset smart security\egui.exe [2009-11-16 2054360]
"EEventManager"=c:\progra~1\epsons~1\eventm~1\eeventmanager.exe [2008-12-04 665424]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]
"DATAMNGR"=C:\PROGRA~1\WIA6EB~1\Datamngr\DATAMN~1.EXE [2010-11-04 985488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\wia6eb~1\datamngr\datamngr.dll c:\progra~1\bandoo\bndhook.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-01-16 10:12:05 ----D---- C:\ProgramData\Bandoo
2011-01-15 21:32:45 ----D---- C:\Users\hnizdil\AppData\Roaming\Bandoo
2011-01-15 21:32:26 ----D---- C:\Program Files\Windows Searchqu Toolbar
2011-01-15 21:30:35 ----D---- C:\Program Files\Bandoo
2011-01-12 10:10:48 ----A---- C:\Windows\system32\odbc32.dll
2011-01-12 10:10:44 ----A---- C:\Windows\system32\d3d10warp.dll
2011-01-12 10:10:43 ----A---- C:\Windows\system32\FntCache.dll
2011-01-12 10:10:43 ----A---- C:\Windows\system32\DWrite.dll
2011-01-12 10:10:43 ----A---- C:\Windows\system32\d2d1.dll
2011-01-12 10:10:42 ----A---- C:\Windows\system32\XpsPrint.dll
2011-01-12 10:10:42 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-01-12 10:10:41 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-01-12 10:10:41 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-01-12 10:10:41 ----A---- C:\Windows\system32\cdd.dll
2011-01-12 10:10:40 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-01-12 10:10:40 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-01-12 10:10:40 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-01-12 10:10:39 ----A---- C:\Windows\system32\d3d10_1.dll
2011-01-08 10:17:24 ----D---- C:\Windows\temp
2011-01-08 10:17:22 ----A---- C:\ComboFix.txt
2011-01-08 10:16:54 ----SHD---- C:\$RECYCLE.BIN
2011-01-08 10:02:13 ----A---- C:\Windows\zip.exe
2011-01-08 10:02:13 ----A---- C:\Windows\SWSC.exe
2011-01-08 10:02:13 ----A---- C:\Windows\SWREG.exe
2011-01-08 10:02:13 ----A---- C:\Windows\sed.exe
2011-01-08 10:02:13 ----A---- C:\Windows\PEV.exe
2011-01-08 10:02:13 ----A---- C:\Windows\NIRCMD.exe
2011-01-08 10:02:13 ----A---- C:\Windows\MBR.exe
2011-01-08 10:02:13 ----A---- C:\Windows\grep.exe
2011-01-08 10:01:36 ----A---- C:\Windows\SWXCACLS.exe
2011-01-07 21:43:01 ----D---- C:\Qoobox
2011-01-07 13:52:43 ----D---- C:\Config.Msi
2011-01-05 17:12:18 ----D---- C:\Users\hnizdil\AppData\Roaming\Windows Live Writer
2010-12-23 18:57:21 ----D---- C:\Program Files\Gameforge4D

======List of files/folders modified in the last 1 months======

2011-01-17 19:40:50 ----D---- C:\Windows\Prefetch
2011-01-17 19:40:43 ----D---- C:\Program Files\trend micro
2011-01-17 15:15:40 ----D---- C:\Windows\system32\config
2011-01-17 13:31:14 ----D---- C:\Windows\system32\catroot2
2011-01-16 19:01:04 ----SHD---- C:\System Volume Information
2011-01-16 10:12:05 ----D---- C:\ProgramData
2011-01-15 21:32:37 ----D---- C:\Users\hnizdil\AppData\Roaming\Mozilla
2011-01-15 21:32:26 ----RD---- C:\Program Files
2011-01-15 11:41:28 ----D---- C:\Windows\System32
2011-01-15 11:41:27 ----D---- C:\Windows\inf
2011-01-15 11:41:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-13 13:07:51 ----D---- C:\Windows\winsxs
2011-01-13 13:06:41 ----D---- C:\Windows\system32\drivers
2011-01-12 22:58:18 ----D---- C:\Windows\debug
2011-01-12 22:58:16 ----A---- C:\Windows\system32\MRT.exe
2011-01-12 10:10:36 ----D---- C:\Windows\system32\catroot
2011-01-11 12:59:11 ----D---- C:\Windows
2011-01-08 22:38:12 ----SD---- C:\ProgramData\Microsoft
2011-01-08 10:14:29 ----A---- C:\Windows\system.ini
2011-01-08 10:14:14 ----D---- C:\Windows\system32\drivers\etc
2011-01-08 10:12:47 ----D---- C:\Windows\ERDNT
2011-01-08 10:09:55 ----D---- C:\Windows\AppPatch
2011-01-08 10:09:53 ----D---- C:\Program Files\Common Files
2011-01-08 09:30:38 ----D---- C:\Program Files\Common Files\Akamai
2011-01-07 15:08:32 ----D---- C:\Program Files\EA Sports
2011-01-07 13:58:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-07 13:53:41 ----SHD---- C:\Windows\Installer
2011-01-07 13:53:38 ----D---- C:\Windows\system32\Tasks
2011-01-07 13:53:09 ----D---- C:\Users\hnizdil\AppData\Roaming\Skype
2011-01-07 13:31:41 ----D---- C:\Users\hnizdil\AppData\Roaming\skypePM
2011-01-06 15:34:09 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-06 09:05:43 ----D---- C:\Program Files\Common Files\microsoft shared
2011-01-05 16:36:23 ----D---- C:\Program Files\CCleaner
2010-12-19 10:44:29 ----D---- C:\Program Files\Mozilla Firefox
2010-12-18 15:45:51 ----D---- C:\Windows\rescache

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-23 691696]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-11-16 135048]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-11-16 38240]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 4194816]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2007-02-05 1122304]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-13 43008]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 aierpze3;aierpze3; C:\Windows\system32\drivers\aierpze3.sys []
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 catchme;catchme; \??\C:\Users\hnizdil\AppData\Local\Temp\catchme.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2010-11-17 1942416]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-17 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-03 136176]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-08-29 3739080]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-09-17 411432]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-25 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

#184 Příspěvek od **Rudy** » 17 led 2011 19:47

Zdravím! Tento soubor: C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll otestujte online na www.virustotal.com . Výsledek oznamte.

Agolas · #185 Příspěvek od **Agolas** » 17 led 2011 20:41

Antivirus Version Last Update Result
AhnLab-V3 2011.01.16.00 2011.01.16 -
AntiVir 7.11.1.163 2011.01.17 -
Antiy-AVL 2.0.3.7 2011.01.17 -
Avast 4.8.1351.0 2011.01.17 -
Avast5 5.0.677.0 2011.01.17 -
AVG 10.0.0.1190 2011.01.17 -
BitDefender 7.2 2011.01.17 -
CAT-QuickHeal 11.00 2011.01.17 -
ClamAV 0.96.4.0 2011.01.17 -
Command 5.2.11.5 2011.01.16 -
Comodo 7422 2011.01.17 -
DrWeb 5.0.2.03300 2011.01.17 -
Emsisoft 5.1.0.1 2011.01.17 -
eSafe 7.0.17.0 2011.01.17 -
eTrust-Vet 36.1.8105 2011.01.17 -
F-Prot 4.6.2.117 2011.01.16 -
F-Secure 9.0.16160.0 2011.01.17 -
Fortinet 4.2.254.0 2011.01.16 -
GData 21 2011.01.17 -
Ikarus T3.1.1.97.0 2011.01.17 -
Jiangmin 13.0.900 2011.01.17 -
K7AntiVirus 9.77.3565 2011.01.17 -
Kaspersky 7.0.0.125 2011.01.17 -
McAfee 5.400.0.1158 2011.01.17 -
McAfee-GW-Edition 2010.1C 2011.01.17 -
Microsoft 1.6402 2011.01.17 -
NOD32 5795 2011.01.17 -
Norman 6.06.12 2011.01.17 -
nProtect 2011-01-17.01 2011.01.17 -
Panda 10.0.2.7 2011.01.17 -
PCTools 7.0.3.5 2011.01.17 -
Prevx 3.0 2011.01.17 -
Rising 22.83.00.03 2011.01.17 -
Sophos 4.61.0 2011.01.17 -
SUPERAntiSpyware 4.40.0.1006 2011.01.17 -
Symantec 20101.3.0.103 2011.01.17 -
TheHacker 6.7.0.1.115 2011.01.14 -
TrendMicro 9.120.0.1004 2011.01.17 -
TrendMicro-HouseCall 9.120.0.1004 2011.01.17 -
VBA32 3.12.14.2 2011.01.17 -
VIPRE 8102 2011.01.17 -
ViRobot 2011.1.17.4259 2011.01.17 -
VirusBuster 13.6.151.0 2011.01.17 -
Additional information
Show all
MD5 : 5341d89ccc497fcdb3cb2b0ee447af2c
SHA1 : 21569742db2e4b878560c81b1c4d660aa411f2ee
SHA256: 6cbf7ea6d40cf18fd45be290cf450fa49ca589603c36b193a43d40479b2053a6
ssdeep: 1536:8bVSQvGEbtSs8n/95pdaMvIYQv/EelCgijbkn4Z8K:8UwGGSGH/EelCgijgnO
File size : 87488 bytes
First seen: 2010-02-28 18:09:12
Last seen : 2011-01-17 19:39:37
TrID:
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: n/a
copyright....: (c) 2010 Discordia Ltd.
product......: Searchqu Toolbar
description..: Searchqu Toolbar Link Library
original name: SearchquDx.dll
internal name: Toolbar Link Module
file version.: 1, 0, 0, 15
comments.....: n/a
signers......: Discordia Limited
Thawte Code Signing CA
Thawte Premium Server CA
signing date.: 5:15 PM 2/10/2010
verified.....: -
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x4EC6
timedatestamp....: 0x4B062507 (Fri Nov 20 05:11:35 2009)
machinetype......: 0x14c (I386)

[[ 5 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0xB8A6, 0xC000, 6.50, 375ba77dc219ced14589d2512c56f424
.rdata, 0xD000, 0x28C1, 0x3000, 4.44, 4d5f88ac320deacb81f6c52567872034
.data, 0x10000, 0x27E0, 0x1000, 3.36, 4d2fe5f0c19ce6fdc6683f2030e4eb29
.rsrc, 0x13000, 0x3B0, 0x1000, 3.65, 54566d90b626201c9869b5e4a6d746b0
.reloc, 0x14000, 0x162A, 0x2000, 3.22, 82fa41a2b075d72aefb300d19700fa52

[[ 6 import(s) ]]
KERNEL32.dll: LoadLibraryA, WritePrivateProfileStringA, GetModuleFileNameA, GetFileAttributesA, GetTickCount, InterlockedExchange, GetACP, GetLocaleInfoA, GetProcAddress, GetModuleHandleA, SetLastError, CreateDirectoryA, WideCharToMultiByte, LocalFree, FreeLibrary, lstrlenA, MultiByteToWideChar, GetLastError, InterlockedDecrement, FindResourceA, LoadResource, GetVersionExA, InterlockedIncrement, GetSystemInfo, VirtualProtect, FlushFileBuffers, SetStdHandle, InitializeCriticalSection, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, GetCPInfo, GetOEMCP, IsBadCodePtr, IsBadReadPtr, RtlUnwind, ExitProcess, TerminateProcess, GetCurrentProcess, RaiseException, HeapAlloc, HeapFree, GetCurrentThreadId, GetCommandLineA, TlsAlloc, TlsFree, TlsSetValue, TlsGetValue, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, VirtualQuery, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, SetUnhandledExceptionFilter, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, HeapReAlloc, IsBadWritePtr, CloseHandle, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, SetFilePointer, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, UnhandledExceptionFilter, WriteFile, HeapSize
USER32.dll: MessageBoxA
ADVAPI32.dll: RegQueryValueExA, RegDeleteKeyA, RegOpenKeyA, RegDeleteValueA, RegCreateKeyExA, RegSetValueExA, RegCloseKey, RegOpenKeyExA
SHELL32.dll: SHGetMalloc, SHGetPathFromIDListA, SHGetSpecialFolderLocation
ole32.dll: CLSIDFromProgID, CLSIDFromString, CoUninitialize, CoInitializeEx, OleRun, CoCreateInstance, CoTaskMemFree
OLEAUT32.dll: -, -, -, -, -, -, -

[[ 4 export(s) ]]
DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 49152
EntryPoint: 0x4ec6
FileDescription: Searchqu Toolbar Link Library
FileFlagsMask: 0x0017
FileOS: Win32
FileSize: 85 kB
FileSubtype: 0
FileType: Win32 DLL
FileVersion: 1, 0, 0, 15
FileVersionNumber: 1.0.0.15
ImageVersion: 0.0
InitializedDataSize: 28672
InternalName: Toolbar Link Module
LanguageCode: English (U.S.)
LegalCopyright: 2010 Discordia Ltd.
LinkerVersion: 7.1
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 4.0
ObjectFileType: Dynamic link library
OriginalFilename: SearchquDx.dll
PEType: PE32
ProductName: Searchqu Toolbar
ProductVersion: 1.0.0.15
ProductVersionNumber: 1.0.0.15
Subsystem: Windows GUI
SubsystemVersion: 4.0
TimeStamp: 2009:11:20 06:11:35+01:00
UninitializedDataSize: 0

#186 Příspěvek od **Rudy** » 17 led 2011 20:46

Soubor je v pořádku a tím i celý log.

Agolas · #187 Příspěvek od **Agolas** » 20 led 2011 23:20

Dobrý večer,prosím o kontrolu logu děkuji předem.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Tomáš Hnízdil at 2011-01-20 23:16:19
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 61 GB (75%) free of 82 GB
Total RAM: 1014 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:16:33, on 20.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\EeePC\CapsHook\CapsHook.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Documents and Settings\Tomáš Hnízdil\Plocha\Programy\RSIT.exe
C:\Program Files\trend micro\Tomáš Hnízdil.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [LiveUpdate] C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [CapsHook] C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 9609 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Trend Micro Internet Security.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{4C726153-CAD8-42D6-A282-4C6C0AFD3417}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-15 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-01-20 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2011-01-20 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-07 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-07 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-01-20 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-09-28 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-09-28 173592]
"LiveUpdate"=C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [2010-01-29 751592]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 83240]
"UfSeAgnt.exe"=C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [2010-02-23 1024368]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-14 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"CapsHook"=C:\Program Files\EeePC\CapsHook\CapsHook.exe [2010-05-28 445344]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-04-27 19523616]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2009-06-26 118784]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2009-05-08 98304]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2010-05-17 1246632]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1594664]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2010-03-25 402096]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2010-03-02 1347496]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-01-04 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-27 3883840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2009-09-28 141336]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-09-24 205312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Tomáš Hnízdil\Plocha\rld-nhl9\Crack\nhl2009.exe"="C:\Documents and Settings\Tomáš Hnízdil\Plocha\rld-nhl9\Crack\nhl2009.exe:*:Disabled:nhl2009"
"C:\Documents and Settings\Tomáš Hnízdil\Local Settings\Temp\Rar$EX02.968\nhl2009.exe"="C:\Documents and Settings\Tomáš Hnízdil\Local Settings\Temp\Rar$EX02.968\nhl2009.exe:*:Enabled:nhl2009"
"C:\Program Files\THQ\Juiced2_HIN\Juiced2_HIN.exe"="C:\Program Files\THQ\Juiced2_HIN\Juiced2_HIN.exe:*:Enabled:Juiced2_HIN"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======List of files/folders created in the last 1 months======

2011-01-20 23:12:10 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Template
2011-01-20 19:55:36 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-01-20 18:51:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2011-01-20 18:51:26 ----A---- C:\WINDOWS\system32\QTCF.dll
2011-01-20 18:51:15 ----D---- C:\Program Files\QuickTime Alternative
2011-01-20 18:36:10 ----D---- C:\WINDOWS\LastGood
2011-01-20 18:15:10 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Sachy
2011-01-20 14:50:32 ----D---- C:\WINDOWS\Minidump
2011-01-15 12:00:11 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Malwarebytes
2011-01-15 12:00:02 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-01-15 12:00:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-01-15 11:59:56 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-01-15 11:59:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-13 06:50:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-07 18:29:01 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Google
2011-01-05 21:39:58 ----D---- C:\Program Files\XP Codec Pack
2011-01-05 17:11:21 ----D---- C:\WINDOWS\system32\Adobe
2011-01-05 16:58:35 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-01-04 20:21:43 ----D---- C:\Program Files\CCleaner
2011-01-04 20:19:59 ----D---- C:\Program Files\Google
2011-01-04 20:19:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-01-03 14:50:52 ----D---- C:\Program Files\Common Files\Adobe
2011-01-03 14:50:52 ----D---- C:\Program Files\Adobe
2010-12-28 19:13:15 ----D---- C:\cis3mu
2010-12-26 15:18:39 ----RHD---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\SecuROM
2010-12-26 15:15:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\InstallShield
2010-12-25 18:58:10 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\WinRAR
2010-12-25 18:57:55 ----D---- C:\Program Files\WinRAR
2010-12-25 13:42:59 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Leadertech
2010-12-25 13:37:37 ----D---- C:\Program Files\EA Sports
2010-12-25 13:37:34 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-12-25 13:37:34 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-12-25 13:37:33 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-12-25 13:37:33 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-12-25 13:37:32 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-12-25 13:37:32 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-12-25 13:37:31 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-12-25 13:37:29 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-12-25 13:37:29 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-12-25 13:37:28 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-12-25 13:37:27 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-12-25 13:37:27 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-12-25 13:37:26 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-12-25 13:37:25 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-12-25 13:37:24 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-12-25 13:37:24 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-12-25 13:37:23 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-12-25 13:37:22 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-12-25 13:37:21 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-12-25 13:37:21 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-12-25 13:37:20 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-12-25 13:37:19 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-12-25 13:37:19 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-12-25 13:37:18 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-12-25 13:37:18 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-12-25 13:37:17 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-12-25 13:37:16 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-12-25 13:37:15 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-12-25 13:37:14 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-12-25 13:37:14 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-12-25 13:37:11 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-12-25 13:37:10 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-12-25 13:37:09 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-12-25 13:37:07 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-12-25 13:37:07 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-12-25 13:37:06 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-12-25 13:37:05 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-12-25 13:37:05 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-12-25 13:37:04 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-12-25 13:37:04 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-12-25 13:37:03 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-12-25 13:36:52 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-12-25 13:36:51 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-12-25 13:36:51 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-12-25 13:36:50 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-12-25 13:36:49 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-12-25 13:36:48 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-12-25 13:36:47 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-12-25 13:36:46 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-12-25 13:36:45 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-12-25 13:36:43 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-12-25 13:36:30 ----D---- C:\WINDOWS\Logs
2010-12-25 13:34:06 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-12-25 03:17:57 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-12-25 03:17:47 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-12-25 03:17:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2010-12-25 03:17:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2010-12-25 03:16:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-12-25 03:14:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-12-25 03:14:15 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-12-25 03:13:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-12-25 03:13:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-12-25 03:05:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2010-12-25 03:01:25 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-12-25 03:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2010-12-25 03:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2010-12-25 02:58:14 ----A---- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2010-12-25 02:37:58 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-12-25 02:30:06 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Mozilla
2010-12-25 02:29:56 ----D---- C:\Program Files\Mozilla Firefox
2010-12-25 02:20:47 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Macromedia
2010-12-25 02:17:03 ----D---- C:\WINDOWS\system32\PreInstall
2010-12-25 02:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-12-25 02:09:37 ----A---- C:\WINDOWS\system32\muweb.dll
2010-12-25 02:09:37 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-12-25 02:09:37 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-12-25 01:52:14 ----A---- C:\WINDOWS\ModemLog_ZTE Proprietary USB Modem.txt
2010-12-25 01:51:17 ----D---- C:\Program Files\T-Mobile
2010-12-25 01:49:57 ----A---- C:\WINDOWS\system32\drivers\ZTEusbser6k.sys
2010-12-25 01:49:57 ----A---- C:\WINDOWS\system32\drivers\ZTEusbnmea.sys
2010-12-25 01:49:57 ----A---- C:\WINDOWS\system32\drivers\ZTEusbmdm6k.sys
2010-12-25 01:49:57 ----A---- C:\WINDOWS\system32\drivers\massfilter.sys
2010-12-25 01:49:52 ----D---- C:\Program Files\ZTE Drivers
2010-12-24 23:57:37 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\skypePM
2010-12-24 23:54:56 ----D---- C:\Program Files\Common Files\Skype
2010-12-24 23:54:54 ----RD---- C:\Program Files\Skype
2010-12-24 23:54:52 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Skype
2010-12-24 23:10:31 ----A---- C:\WINDOWS\system32\MRT.exe
2010-12-24 22:49:30 ----D---- C:\rsit
2010-12-24 21:53:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-12-24 21:53:23 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-12-24 21:53:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-12-24 21:52:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-12-24 21:52:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-12-24 21:52:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-12-24 21:51:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-12-24 21:51:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2010-12-24 21:51:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-12-24 21:50:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2010-12-24 21:50:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-12-24 21:49:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2010-12-24 21:48:52 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-12-24 21:47:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-12-24 21:47:14 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-12-24 21:46:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2010-12-24 21:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-12-24 21:45:47 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-12-24 21:45:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-12-24 21:44:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-12-24 21:39:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-12-24 21:36:43 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$

======List of files/folders modified in the last 1 months======

2011-01-20 23:16:27 ----D---- C:\Program Files\Trend Micro
2011-01-20 23:16:26 ----D---- C:\WINDOWS\Prefetch
2011-01-20 23:15:07 ----D---- C:\WINDOWS\Temp
2011-01-20 23:15:07 ----D---- C:\WINDOWS
2011-01-20 23:12:12 ----SD---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Microsoft
2011-01-20 19:55:38 ----HD---- C:\WINDOWS\inf
2011-01-20 19:55:37 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-20 19:55:36 ----D---- C:\WINDOWS\system32
2011-01-20 19:54:23 ----D---- C:\Program Files\Windows Media Player
2011-01-20 19:54:23 ----D---- C:\Program Files\Windows Media Connect 2
2011-01-20 19:54:09 ----D---- C:\WINDOWS\Help
2011-01-20 19:54:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-20 19:53:02 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-01-20 19:53:02 ----D---- C:\WINDOWS\system32\drivers
2011-01-20 19:51:20 ----SHD---- C:\WINDOWS\Installer
2011-01-20 19:46:21 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-01-20 18:51:15 ----RD---- C:\Program Files
2011-01-20 18:37:37 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-20 14:49:29 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-01-15 12:02:13 ----D---- C:\WINDOWS\system32\drivers\etc
2011-01-13 21:32:32 ----D---- C:\WINDOWS\Debug
2011-01-12 14:20:21 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-11 06:20:15 ----D---- C:\WINDOWS\system32\Service
2011-01-05 17:37:17 ----D---- C:\WINDOWS\WinSxS
2011-01-05 17:37:17 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-05 16:58:45 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Adobe
2011-01-05 16:58:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-01-05 16:58:35 ----D---- C:\Program Files\Common Files
2011-01-04 20:21:36 ----SD---- C:\WINDOWS\Tasks
2010-12-28 09:05:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-12-28 08:57:54 ----RSD---- C:\WINDOWS\assembly
2010-12-27 08:05:51 ----RSD---- C:\WINDOWS\Fonts
2010-12-27 08:04:42 ----D---- C:\Program Files\Microsoft Works
2010-12-27 07:57:15 ----D---- C:\Program Files\Microsoft Silverlight
2010-12-26 15:34:22 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-12-26 15:12:34 ----D---- C:\WINDOWS\Microsoft.NET
2010-12-26 15:07:34 ----D---- C:\WINDOWS\system32\DirectX
2010-12-26 15:05:45 ----D---- C:\Program Files\Common Files\InstallShield
2010-12-26 15:05:40 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-25 03:14:18 ----D---- C:\Program Files\Movie Maker
2010-12-25 03:01:13 ----D---- C:\Program Files\Outlook Express
2010-12-24 23:23:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-24 23:19:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-12-24 22:44:55 ----SHD---- C:\RECYCLER
2010-12-24 21:50:03 ----D---- C:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2009-06-04 330264]
R1 AsUpIO;AsUpIO; C:\WINDOWS\system32\drivers\AsUpIO.sys [2010-03-31 11520]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\system32\DRIVERS\tmtdi.sys [2010-02-23 89872]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-06 54752]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R2 tmpreflt;tmpreflt; C:\WINDOWS\system32\DRIVERS\tmpreflt.sys [2010-07-30 36432]
R2 tmxpflt;tmxpflt; C:\WINDOWS\system32\DRIVERS\tmxpflt.sys [2010-07-30 249424]
R2 vsapint;vsapint; C:\WINDOWS\system32\DRIVERS\vsapint.sys [2010-07-30 1331512]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-08-12 1582624]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-09-24 6301696]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-04-27 6031904]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-07-27 44032]
R3 rtsuvc;Realtek USB2.0 PC Camera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2010-02-04 73088]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-11-19 230448]
R3 tmactmon;tmactmon; \??\C:\WINDOWS\system32\drivers\tmactmon.sys []
R3 tmcfw;Trend Micro Common Firewall Service; C:\WINDOWS\system32\DRIVERS\TM_CFW.sys [2010-02-23 339984]
R3 tmevtmgr;tmevtmgr; \??\C:\WINDOWS\system32\drivers\tmevtmgr.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 massfilter;Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2010-02-22 9216]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-29 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2010-03-02 105856]
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2010-03-02 105856]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2010-03-02 105856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2010-03-02 67312]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-15 226656]
R2 SfCtlCom;Trend Micro Central Control Component; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [2010-10-09 736040]
R3 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [2010-02-23 345352]
R3 TmPfw;Trend Micro Personal Firewall; C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [2010-02-23 497008]
R3 TmProxy;Trend Micro Proxy Service; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2010-02-23 689416]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-04 135664]
S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2009-06-16 26144]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-06 704864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-01-04 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#188 Příspěvek od **Rudy** » 21 led 2011 18:13

Log vypadá čistý.

Agolas · #189 Příspěvek od **Agolas** » 27 led 2011 19:28

Dobrý večír

.

Mému antivyrusu došla zkušební doba po 30 dnech,tak bych prosil o nějaký doporučený free antivir který by vydržel do té doby než mi dorazí doporučeně plná verze Antiviru. Děkuji předem za odpověd.

#190 Příspěvek od **Rudy** » 27 led 2011 19:54

Mohu doporučit Aviru: http://www.free-av.com/it/download/index.html . Solidní detekce, minimální nároky na systémové prostředky. Nevýhody: Není v češtině, nekontroluje ve free verzi poštu. Obě nevýhody nemá Avast: http://www.avast.com/cs-cz/index , ten ovšem má vyyší nároky na systémové prostředky a občasné falešné poplachy.

Agolas · #191 Příspěvek od **Agolas** » 27 led 2011 19:58

Děkuji mnohokrát

.

#192 Příspěvek od **Rudy** » 27 led 2011 20:50

Nemáte zač!

Agolas · #193 Příspěvek od **Agolas** » 04 úno 2011 19:19

Dobrý večer

.

Prosím o kontrolu logu.
Děkuji.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Tomáš Hnízdil at 2011-02-04 19:15:44
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 54 GB (65%) free of 82 GB
Total RAM: 1014 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:16:15, on 4.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\Program Files\EeePC\CapsHook\CapsHook.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\Tomáš Hnízdil\Plocha\Programy\RSIT.exe
C:\Program Files\trend micro\Tomáš Hnízdil.exe
C:\Program Files\Alwil Software\Avast5\defs\11020400\Sf.bin

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [LiveUpdate] C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [SynAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [CapsHook] C:\Program Files\EeePC\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

--
End of file - 9604 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Trend Micro Internet Security.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{4C726153-CAD8-42D6-A282-4C6C0AFD3417}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-15 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-01-20 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2011-01-20 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-07 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-07 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-01-20 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-09-28 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-09-28 173592]
"LiveUpdate"=C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [2010-01-29 751592]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-11-19 83240]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-14 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"CapsHook"=C:\Program Files\EeePC\CapsHook\CapsHook.exe [2010-05-28 445344]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-04-27 19523616]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2009-06-26 118784]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2009-05-08 98304]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2010-05-17 1246632]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-11-19 1594664]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2010-03-25 402096]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-01-04 39408]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe [2011-01-05 1351608]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-02-04 396152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-27 3883840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2009-09-28 141336]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-09-24 205312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Tomáš Hnízdil\Plocha\rld-nhl9\Crack\nhl2009.exe"="C:\Documents and Settings\Tomáš Hnízdil\Plocha\rld-nhl9\Crack\nhl2009.exe:*:Disabled:nhl2009"
"C:\Documents and Settings\Tomáš Hnízdil\Local Settings\Temp\Rar$EX02.968\nhl2009.exe"="C:\Documents and Settings\Tomáš Hnízdil\Local Settings\Temp\Rar$EX02.968\nhl2009.exe:*:Enabled:nhl2009"
"C:\Program Files\THQ\Juiced2_HIN\Juiced2_HIN.exe"="C:\Program Files\THQ\Juiced2_HIN\Juiced2_HIN.exe:*:Enabled:Juiced2_HIN"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======List of files/folders created in the last 1 months======

2011-02-04 15:29:54 ----D---- C:\Program Files\uTorrent
2011-02-04 15:28:46 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\uTorrent
2011-02-04 13:42:59 ----A---- C:\WINDOWS\ntbtlog.txt
2011-01-27 20:22:02 ----D---- C:\Program Files\T-Mobile
2011-01-27 20:17:35 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-01-27 20:17:35 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-01-27 20:17:34 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-01-27 20:17:34 ----A---- C:\WINDOWS\system32\drivers\aswFW.sys
2011-01-27 20:17:17 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-01-27 20:17:17 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-01-27 20:17:17 ----A---- C:\WINDOWS\system32\drivers\aswNdis2.sys
2011-01-27 20:17:16 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-01-27 20:17:16 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-01-27 20:17:16 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-01-27 20:16:59 ----A---- C:\WINDOWS\system32\drivers\aswNdis.sys
2011-01-27 20:16:58 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-01-27 20:16:51 ----D---- C:\Program Files\Alwil Software
2011-01-27 20:16:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2011-01-21 12:09:01 ----A---- C:\WINDOWS\system32\hidserv.dll
2011-01-21 12:08:40 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2011-01-21 12:08:04 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2011-01-20 23:12:10 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Template
2011-01-20 19:55:36 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-01-20 18:51:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2011-01-20 18:51:26 ----A---- C:\WINDOWS\system32\QTCF.dll
2011-01-20 18:51:15 ----D---- C:\Program Files\QuickTime Alternative
2011-01-20 18:15:10 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Sachy
2011-01-20 14:50:32 ----D---- C:\WINDOWS\Minidump
2011-01-15 12:00:11 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Malwarebytes
2011-01-15 12:00:02 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-01-15 12:00:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-01-15 11:59:56 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-01-15 11:59:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-13 06:50:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-07 18:29:01 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Google
2011-01-05 21:39:58 ----D---- C:\Program Files\XP Codec Pack
2011-01-05 17:11:21 ----D---- C:\WINDOWS\system32\Adobe
2011-01-05 16:58:35 ----D---- C:\Program Files\Common Files\Adobe AIR

======List of files/folders modified in the last 1 months======

2011-02-04 19:16:11 ----D---- C:\Program Files\Trend Micro
2011-02-04 19:06:06 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Skype
2011-02-04 17:20:26 ----D---- C:\WINDOWS\Temp
2011-02-04 17:04:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-04 16:05:05 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\skypePM
2011-02-04 15:29:54 ----RD---- C:\Program Files
2011-02-04 13:43:19 ----D---- C:\Documents and Settings
2011-02-04 13:42:59 ----D---- C:\WINDOWS
2011-02-04 13:42:19 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-30 18:13:54 ----A---- C:\WINDOWS\win.ini
2011-01-27 20:21:10 ----D---- C:\WINDOWS\Prefetch
2011-01-27 20:17:35 ----D---- C:\WINDOWS\system32\drivers
2011-01-27 20:17:29 ----HD---- C:\WINDOWS\inf
2011-01-27 20:17:08 ----SHD---- C:\WINDOWS\Installer
2011-01-27 20:17:07 ----D---- C:\WINDOWS\WinSxS
2011-01-27 20:16:58 ----D---- C:\WINDOWS\system32
2011-01-27 20:12:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-24 14:19:21 ----A---- C:\WINDOWS\ModemLog_ZTE Proprietary USB Modem.txt
2011-01-22 18:36:07 ----D---- C:\WINDOWS\system32\Service
2011-01-21 12:09:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-20 23:12:12 ----SD---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Microsoft
2011-01-20 19:57:32 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-20 19:54:23 ----D---- C:\Program Files\Windows Media Player
2011-01-20 19:54:23 ----D---- C:\Program Files\Windows Media Connect 2
2011-01-20 19:54:09 ----D---- C:\WINDOWS\Help
2011-01-20 19:53:02 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-01-20 19:46:21 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-01-15 12:02:13 ----D---- C:\WINDOWS\system32\drivers\etc
2011-01-13 21:32:32 ----D---- C:\WINDOWS\Debug
2011-01-13 06:51:21 ----A---- C:\WINDOWS\system32\MRT.exe
2011-01-12 14:20:21 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-05 17:37:17 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-05 16:58:45 ----D---- C:\Documents and Settings\Tomáš Hnízdil\Data aplikací\Adobe
2011-01-05 16:58:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-01-05 16:58:39 ----D---- C:\Program Files\Adobe
2011-01-05 16:58:35 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2011-01-13 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\WINDOWS\system32\drivers\aswNdis2.sys [2011-01-13 189904]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2009-06-04 330264]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 AsUpIO;AsUpIO; C:\WINDOWS\system32\drivers\AsUpIO.sys [2010-03-31 11520]
R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2011-01-13 99792]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-01-13 357968]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-06 54752]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-08-12 1582624]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-09-24 6301696]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-04-27 6031904]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-07-27 44032]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 rtsuvc;Realtek USB2.0 PC Camera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2010-02-04 73088]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-11-19 230448]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R4 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 massfilter;Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2010-02-22 9216]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-29 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2010-03-02 105856]
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2010-03-02 105856]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2010-03-02 105856]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-01-05 121584]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2011-01-13 119200]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-15 226656]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-04 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-06 704864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-01-04 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Agolas · #194 Příspěvek od **Agolas** » 04 úno 2011 19:22

Zde přikládám druhý log z mého druhého PC.

Děkuji za kontrolu.

Logfile of random's system information tool 1.08 (written by random/random)
Run by hnizdil at 2011-02-04 19:18:15
Microsoft Windows 7 Home Premium
System drive C: has 3 GB (3%) free of 100 GB
Total RAM: 1024 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:18:57, on 4.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\hnizdil\Downloads\RSIT.exe
C:\Program Files\trend micro\hnizdil.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/facesmooch/{0 ... 4FCDB5FC3A}
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll
O4 - HKLM\..\Run: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [EEventManager] c:\progra~1\epsons~1\eventm~1\eeventmanager.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\WIA6EB~1\Datamngr\DATAMN~1.EXE
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~1\wia6eb~1\datamngr\datamngr.dll c:\progra~1\bandoo\bndhook.dll
O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 5807 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}]
Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll [2010-02-10 87488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-22 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{7FF99715-3016-4381-84CE-E4E4C9673020} - Searchqu Toolbar - C:\PROGRA~1\WIA6EB~1\ToolBar\SearchquDx.dll [2010-02-10 87488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=c:\program files\eset\eset smart security\egui.exe [2009-11-16 2054360]
"EEventManager"=c:\progra~1\epsons~1\eventm~1\eeventmanager.exe [2008-12-04 665424]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]
"DATAMNGR"=C:\PROGRA~1\WIA6EB~1\Datamngr\DATAMN~1.EXE [2010-11-04 985488]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\wia6eb~1\datamngr\datamngr.dll c:\progra~1\bandoo\bndhook.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-02-01 13:46:25 ----D---- C:\Program Files\Microsoft WSE
2011-02-01 13:38:34 ----D---- C:\Program Files\Electronic Arts
2011-02-01 11:29:14 ----ASH---- C:\pagefile.sys
2011-01-22 13:41:45 ----D---- C:\Users\hnizdil\AppData\Roaming\CasualForge
2011-01-22 13:41:45 ----D---- C:\ProgramData\CasualForge
2011-01-21 17:50:00 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-01-20 23:13:25 ----D---- C:\ProgramData\AdventureChronicles1
2011-01-20 23:12:37 ----D---- C:\ProgramData\AlawarWrapper
2011-01-20 23:10:54 ----D---- C:\Program Files\Hry.cz
2011-01-16 10:12:05 ----D---- C:\ProgramData\Bandoo
2011-01-15 21:32:45 ----D---- C:\Users\hnizdil\AppData\Roaming\Bandoo
2011-01-15 21:32:26 ----D---- C:\Program Files\Windows Searchqu Toolbar
2011-01-15 21:30:35 ----D---- C:\Program Files\Bandoo
2011-01-12 10:10:48 ----A---- C:\Windows\system32\odbc32.dll
2011-01-12 10:10:44 ----A---- C:\Windows\system32\d3d10warp.dll
2011-01-12 10:10:43 ----A---- C:\Windows\system32\FntCache.dll
2011-01-12 10:10:43 ----A---- C:\Windows\system32\DWrite.dll
2011-01-12 10:10:43 ----A---- C:\Windows\system32\d2d1.dll
2011-01-12 10:10:42 ----A---- C:\Windows\system32\XpsPrint.dll
2011-01-12 10:10:42 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-01-12 10:10:41 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-01-12 10:10:41 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-01-12 10:10:41 ----A---- C:\Windows\system32\cdd.dll
2011-01-12 10:10:40 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-01-12 10:10:40 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-01-12 10:10:40 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-01-12 10:10:39 ----A---- C:\Windows\system32\d3d10_1.dll
2011-01-08 10:17:24 ----D---- C:\Windows\temp
2011-01-08 10:17:22 ----A---- C:\ComboFix.txt
2011-01-08 10:16:54 ----SHD---- C:\$RECYCLE.BIN
2011-01-08 10:02:13 ----A---- C:\Windows\zip.exe
2011-01-08 10:02:13 ----A---- C:\Windows\SWSC.exe
2011-01-08 10:02:13 ----A---- C:\Windows\SWREG.exe
2011-01-08 10:02:13 ----A---- C:\Windows\sed.exe
2011-01-08 10:02:13 ----A---- C:\Windows\PEV.exe
2011-01-08 10:02:13 ----A---- C:\Windows\NIRCMD.exe
2011-01-08 10:02:13 ----A---- C:\Windows\MBR.exe
2011-01-08 10:02:13 ----A---- C:\Windows\grep.exe
2011-01-08 10:01:36 ----A---- C:\Windows\SWXCACLS.exe
2011-01-07 21:43:01 ----D---- C:\Qoobox
2011-01-05 17:12:18 ----D---- C:\Users\hnizdil\AppData\Roaming\Windows Live Writer

======List of files/folders modified in the last 1 months======

2011-02-04 19:18:44 ----D---- C:\Windows\Prefetch
2011-02-04 19:18:36 ----D---- C:\Program Files\trend micro
2011-02-04 11:14:41 ----D---- C:\Windows\system32\config
2011-02-04 11:04:18 ----D---- C:\Windows\system32\catroot2
2011-02-04 11:04:13 ----SHD---- C:\System Volume Information
2011-02-02 23:22:39 ----D---- C:\Windows\winsxs
2011-02-02 23:22:37 ----SHD---- C:\Windows\Installer
2011-02-01 14:49:58 ----D---- C:\Windows
2011-02-01 14:00:48 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-01 13:59:49 ----D---- C:\Windows\debug
2011-02-01 13:46:31 ----RSD---- C:\Windows\assembly
2011-02-01 13:46:25 ----SD---- C:\Users\hnizdil\AppData\Roaming\Microsoft
2011-02-01 13:46:25 ----RD---- C:\Program Files
2011-02-01 13:36:20 ----D---- C:\Windows\System32
2011-02-01 13:36:18 ----D---- C:\Windows\inf
2011-02-01 13:36:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-22 13:41:45 ----D---- C:\ProgramData
2011-01-20 19:46:23 ----D---- C:\Windows\system32\drivers
2011-01-15 21:32:37 ----D---- C:\Users\hnizdil\AppData\Roaming\Mozilla
2011-01-12 22:58:16 ----A---- C:\Windows\system32\MRT.exe
2011-01-12 10:10:36 ----D---- C:\Windows\system32\catroot
2011-01-08 22:38:12 ----SD---- C:\ProgramData\Microsoft
2011-01-08 10:14:29 ----A---- C:\Windows\system.ini
2011-01-08 10:14:14 ----D---- C:\Windows\system32\drivers\etc
2011-01-08 10:12:47 ----D---- C:\Windows\ERDNT
2011-01-08 10:09:55 ----D---- C:\Windows\AppPatch
2011-01-08 10:09:53 ----D---- C:\Program Files\Common Files
2011-01-08 09:30:38 ----D---- C:\Program Files\Common Files\Akamai
2011-01-07 15:08:32 ----D---- C:\Program Files\EA Sports
2011-01-07 13:58:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-07 13:53:38 ----D---- C:\Windows\system32\Tasks
2011-01-07 13:53:09 ----D---- C:\Users\hnizdil\AppData\Roaming\Skype
2011-01-07 13:31:41 ----D---- C:\Users\hnizdil\AppData\Roaming\skypePM
2011-01-06 15:34:09 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-06 09:05:43 ----D---- C:\Program Files\Common Files\microsoft shared
2011-01-05 16:36:23 ----D---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-23 691696]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-11-16 135048]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-11-16 38240]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 4194816]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
R3 P17;SB Live! 24-bit; C:\Windows\system32\drivers\P17.sys [2007-02-05 1122304]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2009-07-13 43008]
R4 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-12-20 38224]
S3 ai2jw14n;ai2jw14n; C:\Windows\system32\drivers\ai2jw14n.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 catchme;catchme; \??\C:\Users\hnizdil\AppData\Local\Temp\catchme.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bandoo Coordinator;Bandoo Coordinator; C:\PROGRA~1\Bandoo\Bandoo.exe [2010-11-17 1942416]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [2007-12-17 143872]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [2007-01-11 113664]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-12-03 136176]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-08-29 3739080]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-09-17 411432]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-25 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

#195 Příspěvek od **Rudy** » 04 úno 2011 19:34

Oba logy (až na cracklou NHL2009 v 1. logu) vypadají OK.

VIRY.CZ

Nezobrazují se ikonky default. prohlížeče u .htm a .html »

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht

Re: Nezobrazují se ikonky default. prohlížeče u .htm a .ht