Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2011-02-15 12:56:21
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 110 GB (46%) free of 238 GB
Total RAM: 2039 MB (78% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-329068152-2025429265-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-329068152-2025429265-725345543-1004.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-01-03 382720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-07-29 806904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Gretech Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-17 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-17 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B}]
WinAVI FLVSense - C:\Program Files\WinAVI FLV Converter\FLVTune.dll [2008-01-28 114688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{AB26BF6C-BB04-4F00-8F98-BDE786CDE97D} - EFOToolbar - C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll [2009-04-23 266240]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Gretech Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-07-29 806904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2011-01-03 274608]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608]
"DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-18 2219184]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"CTSyncU.exe"=C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe [2006-08-07 700416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2009-01-21 166912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2009-01-21 134656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-06 54832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2009-01-21 134656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-04 177456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-06 872448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-17 148888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunKistEM]
C:\Program Files\Digital Media Reader\shwiconem.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1040384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UIUCU]
C:\DOCUME~1\user\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-02-06 561213]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Device Detector 3.lnk - C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\user\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-01-21 205824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\WINDOWS\system32\logonui.exe"="C:\WINDOWS\system32\logonui.exe:*:Enabled:logonui"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\Program Files\CyberLink\Shared Files\RichVideo.exe"="C:\Program Files\CyberLink\Shared Files\RichVideo.exe:*:Enabled:RichVideo"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:services"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\WINDOWS\system32\wbem\wmiprvse.exe"="C:\WINDOWS\system32\wbem\wmiprvse.exe:*:Enabled:wmiprvse"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass"
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"="C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe:*:Enabled:mscorsvw"
"C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe"="C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe:*:Enabled:btwdins"
"C:\Program Files\Alwil Software\Avast4\ashServ.exe"="C:\Program Files\Alwil Software\Avast4\ashServ.exe:*:Enabled:ashServ"
"C:\Program Files\SPSSInc\Statistics17\statistics.exe"="C:\Program Files\SPSSInc\Statistics17\statistics.exe:*:Disabled:Statistics17:exe"
"C:\Program Files\SPSSInc\Statistics17\SPSSWinWrapIDE.exe"="C:\Program Files\SPSSInc\Statistics17\SPSSWinWrapIDE.exe:*:Disabled:SPSS Basic Script Editor"
"C:\Program Files\SPSSInc\Statistics17\statistics.com"="C:\Program Files\SPSSInc\Statistics17\statistics.com:*:Disabled:Statistics17:com"
"C:\Program Files\SPSSInc\PASWStatistics18\WinWrapIDE.exe"="C:\Program Files\SPSSInc\PASWStatistics18\WinWrapIDE.exe:*:Disabled:SPSS Basic Script Editor"
"C:\Program Files\SPSSInc\PASWStatistics18\paswstat.exe"="C:\Program Files\SPSSInc\PASWStatistics18\paswstat.exe:*:Disabled:Statistics18:exe"
"C:\Program Files\SPSSInc\PASWStatistics18\paswstat.com"="C:\Program Files\SPSSInc\PASWStatistics18\paswstat.com:*:Disabled:Statistics18:com"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2011-02-15 12:56:22 ----D---- C:\Program Files\trend micro
2011-02-15 12:56:21 ----D---- C:\rsit
2011-02-09 22:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-09 22:39:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-09 22:39:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-09 22:39:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-09 22:37:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-09 22:37:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-09 22:37:38 ----A---- C:\WINDOWS\imsins.BAK
2011-02-09 22:37:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-02-09 22:25:37 ----D---- C:\Program Files\CCleaner
2011-01-27 19:40:44 ----D---- C:\Program Files\Common Files\Lingea Shared
2011-01-24 00:52:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-01-23 03:49:55 ----D---- C:\WINDOWS\system32\XPSViewer
2011-01-23 03:49:52 ----D---- C:\Program Files\MSBuild
2011-01-23 03:49:44 ----D---- C:\Program Files\Reference Assemblies
2011-01-23 03:49:17 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2011-01-23 03:49:17 ----N---- C:\WINDOWS\system32\prntvpt.dll
2011-01-23 03:49:16 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2011-01-23 03:49:16 ----D---- C:\9b2395c3f1a6b86580542cc8
2011-01-22 15:34:39 ----A---- C:\WINDOWS\system32\drivers\hidserv.dll
2011-01-21 14:55:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-01-21 14:55:28 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-01-21 14:55:22 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-01-21 14:55:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2011-01-20 07:07:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2011-01-20 07:07:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-01-20 07:07:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-01-20 07:07:03 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-01-20 07:06:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-01-20 07:06:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-01-20 07:06:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-01-20 07:06:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-01-20 07:06:37 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-01-20 07:06:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-01-20 07:06:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-01-20 07:06:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-01-20 07:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-01-20 07:06:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-01-20 07:06:04 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-01-20 07:05:59 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-01-20 07:05:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-01-20 07:05:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2011-01-20 07:05:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-20 07:05:35 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-01-20 07:05:30 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-01-20 07:05:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-01-20 07:05:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2011-01-20 07:05:09 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-01-20 07:05:04 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-01-20 07:04:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-01-20 07:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-01-20 07:04:49 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-01-20 07:04:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-01-20 07:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-01-19 20:39:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-01-19 20:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-01-19 20:38:52 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-01-19 20:38:46 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-01-19 20:38:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-01-19 20:38:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-01-19 20:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-01-19 20:38:05 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-01-19 20:37:54 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2011-01-19 20:37:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-01-19 20:37:25 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2011-01-19 20:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-01-19 20:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-01-19 20:37:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-01-19 20:37:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-01-19 20:37:01 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-01-19 20:36:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2011-01-19 20:36:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-01-19 20:36:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-01-19 20:36:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-01-19 20:36:32 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-01-19 20:36:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-01-19 20:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-01-19 20:35:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-01-19 20:34:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-01-19 20:34:28 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-01-19 20:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-01-19 20:33:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-01-19 20:33:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-01-19 20:33:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-01-19 20:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-01-19 20:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2011-01-19 20:33:12 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-01-19 20:33:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2011-01-19 20:32:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-01-19 20:32:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-01-19 20:32:15 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2011-01-19 20:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-01-19 20:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-01-19 20:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-01-19 20:31:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-01-19 20:31:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-01-19 20:31:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-01-19 20:31:11 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-01-19 20:31:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2011-01-19 20:30:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-01-19 20:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2011-01-19 20:30:20 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2011-01-19 20:29:46 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2011-01-19 20:29:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2011-01-19 20:29:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-01-19 20:28:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-01-19 20:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-01-19 20:28:14 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-01-19 20:28:09 ----D---- C:\WINDOWS\ie8updates
2011-01-19 20:28:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-01-19 20:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-01-19 20:26:41 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2011-01-19 20:26:37 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-01-19 20:26:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-01-19 20:26:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-01-19 05:44:47 ----N---- C:\WINDOWS\system32\browserchoice.exe
2011-01-19 05:32:45 ----A---- C:\WINDOWS\system32\xpsp4res.dll
2011-01-19 01:01:26 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2011-01-19 00:27:51 ----D---- C:\Program Files\MSXML 4.0
2011-01-19 00:19:46 ----A---- C:\WINDOWS\system32\MRT.exe
======List of files/folders modified in the last 1 months======
2011-02-15 12:56:22 ----RD---- C:\Program Files
2011-02-15 12:45:14 ----D---- C:\WINDOWS\Prefetch
2011-02-15 12:38:26 ----D---- C:\WINDOWS\Temp
2011-02-15 11:50:34 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-15 11:50:27 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2011-02-15 11:49:32 ----SD---- C:\WINDOWS\Tasks
2011-02-15 01:07:18 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2011-02-10 22:57:29 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt
2011-02-09 22:51:45 ----D---- C:\WINDOWS
2011-02-09 22:51:31 ----D---- C:\WINDOWS\system32
2011-02-09 22:40:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-09 22:40:36 ----HD---- C:\WINDOWS\inf
2011-02-09 22:40:30 ----SHD---- C:\WINDOWS\Installer
2011-02-09 22:38:20 ----D---- C:\WINDOWS\Debug
2011-02-09 22:38:06 ----D---- C:\Program Files\Internet Explorer
2011-02-09 22:37:52 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-09 22:33:53 ----D---- C:\Program Files\Common Files
2011-02-09 22:30:07 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2011-02-09 22:29:47 ----D---- C:\WINDOWS\Minidump
2011-02-09 22:23:05 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-05 17:21:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-27 19:40:29 ----D---- C:\Program Files\Lingea
2011-01-27 02:44:07 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-01-25 18:12:00 ----RSD---- C:\WINDOWS\Fonts
2011-01-25 18:11:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-25 18:11:30 ----D---- C:\WINDOWS\WinSxS
2011-01-25 18:11:29 ----D---- C:\Program Files\Microsoft Works
2011-01-25 03:27:04 ----D---- C:\WINDOWS\system32\drivers
2011-01-24 08:57:23 ----D---- C:\WINDOWS\Microsoft.NET
2011-01-24 08:57:20 ----RSD---- C:\WINDOWS\assembly
2011-01-24 00:52:34 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-23 03:49:52 ----D---- C:\WINDOWS\system32\en-US
2011-01-23 03:49:31 ----D---- C:\WINDOWS\system32\spool
2011-01-21 15:44:37 ----A---- C:\WINDOWS\system32\shimgvw.dll
2011-01-21 15:44:37 ----A---- C:\WINDOWS\system32\shell32.dll
2011-01-20 07:05:23 ----D---- C:\Program Files\Outlook Express
2011-01-20 06:33:59 ----D---- C:\WINDOWS\AppPatch
2011-01-20 06:33:58 ----D---- C:\WINDOWS\system32\wbem
2011-01-19 20:41:18 ----A---- C:\WINDOWS\win.ini
2011-01-19 20:38:49 ----D---- C:\Program Files\Messenger
2011-01-19 20:28:33 ----D---- C:\Program Files\Movie Maker
2011-01-19 12:29:16 ----A---- C:\WINDOWS\NeroDigital.ini
2011-01-19 01:01:26 ----D---- C:\Program Files\ESET
2011-01-19 00:54:55 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2011-01-19 00:54:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-01-19 00:23:11 ----D---- C:\WINDOWS\Help
2011-01-19 00:14:29 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-04-20 639224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-29 77568]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-04-24 281600]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-02-14 868298]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-02-14 67960]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-06-19 255896]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-01-21 6278560]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 NETw5x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit ; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-04-28 3626112]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-03-28 224672]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376]
S3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2007-05-31 1774080]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SunkFilt;Alcor Micro Corp Reader; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys []
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\drivers\UIUSys.sys [2005-02-02 6857]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VNUSB;VN Series Device; C:\WINDOWS\system32\DRIVERS\VNUSB.sys [2006-04-07 38496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-19 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-02-06 266295]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-18 810144]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-17 152984]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 UserAccess;SecuROM User Access Service; C:\WINDOWS\system32\UAService.exe [2009-08-06 126976]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2010-01-29 126976]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-03 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-18 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-02 165192]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-09 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-19 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu...
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu...
Zdravím, potřeboval bych ještě HJT
stáhni HijackThis zde: http://www.slunecnice.cz/sw/hijackthis/
nainstaluj a spusť -> klik Do a system scan and save a logfile -> vyskočí Poznámkový blok s logem -> jeho obsah sem zkopíruj.
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosim o kontrolu logu...
Take zdravim... Zde je log z HJT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:25:35 PM, on 2/15/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\Explorer.EXE
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Lingea Shared\luc.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\O2 Mobilni internet\O2 Mobilni internet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\user\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com/homepage.aspx?tbid=80093&lng=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80093
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=en
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80093
R3 - URLSearchHook: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: WinAVI FLVSense - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O3 - Toolbar: EFOToolbar - {AB26BF6C-BB04-4F00-8F98-BDE786CDE97D} - C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll
O3 - Toolbar: Gretech Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &3D Satellite Search - res://C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll/GoSatteliteSearch.dll.htm
O8 - Extra context menu item: &Download FLV by WinAVI... - C:\Program Files\WinAVI FLV Converter\flv_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: S&earchSave Web Search - res://C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll/GoWebSearch.dll.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Pøeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový pøekladaè... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O9 - Extra 'Tools' menuitem: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9978763890
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/i ... ction2.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/ ... 586-jc.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D2E757E-34A7-41EC-8E53-749B6FA6313C}: NameServer = 160.218.161.60 194.228.211.33
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SecuROM User Access Service (UserAccess) - Unknown owner - C:\WINDOWS\system32\UAService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
--
End of file - 12337 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:25:35 PM, on 2/15/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\Explorer.EXE
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Lingea Shared\luc.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\O2 Mobilni internet\O2 Mobilni internet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\user\Desktop\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com/homepage.aspx?tbid=80093&lng=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80093
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=en
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80093
R3 - URLSearchHook: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: WinAVI FLVSense - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O3 - Toolbar: EFOToolbar - {AB26BF6C-BB04-4F00-8F98-BDE786CDE97D} - C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll
O3 - Toolbar: Gretech Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &3D Satellite Search - res://C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll/GoSatteliteSearch.dll.htm
O8 - Extra context menu item: &Download FLV by WinAVI... - C:\Program Files\WinAVI FLV Converter\flv_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: S&earchSave Web Search - res://C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll/GoWebSearch.dll.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Pøeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový pøekladaè... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O9 - Extra 'Tools' menuitem: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9978763890
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/i ... ction2.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/ ... 586-jc.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D2E757E-34A7-41EC-8E53-749B6FA6313C}: NameServer = 160.218.161.60 194.228.211.33
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SecuROM User Access Service (UserAccess) - Unknown owner - C:\WINDOWS\system32\UAService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
--
End of file - 12337 bytes
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu...
Nezdá se mi, že by tam bylo něco závažného.
Jen pro jistotu
pak bych ti ještě zastavil některé zbytečnosti
Jen pro jistotu
Stáhni a nainstaluj MBAM zde http://www.download.com/Malwarebytes-An ... tag=button
Spustit > na 3.záložce "Aktualizace" > Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Rychlá kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení
pak bych ti ještě zastavil některé zbytečnostiDoporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosim o kontrolu logu...
Diky. MBAM neco nasel... Nize je log.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5768
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2/15/2011 4:14:41 PM
mbam-log-2011-02-15 (16-14-33).txt
Scan type: Quick scan
Objects scanned: 138034
Time elapsed: 2 minute(s), 48 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\10DPP6O2VE (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ZE18MW23GY (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5768
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2/15/2011 4:14:41 PM
mbam-log-2011-02-15 (16-14-33).txt
Scan type: Quick scan
Objects scanned: 138034
Time elapsed: 2 minute(s), 48 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\10DPP6O2VE (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ZE18MW23GY (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu...
MBAM spustit znovu - dát Úplná kontrola
vyběhne log, ve kterém budou záznamy tohoto typu:
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\xxxxxx -> Quarantined and deleted successfully.
ten bych taky rád viděl
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosim o kontrolu logu...
Vse jsem provedl podle instrukci a zde je novy log z MBAM:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5768
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2/15/2011 6:41:46 PM
mbam-log-2011-02-15 (18-41-46).txt
Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Objects scanned: 236763
Time elapsed: 40 minute(s), 3 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\10DPP6O2VE (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ZE18MW23GY (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\documents and settings\user\Desktop\FSS\psycholog\soft\fr08v101.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 5768
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
2/15/2011 6:41:46 PM
mbam-log-2011-02-15 (18-41-46).txt
Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)
Objects scanned: 236763
Time elapsed: 40 minute(s), 3 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\10DPP6O2VE (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ZE18MW23GY (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\documents and settings\user\Desktop\FSS\psycholog\soft\fr08v101.exe (Malware.Packer.Krunchy) -> Quarantined and deleted successfully.
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu...
MBAM v pořádku ESET je licencovaný?měl jsi tam Avast - proč je pryč?
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosim o kontrolu logu...
S antiviry je to slozite - mel jsem slibeny z prace licencovany ESET, tak jsem odinstaloval AVAST a dal ESET (mesic zadarmo, abych vyzkousel), ale nakonec licencovany ESET nebude 
, tudiz asi znovu dam AVAST. Nebo ktery zadarmo bys doporucil? Diky.
, tudiz asi znovu dam AVAST. Nebo ktery zadarmo bys doporucil? Diky.-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu...
S Avastem jsem spokojený a mohu doporučit Avast5 - http://www.slunecnice.cz/sw/avast-free-antivirus/
Eset odinstaluj http://kb.eset.com/esetkb/index?page=co ... d=SOLN2116
případně info from James008 - http://www.viry.cz/forum/viewtopic.php?p=889437#p889437
Až provedeš, dej RSIT podle kterého ještě uklidíme zbytečnosti
Eset odinstaluj http://kb.eset.com/esetkb/index?page=co ... d=SOLN2116
případně info from James008 - http://www.viry.cz/forum/viewtopic.php?p=889437#p889437
Až provedeš, dej RSIT podle kterého ještě uklidíme zbytečnosti
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosim o kontrolu logu...
Zde je RSIT log. Diky...
Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2011-02-15 23:06:25
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 108 GB (45%) free of 238 GB
Total RAM: 2039 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:06:48 PM, on 2/15/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService.exe
C:\WINDOWS\system32\UAService7.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Lingea Shared\luc.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\O2 Mobilni internet\O2 Mobilni internet.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Documents and Settings\user\Desktop\RSIT.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com/homepage.aspx?tbid=80093&lng=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80093
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=en
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80093
R3 - URLSearchHook: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: WinAVI FLVSense - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O3 - Toolbar: EFOToolbar - {AB26BF6C-BB04-4F00-8F98-BDE786CDE97D} - C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll
O3 - Toolbar: Gretech Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &3D Satellite Search - res://C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll/GoSatteliteSearch.dll.htm
O8 - Extra context menu item: &Download FLV by WinAVI... - C:\Program Files\WinAVI FLV Converter\flv_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: S&earchSave Web Search - res://C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll/GoWebSearch.dll.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Pøeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový pøekladaè... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O9 - Extra 'Tools' menuitem: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9978763890
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/i ... ction2.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/ ... 586-jc.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D2E757E-34A7-41EC-8E53-749B6FA6313C}: NameServer = 160.218.161.60 194.228.211.33
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SecuROM User Access Service (UserAccess) - Unknown owner - C:\WINDOWS\system32\UAService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
--
End of file - 12224 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-329068152-2025429265-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-329068152-2025429265-725345543-1004.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-01-03 382720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-07-29 806904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Gretech Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-17 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-17 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B}]
WinAVI FLVSense - C:\Program Files\WinAVI FLV Converter\FLVTune.dll [2008-01-28 114688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{AB26BF6C-BB04-4F00-8F98-BDE786CDE97D} - EFOToolbar - C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll [2009-04-23 266240]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Gretech Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-07-29 806904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2011-01-03 274608]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608]
"DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"CTSyncU.exe"=C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe [2006-08-07 700416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2009-01-21 166912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2009-01-21 134656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-06 54832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2009-01-21 134656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-04 177456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-06 872448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-17 148888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunKistEM]
C:\Program Files\Digital Media Reader\shwiconem.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1040384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UIUCU]
C:\DOCUME~1\user\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-02-06 561213]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Device Detector 3.lnk - C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\user\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-01-21 205824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\WINDOWS\system32\logonui.exe"="C:\WINDOWS\system32\logonui.exe:*:Enabled:logonui"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\Program Files\CyberLink\Shared Files\RichVideo.exe"="C:\Program Files\CyberLink\Shared Files\RichVideo.exe:*:Enabled:RichVideo"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:services"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\WINDOWS\system32\wbem\wmiprvse.exe"="C:\WINDOWS\system32\wbem\wmiprvse.exe:*:Enabled:wmiprvse"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass"
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"="C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe:*:Enabled:mscorsvw"
"C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe"="C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe:*:Enabled:btwdins"
"C:\Program Files\Alwil Software\Avast4\ashServ.exe"="C:\Program Files\Alwil Software\Avast4\ashServ.exe:*:Enabled:ashServ"
"C:\Program Files\SPSSInc\Statistics17\statistics.exe"="C:\Program Files\SPSSInc\Statistics17\statistics.exe:*:Disabled:Statistics17:exe"
"C:\Program Files\SPSSInc\Statistics17\SPSSWinWrapIDE.exe"="C:\Program Files\SPSSInc\Statistics17\SPSSWinWrapIDE.exe:*:Disabled:SPSS Basic Script Editor"
"C:\Program Files\SPSSInc\Statistics17\statistics.com"="C:\Program Files\SPSSInc\Statistics17\statistics.com:*:Disabled:Statistics17:com"
"C:\Program Files\SPSSInc\PASWStatistics18\WinWrapIDE.exe"="C:\Program Files\SPSSInc\PASWStatistics18\WinWrapIDE.exe:*:Disabled:SPSS Basic Script Editor"
"C:\Program Files\SPSSInc\PASWStatistics18\paswstat.exe"="C:\Program Files\SPSSInc\PASWStatistics18\paswstat.exe:*:Disabled:Statistics18:exe"
"C:\Program Files\SPSSInc\PASWStatistics18\paswstat.com"="C:\Program Files\SPSSInc\PASWStatistics18\paswstat.com:*:Disabled:Statistics18:com"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2011-02-15 22:55:32 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-02-15 22:55:32 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-02-15 22:55:31 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-02-15 22:55:31 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-02-15 22:55:30 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-02-15 22:55:30 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-02-15 22:55:29 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-02-15 22:55:15 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-02-15 22:39:56 ----SHD---- C:\Config.Msi
2011-02-15 16:10:35 ----D---- C:\Documents and Settings\user\Application Data\Malwarebytes
2011-02-15 16:10:25 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-02-15 16:10:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-02-15 16:10:20 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-02-15 16:10:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-02-15 12:56:22 ----D---- C:\Program Files\trend micro
2011-02-15 12:56:21 ----D---- C:\rsit
2011-02-09 22:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-09 22:39:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-09 22:39:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-09 22:39:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-09 22:37:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-09 22:37:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-09 22:37:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-02-09 22:25:37 ----D---- C:\Program Files\CCleaner
2011-01-27 19:40:44 ----D---- C:\Program Files\Common Files\Lingea Shared
2011-01-24 00:52:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-01-23 03:49:55 ----D---- C:\WINDOWS\system32\XPSViewer
2011-01-23 03:49:52 ----D---- C:\Program Files\MSBuild
2011-01-23 03:49:44 ----D---- C:\Program Files\Reference Assemblies
2011-01-23 03:49:17 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2011-01-23 03:49:17 ----N---- C:\WINDOWS\system32\prntvpt.dll
2011-01-23 03:49:16 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2011-01-23 03:49:16 ----D---- C:\9b2395c3f1a6b86580542cc8
2011-01-22 15:34:39 ----A---- C:\WINDOWS\system32\drivers\hidserv.dll
2011-01-21 14:55:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-01-21 14:55:28 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-01-21 14:55:22 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-01-21 14:55:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2011-01-20 07:07:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2011-01-20 07:07:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-01-20 07:07:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-01-20 07:07:03 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-01-20 07:06:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-01-20 07:06:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-01-20 07:06:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-01-20 07:06:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-01-20 07:06:37 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-01-20 07:06:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-01-20 07:06:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-01-20 07:06:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-01-20 07:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-01-20 07:06:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-01-20 07:06:04 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-01-20 07:05:59 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-01-20 07:05:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-01-20 07:05:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2011-01-20 07:05:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-20 07:05:35 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-01-20 07:05:30 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-01-20 07:05:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-01-20 07:05:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2011-01-20 07:05:09 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-01-20 07:05:04 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-01-20 07:04:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-01-20 07:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-01-20 07:04:49 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-01-20 07:04:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-01-20 07:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-01-19 20:39:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-01-19 20:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-01-19 20:38:52 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-01-19 20:38:46 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-01-19 20:38:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-01-19 20:38:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-01-19 20:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-01-19 20:38:05 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-01-19 20:37:54 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2011-01-19 20:37:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-01-19 20:37:25 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2011-01-19 20:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-01-19 20:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-01-19 20:37:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-01-19 20:37:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-01-19 20:37:01 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-01-19 20:36:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2011-01-19 20:36:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-01-19 20:36:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-01-19 20:36:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-01-19 20:36:32 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-01-19 20:36:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-01-19 20:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-01-19 20:35:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-01-19 20:34:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-01-19 20:34:28 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-01-19 20:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-01-19 20:33:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-01-19 20:33:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-01-19 20:33:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-01-19 20:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-01-19 20:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2011-01-19 20:33:12 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-01-19 20:33:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2011-01-19 20:32:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-01-19 20:32:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-01-19 20:32:15 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2011-01-19 20:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-01-19 20:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-01-19 20:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-01-19 20:31:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-01-19 20:31:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-01-19 20:31:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-01-19 20:31:11 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-01-19 20:31:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2011-01-19 20:30:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-01-19 20:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2011-01-19 20:30:20 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2011-01-19 20:29:46 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2011-01-19 20:29:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2011-01-19 20:29:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-01-19 20:28:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-01-19 20:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-01-19 20:28:14 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-01-19 20:28:09 ----D---- C:\WINDOWS\ie8updates
2011-01-19 20:28:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-01-19 20:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-01-19 20:26:41 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2011-01-19 20:26:37 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-01-19 20:26:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-01-19 20:26:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-01-19 05:44:47 ----N---- C:\WINDOWS\system32\browserchoice.exe
2011-01-19 05:32:45 ----A---- C:\WINDOWS\system32\xpsp4res.dll
2011-01-19 00:27:51 ----D---- C:\Program Files\MSXML 4.0
2011-01-19 00:19:46 ----A---- C:\WINDOWS\system32\MRT.exe
======List of files/folders modified in the last 1 months======
2011-02-15 23:06:40 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2011-02-15 23:06:36 ----D---- C:\WINDOWS\Temp
2011-02-15 23:04:24 ----D---- C:\WINDOWS\Debug
2011-02-15 23:04:24 ----D---- C:\WINDOWS
2011-02-15 23:02:54 ----D---- C:\WINDOWS\Prefetch
2011-02-15 22:55:32 ----D---- C:\WINDOWS\system32\drivers
2011-02-15 22:55:28 ----SHD---- C:\WINDOWS\Installer
2011-02-15 22:55:27 ----D---- C:\WINDOWS\WinSxS
2011-02-15 22:55:15 ----D---- C:\WINDOWS\system32
2011-02-15 22:55:09 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2011-02-15 22:53:56 ----SD---- C:\WINDOWS\Tasks
2011-02-15 22:47:01 ----RD---- C:\Program Files
2011-02-15 22:40:39 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-02-15 22:40:02 ----HD---- C:\WINDOWS\inf
2011-02-15 22:40:00 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-15 21:04:07 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2011-02-10 22:57:29 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt
2011-02-09 22:40:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-09 22:38:06 ----D---- C:\Program Files\Internet Explorer
2011-02-09 22:37:52 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-09 22:33:53 ----D---- C:\Program Files\Common Files
2011-02-09 22:30:07 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2011-02-09 22:29:47 ----D---- C:\WINDOWS\Minidump
2011-02-05 17:21:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-27 19:40:29 ----D---- C:\Program Files\Lingea
2011-01-27 02:44:07 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-01-25 18:12:00 ----RSD---- C:\WINDOWS\Fonts
2011-01-25 18:11:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-25 18:11:29 ----D---- C:\Program Files\Microsoft Works
2011-01-24 08:57:23 ----D---- C:\WINDOWS\Microsoft.NET
2011-01-24 08:57:20 ----RSD---- C:\WINDOWS\assembly
2011-01-24 00:52:34 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-23 03:49:52 ----D---- C:\WINDOWS\system32\en-US
2011-01-23 03:49:31 ----D---- C:\WINDOWS\system32\spool
2011-01-21 15:44:37 ----A---- C:\WINDOWS\system32\shimgvw.dll
2011-01-21 15:44:37 ----A---- C:\WINDOWS\system32\shell32.dll
2011-01-20 07:05:23 ----D---- C:\Program Files\Outlook Express
2011-01-20 06:33:59 ----D---- C:\WINDOWS\AppPatch
2011-01-20 06:33:58 ----D---- C:\WINDOWS\system32\wbem
2011-01-19 20:41:18 ----A---- C:\WINDOWS\win.ini
2011-01-19 20:38:49 ----D---- C:\Program Files\Messenger
2011-01-19 20:28:33 ----D---- C:\Program Files\Movie Maker
2011-01-19 12:29:16 ----A---- C:\WINDOWS\NeroDigital.ini
2011-01-19 00:54:55 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2011-01-19 00:54:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-01-19 00:23:11 ----D---- C:\WINDOWS\Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-04-20 639224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-29 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-04-24 281600]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-02-14 868298]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-02-14 67960]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-06-19 255896]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-01-21 6278560]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 NETw5x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit ; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-04-28 3626112]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-03-28 224672]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2007-05-31 1774080]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SunkFilt;Alcor Micro Corp Reader; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys []
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\drivers\UIUSys.sys [2005-02-02 6857]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VNUSB;VN Series Device; C:\WINDOWS\system32\DRIVERS\VNUSB.sys [2006-04-07 38496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-19 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-02-06 266295]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-17 152984]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 UserAccess;SecuROM User Access Service; C:\WINDOWS\system32\UAService.exe [2009-08-06 126976]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2010-01-29 126976]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-03 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-02 165192]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-09 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-19 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2011-02-15 23:06:25
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 108 GB (45%) free of 238 GB
Total RAM: 2039 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:06:48 PM, on 2/15/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService.exe
C:\WINDOWS\system32\UAService7.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Lingea Shared\luc.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\O2 Mobilni internet\O2 Mobilni internet.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Documents and Settings\user\Desktop\RSIT.exe
C:\Program Files\trend micro\user.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox.com/search/dispatc ... &%language
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.inbox.com/homepage.aspx?tbid=80093&lng=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80093
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... =11&lng=en
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80093
R3 - URLSearchHook: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: WinAVI FLVSense - {E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O3 - Toolbar: EFOToolbar - {AB26BF6C-BB04-4F00-8F98-BDE786CDE97D} - C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll
O3 - Toolbar: Gretech Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &3D Satellite Search - res://C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll/GoSatteliteSearch.dll.htm
O8 - Extra context menu item: &Download FLV by WinAVI... - C:\Program Files\WinAVI FLV Converter\flv_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: S&earchSave Web Search - res://C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll/GoWebSearch.dll.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Pøeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový pøekladaè... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O9 - Extra 'Tools' menuitem: WinAVI FLV Manager - {DE365254-2F9B-4908-9E3A-7AAA6EC90BCC} - C:\Program Files\WinAVI FLV Converter\FLVTune.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9978763890
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/i ... ction2.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-09.sun.com/s/ESD7/JSCDL/ ... 586-jc.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O16 - DPF: {E6BB2089-163F-466B-812A-748096614DFD} (CAScanner Control) - http://cainternetsecurity.net/scanner/cascanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D2E757E-34A7-41EC-8E53-749B6FA6313C}: NameServer = 160.218.161.60 194.228.211.33
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SecuROM User Access Service (UserAccess) - Unknown owner - C:\WINDOWS\system32\UAService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
--
End of file - 12224 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-329068152-2025429265-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-329068152-2025429265-725345543-1004.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-01-03 382720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C08DF07A-3E49-4E25-9AB0-D3882835F153}]
QUICKfind BHO Object - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll [2007-02-16 457216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-07-29 806904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Gretech Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-17 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-04-17 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DF67A1-B618-4F3F-9E7C-CBE175ADEF5B}]
WinAVI FLVSense - C:\Program Files\WinAVI FLV Converter\FLVTune.dll [2008-01-28 114688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{AB26BF6C-BB04-4F00-8F98-BDE786CDE97D} - EFOToolbar - C:\Documents and Settings\user\Application Data\OSI\dlls\EFOToolbar.dll [2009-04-23 266240]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Gretech Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-07-29 806904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2011-01-03 274608]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608]
"DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"CTSyncU.exe"=C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe [2006-08-07 700416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe [2009-01-21 166912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe [2009-01-21 134656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-06 54832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2009-01-21 134656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-06-04 177456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-06 872448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-17 148888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunKistEM]
C:\Program Files\Digital Media Reader\shwiconem.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1040384]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UIUCU]
C:\DOCUME~1\user\LOCALS~1\Temp\UIUCU.EXE -CLEAN_UP -S []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-02-06 561213]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Device Detector 3.lnk - C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\user\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe
MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-01-21 205824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\WINDOWS\system32\logonui.exe"="C:\WINDOWS\system32\logonui.exe:*:Enabled:logonui"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:spoolsv"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\Program Files\CyberLink\Shared Files\RichVideo.exe"="C:\Program Files\CyberLink\Shared Files\RichVideo.exe:*:Enabled:RichVideo"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:services"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\WINDOWS\system32\wbem\wmiprvse.exe"="C:\WINDOWS\system32\wbem\wmiprvse.exe:*:Enabled:wmiprvse"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass"
"C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"="C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe:*:Enabled:mscorsvw"
"C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe"="C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe:*:Enabled:btwdins"
"C:\Program Files\Alwil Software\Avast4\ashServ.exe"="C:\Program Files\Alwil Software\Avast4\ashServ.exe:*:Enabled:ashServ"
"C:\Program Files\SPSSInc\Statistics17\statistics.exe"="C:\Program Files\SPSSInc\Statistics17\statistics.exe:*:Disabled:Statistics17:exe"
"C:\Program Files\SPSSInc\Statistics17\SPSSWinWrapIDE.exe"="C:\Program Files\SPSSInc\Statistics17\SPSSWinWrapIDE.exe:*:Disabled:SPSS Basic Script Editor"
"C:\Program Files\SPSSInc\Statistics17\statistics.com"="C:\Program Files\SPSSInc\Statistics17\statistics.com:*:Disabled:Statistics17:com"
"C:\Program Files\SPSSInc\PASWStatistics18\WinWrapIDE.exe"="C:\Program Files\SPSSInc\PASWStatistics18\WinWrapIDE.exe:*:Disabled:SPSS Basic Script Editor"
"C:\Program Files\SPSSInc\PASWStatistics18\paswstat.exe"="C:\Program Files\SPSSInc\PASWStatistics18\paswstat.exe:*:Disabled:Statistics18:exe"
"C:\Program Files\SPSSInc\PASWStatistics18\paswstat.com"="C:\Program Files\SPSSInc\PASWStatistics18\paswstat.com:*:Disabled:Statistics18:com"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2011-02-15 22:55:32 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-02-15 22:55:32 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-02-15 22:55:31 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-02-15 22:55:31 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-02-15 22:55:30 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-02-15 22:55:30 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-02-15 22:55:29 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-02-15 22:55:15 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-02-15 22:39:56 ----SHD---- C:\Config.Msi
2011-02-15 16:10:35 ----D---- C:\Documents and Settings\user\Application Data\Malwarebytes
2011-02-15 16:10:25 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-02-15 16:10:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-02-15 16:10:20 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-02-15 16:10:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-02-15 12:56:22 ----D---- C:\Program Files\trend micro
2011-02-15 12:56:21 ----D---- C:\rsit
2011-02-09 22:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-09 22:39:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-09 22:39:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-09 22:39:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-09 22:37:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-09 22:37:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-09 22:37:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-02-09 22:25:37 ----D---- C:\Program Files\CCleaner
2011-01-27 19:40:44 ----D---- C:\Program Files\Common Files\Lingea Shared
2011-01-24 00:52:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-01-23 03:49:55 ----D---- C:\WINDOWS\system32\XPSViewer
2011-01-23 03:49:52 ----D---- C:\Program Files\MSBuild
2011-01-23 03:49:44 ----D---- C:\Program Files\Reference Assemblies
2011-01-23 03:49:17 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2011-01-23 03:49:17 ----N---- C:\WINDOWS\system32\prntvpt.dll
2011-01-23 03:49:16 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2011-01-23 03:49:16 ----D---- C:\9b2395c3f1a6b86580542cc8
2011-01-22 15:34:39 ----A---- C:\WINDOWS\system32\drivers\hidserv.dll
2011-01-21 14:55:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-01-21 14:55:28 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-01-21 14:55:22 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-01-21 14:55:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2011-01-20 07:07:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2011-01-20 07:07:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-01-20 07:07:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-01-20 07:07:03 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-01-20 07:06:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-01-20 07:06:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-01-20 07:06:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-01-20 07:06:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-01-20 07:06:37 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-01-20 07:06:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-01-20 07:06:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-01-20 07:06:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-01-20 07:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-01-20 07:06:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-01-20 07:06:04 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-01-20 07:05:59 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-01-20 07:05:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-01-20 07:05:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2011-01-20 07:05:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-20 07:05:35 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-01-20 07:05:30 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-01-20 07:05:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-01-20 07:05:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2011-01-20 07:05:09 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-01-20 07:05:04 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-01-20 07:04:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-01-20 07:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-01-20 07:04:49 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-01-20 07:04:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-01-20 07:04:01 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-01-19 20:39:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-01-19 20:38:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-01-19 20:38:52 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-01-19 20:38:46 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-01-19 20:38:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-01-19 20:38:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-01-19 20:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-01-19 20:38:05 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-01-19 20:37:54 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2011-01-19 20:37:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-01-19 20:37:25 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2011-01-19 20:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-01-19 20:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-01-19 20:37:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-01-19 20:37:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-01-19 20:37:01 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-01-19 20:36:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2011-01-19 20:36:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-01-19 20:36:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-01-19 20:36:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-01-19 20:36:32 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-01-19 20:36:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-01-19 20:35:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-01-19 20:35:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-01-19 20:34:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-01-19 20:34:28 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-01-19 20:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-01-19 20:33:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-01-19 20:33:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-01-19 20:33:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-01-19 20:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-01-19 20:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2011-01-19 20:33:12 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-01-19 20:33:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2011-01-19 20:32:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-01-19 20:32:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-01-19 20:32:15 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2011-01-19 20:31:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-01-19 20:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-01-19 20:31:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-01-19 20:31:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-01-19 20:31:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-01-19 20:31:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-01-19 20:31:11 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-01-19 20:31:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2011-01-19 20:30:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-01-19 20:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2011-01-19 20:30:20 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2011-01-19 20:29:46 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2011-01-19 20:29:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2011-01-19 20:29:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-01-19 20:28:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-01-19 20:28:31 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-01-19 20:28:14 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-01-19 20:28:09 ----D---- C:\WINDOWS\ie8updates
2011-01-19 20:28:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-01-19 20:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-01-19 20:26:41 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2011-01-19 20:26:37 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-01-19 20:26:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-01-19 20:26:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-01-19 05:44:47 ----N---- C:\WINDOWS\system32\browserchoice.exe
2011-01-19 05:32:45 ----A---- C:\WINDOWS\system32\xpsp4res.dll
2011-01-19 00:27:51 ----D---- C:\Program Files\MSXML 4.0
2011-01-19 00:19:46 ----A---- C:\WINDOWS\system32\MRT.exe
======List of files/folders modified in the last 1 months======
2011-02-15 23:06:40 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2011-02-15 23:06:36 ----D---- C:\WINDOWS\Temp
2011-02-15 23:04:24 ----D---- C:\WINDOWS\Debug
2011-02-15 23:04:24 ----D---- C:\WINDOWS
2011-02-15 23:02:54 ----D---- C:\WINDOWS\Prefetch
2011-02-15 22:55:32 ----D---- C:\WINDOWS\system32\drivers
2011-02-15 22:55:28 ----SHD---- C:\WINDOWS\Installer
2011-02-15 22:55:27 ----D---- C:\WINDOWS\WinSxS
2011-02-15 22:55:15 ----D---- C:\WINDOWS\system32
2011-02-15 22:55:09 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2011-02-15 22:53:56 ----SD---- C:\WINDOWS\Tasks
2011-02-15 22:47:01 ----RD---- C:\Program Files
2011-02-15 22:40:39 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-02-15 22:40:02 ----HD---- C:\WINDOWS\inf
2011-02-15 22:40:00 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-15 21:04:07 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2011-02-10 22:57:29 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt
2011-02-09 22:40:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-09 22:38:06 ----D---- C:\Program Files\Internet Explorer
2011-02-09 22:37:52 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-09 22:33:53 ----D---- C:\Program Files\Common Files
2011-02-09 22:30:07 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2011-02-09 22:29:47 ----D---- C:\WINDOWS\Minidump
2011-02-05 17:21:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-27 19:40:29 ----D---- C:\Program Files\Lingea
2011-01-27 02:44:07 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-01-25 18:12:00 ----RSD---- C:\WINDOWS\Fonts
2011-01-25 18:11:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-25 18:11:29 ----D---- C:\Program Files\Microsoft Works
2011-01-24 08:57:23 ----D---- C:\WINDOWS\Microsoft.NET
2011-01-24 08:57:20 ----RSD---- C:\WINDOWS\assembly
2011-01-24 00:52:34 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-23 03:49:52 ----D---- C:\WINDOWS\system32\en-US
2011-01-23 03:49:31 ----D---- C:\WINDOWS\system32\spool
2011-01-21 15:44:37 ----A---- C:\WINDOWS\system32\shimgvw.dll
2011-01-21 15:44:37 ----A---- C:\WINDOWS\system32\shell32.dll
2011-01-20 07:05:23 ----D---- C:\Program Files\Outlook Express
2011-01-20 06:33:59 ----D---- C:\WINDOWS\AppPatch
2011-01-20 06:33:58 ----D---- C:\WINDOWS\system32\wbem
2011-01-19 20:41:18 ----A---- C:\WINDOWS\win.ini
2011-01-19 20:38:49 ----D---- C:\Program Files\Messenger
2011-01-19 20:28:33 ----D---- C:\Program Files\Movie Maker
2011-01-19 12:29:16 ----A---- C:\WINDOWS\NeroDigital.ini
2011-01-19 00:54:55 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2011-01-19 00:54:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-01-19 00:23:11 ----D---- C:\WINDOWS\Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-04-20 639224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-29 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2008-04-24 281600]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-02-14 868298]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-02-14 67960]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-06-19 255896]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2008-04-28 9344]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-01-21 6278560]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2009-02-24 116736]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 NETw5x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit ; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2008-04-28 3626112]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-03-28 224672]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2007-05-31 1774080]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SunkFilt;Alcor Micro Corp Reader; \??\C:\WINDOWS\System32\Drivers\sunkfilt.sys []
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\drivers\UIUSys.sys [2005-02-02 6857]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 VNUSB;VN Series Device; C:\WINDOWS\system32\DRIVERS\VNUSB.sys [2006-04-07 38496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-19 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-02-06 266295]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-04-17 152984]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 UserAccess;SecuROM User Access Service; C:\WINDOWS\system32\UAService.exe [2009-08-06 126976]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2010-01-29 126976]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-03 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-02 165192]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-09 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-19 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu...
Script OTMStáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe
Spusť program „OTM.exe“ (pro Vistu a Win7 – pravým a „Run As Administrator“).
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“
Klikni na červené „Moveit!“
Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\
Kód: Vybrat vše
:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-329068152-2025429265-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-329068152-2025429265-725345543-1004.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\Program Files\Ask.com
:Services
gupdate
JavaQuickStarterService
NMIndexingService
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"TkBellExe"=-
"DivXUpdate"=-
:Commands
[PURITY]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[REBOOT]-----------------------------------------
v HJT -> "Do a system scan only" (řádky R3, O2, O3) můžeš zablokovat taskbary které nepoužíváš fajfkou do čtverečku před řádkem -> "Fix checked" -> OK-----------------------------------------
Mohu doporučit kontrolu a vyčištění Ccleanerem
-----------------------------------------Stáhni Ccleaner - http://www.slunecnice.cz/sw/ccleaner/
Při instalaci vyhodit fajfku u "Instalovat Yahoo! Toolbar" (pokud bude v nabídce)
zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.
spustit "Nástroje" > "Start" - tady můžeš zkusit deaktivovat procesy, které při spuštění nepotřebuješ (pokud by ti potom něco nechodilo, stejným způsobem je povolíš)
+defraggler a mohlo by být hotovo 
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: Prosim o kontrolu logu...
Nevim, jestli jsem mel poslat log z OTM - pro jistotu posilam nize... Vse jsem udelal podle instrukci. MOCKRAT DEKUJI...
All processes killed
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002516_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set143.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set144.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22B9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP239E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP23D2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24B9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2590.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP25AF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2685.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26BA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26C6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A9C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B4B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C2F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C4E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3F1.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4B5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8CC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCF.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI32.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt26.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\05de3020795d8dcc7aee45787c2216a2\BIT4D.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\0f5df78ce993f27db6c78188633be00b\BIT4B.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\13845fb1668dcf3e1108eea4eb534172\BIT47.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\2006c93acdb066bdfcaef21319037e32\BIT48.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\2064d652e93807b954225d9ba4a6b219\BIT44.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\35137d2dad4f679583aebfa40255f1b6\BIT4F.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\3845068ed327bc2e46e418df87819139\BIT46.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\50da95743d18a987b7b6ef3a3999d490\BIT4C.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\82268b093bffa7ba1c5cfb0dada0d09f\BIT41.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\9664ff6405d9e0e32778ca8618d4be26\BIT4A.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\97de84be36b27af6e66a0586433cda52\BIT49.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\9e5c952a7afe642e94de2f5bef578ba8\BIT3D.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\bea0ec052f9fb30876ce0b314fb5e9e8\BIT4E.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\c9e0a1f39e0cc4f28d528e7663acf15f\BIT40.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\cfda6a5f0253f13aa506464213273105\BIT45.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\f1092d1fd4234f8be26835d1f7b0bdcb\BIT3E.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\f933472eb8131bfff7bb4b909a21dd8e\BIT3F.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\Temp\CR_2CC.tmp folder moved successfully.
C:\WINDOWS\Temp\CR_AC0.tmp folder moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-329068152-2025429265-725345543-1004.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-329068152-2025429265-725345543-1004.job moved successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\Program Files\Ask.com folder moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 2427613 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: user
->Temp folder emptied: 152725936 bytes
->Temporary Internet Files folder emptied: 1861528 bytes
->Java cache emptied: 9389644 bytes
->FireFox cache emptied: 55491466 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 6009 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22684506 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 78117218 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 308.00 mb
Restore points cleared and new OTM Restore Point set!
OTM by OldTimer - Version 3.1.17.2 log created on 02162011_091858
Files moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002516_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set143.tmp moved successfully.
C:\WINDOWS\$NtServicePackUninstall$\set144.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22B9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP239E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP23D2.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24B9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2590.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP25AF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2685.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26BA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26C6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A9C.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2B4B.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C2F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2C4E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3F1.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4B5.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8CC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCF.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI32.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt26.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\05de3020795d8dcc7aee45787c2216a2\BIT4D.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\0f5df78ce993f27db6c78188633be00b\BIT4B.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\13845fb1668dcf3e1108eea4eb534172\BIT47.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\2006c93acdb066bdfcaef21319037e32\BIT48.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\2064d652e93807b954225d9ba4a6b219\BIT44.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\35137d2dad4f679583aebfa40255f1b6\BIT4F.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\3845068ed327bc2e46e418df87819139\BIT46.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\50da95743d18a987b7b6ef3a3999d490\BIT4C.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\82268b093bffa7ba1c5cfb0dada0d09f\BIT41.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\9664ff6405d9e0e32778ca8618d4be26\BIT4A.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\97de84be36b27af6e66a0586433cda52\BIT49.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\9e5c952a7afe642e94de2f5bef578ba8\BIT3D.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\bea0ec052f9fb30876ce0b314fb5e9e8\BIT4E.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\c9e0a1f39e0cc4f28d528e7663acf15f\BIT40.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\cfda6a5f0253f13aa506464213273105\BIT45.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\f1092d1fd4234f8be26835d1f7b0bdcb\BIT3E.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\Download\f933472eb8131bfff7bb4b909a21dd8e\BIT3F.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\Temp\CR_2CC.tmp folder moved successfully.
C:\WINDOWS\Temp\CR_AC0.tmp folder moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job moved successfully.
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-329068152-2025429265-725345543-1004.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-329068152-2025429265-725345543-1004.job moved successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\Program Files\Ask.com folder moved successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service NMIndexingService stopped successfully!
Service NMIndexingService deleted successfully!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 2427613 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: user
->Temp folder emptied: 152725936 bytes
->Temporary Internet Files folder emptied: 1861528 bytes
->Java cache emptied: 9389644 bytes
->FireFox cache emptied: 55491466 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 6009 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22684506 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 78117218 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 308.00 mb
Restore points cleared and new OTM Restore Point set!
OTM by OldTimer - Version 3.1.17.2 log created on 02162011_091858
Files moved on Reboot...
Registry entries deleted on Reboot...
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu...
vypadá to, že se zadařilo - a snad ti všechno funguje
Nemáš zač - rádo se stalo a jsme tady i příště
Nemáš zač - rádo se stalo a jsme tady i příště
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Přispějete na provoz fóra?