Preventivka mrkew 14. 5. 2011

[mrkew2]

Předem děkuji za zkontrolování logu.

Logfile of random's system information tool 1.08 (written by random/random)
Run by PC at 2011-05-14 17:24:43
Microsoft Windows 7 Ultimate
System drive C: has 12 GB (23%) free of 50 GB
Total RAM: 3068 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:25:19, on 14.5.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16766)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\IObit\Game Booster\gbtray.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Icon7\iConfig for Gamers\Tray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\wopt021\WLAN Optimizer.exe
D:\Games\Steam\steam.exe
C:\Program Files\X-Chat 2\xchat.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Opera\opera.exe
D:\stažene soubory\RSIT.exe
C:\Program Files\k10stat\k10stat\K10STAT.exe
C:\Program Files\CPUID\HWMonitor\HWMonitor.exe
C:\Program Files\trend micro\PC.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 62.146.66.181 dl1.avgate.net
O1 - Hosts: 62.146.66.182 dl2.avgate.net
O1 - Hosts: 62.146.66.183 dl3.avgate.net
O1 - Hosts: 62.146.66.184 dl4.avgate.net
O1 - Hosts: 80.190.143.23 dl5.avgate.net
O1 - Hosts: 80.190.143.23 dl6.avgate.net
O1 - Hosts: 62.146.66.178 dl7.avgate.net
O1 - Hosts: 62.146.66.179 dl8.avgate.net
O1 - Hosts: 80.190.143.239 dl9.avgate.net
O1 - Hosts: 80.190.143.230 dl10.avgate.net
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll (file missing)
O4 - HKLM\..\Run: [iConfig-z300] "C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [Pidgin] C:\Program Files\Pidgin\pidgin.exe
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [WLAN Optimizer] C:\wopt021\WLAN Optimizer.exe
O4 - HKCU\..\Run: [EPSON SX420W Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\Windows\TEMP\E_S934D.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Steam] "D:\Games\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-21-3491727313-2059114097-998879636-1013\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3491727313-2059114097-998879636-1013\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Rain.lnk = C:\Rain\Rain.exe
O4 - Startup: xchat – zástupce.lnk = C:\Program Files\X-Chat 2\xchat.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: 20Dollars2Surf.lnk = C:\Program Files\20Dollars2Surf\20dollars2surf.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL
O23 - Service: TP-LINK Configuration Service (ACS) - Atheros - C:\Windows\system32\acs.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files\Common Files\Desura\desura_service.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: CD Guard Drivers Auto Removal (v2) (psrem02) - Protection Technology - C:\Windows\system32\psrem02.exe
O23 - Service: SensorsVService - Unknown owner - C:\Program Files\SensorsViewPro41\svservice.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: WEP/WPA-PMK key recovery service (WZCOOK) - Unknown owner - D:\stažene soubory\aircrack-ng-1.1-win\aircrack-ng-1.1-win\bin\wzcook.exe (file missing)

--
End of file - 10584 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-11-05 599544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-29 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-03-29 266240]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-11-05 599544]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"iConfig-z300"=C:\Program Files\Icon7\iConfig for Gamers\Z300\hid300.exe [2010-06-13 358912]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-12-13 281768]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-11-16 1043968]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2010-11-05 738808]
"TaskTray"= []
"NPSStartup"= []
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-20 7625248]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-03-29 30192]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-02-19 273544]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-03-28 1910152]
""= []
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2010-10-14 487424]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []
"ATnotes.exe"=C:\Program Files\ATnotes\ATnotes.exe [2005-01-05 1015808]
"Pidgin"=C:\Program Files\Pidgin\pidgin.exe [2011-03-11 48618]
"ShowBatteryBar"=C:\Program Files\BatteryBar\ShowBatteryBar.exe [2009-05-28 90624]
"WLAN Optimizer"=C:\wopt021\WLAN Optimizer.exe [2009-08-07 109056]
"EPSON SX420W Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE [2009-09-14 200704]
"Steam"=D:\Games\Steam\steam.exe [2010-11-17 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2011-03-25 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Games\Steam\steam.exe [2010-11-17 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\update\realsched.exe [2011-02-19 273544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWCU]
C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\TWCU.exe [2010-05-21 561263]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WLAN Optimizer]
C:\wopt021\WLAN Optimizer.exe [2009-08-07 109056]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
20Dollars2Surf.lnk - C:\Program Files\20Dollars2Surf\20dollars2surf.exe

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rain.lnk - C:\Rain\Rain.exe
xchat – zástupce.lnk - C:\Program Files\X-Chat 2\xchat.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\xchat\xchat.exe"="C:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-05-13 18:17:10 ----A---- C:\Windows\dice.ini
2011-05-13 14:06:15 ----A---- C:\Windows\system32\poqexec.exe
2011-05-12 19:42:08 ----D---- C:\Users\PC\AppData\Roaming\wargaming.net
2011-05-11 15:42:42 ----D---- C:\Program Files\Zachtronics Industries
2011-05-11 13:49:06 ----A---- C:\Windows\system32\drivers\usbport.sys
2011-05-11 13:49:05 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2011-05-11 13:49:05 ----A---- C:\Windows\system32\drivers\usbohci.sys
2011-05-11 13:49:05 ----A---- C:\Windows\system32\drivers\usbhub.sys
2011-05-11 13:49:05 ----A---- C:\Windows\system32\drivers\usbehci.sys
2011-05-11 13:49:05 ----A---- C:\Windows\system32\drivers\usbd.sys
2011-05-11 13:49:05 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2011-05-11 13:49:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-05-11 13:49:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-09 18:10:31 ----D---- C:\Program Files\Common Files\Java
2011-05-09 18:10:12 ----A---- C:\Windows\system32\javaws.exe
2011-05-09 18:10:12 ----A---- C:\Windows\system32\javaw.exe
2011-05-09 18:10:12 ----A---- C:\Windows\system32\java.exe
2011-05-09 15:52:19 ----D---- C:\Users\PC\AppData\Roaming\Dwarfs
2011-05-08 16:47:45 ----A---- C:\Windows\system32\OpenCL.dll
2011-05-08 16:47:45 ----A---- C:\Windows\system32\nvhdap32.dll
2011-05-08 16:47:45 ----A---- C:\Windows\system32\nvhdagenco322040.dll
2011-05-08 16:47:45 ----A---- C:\Windows\system32\nvapo32v.dll
2011-05-08 16:47:45 ----A---- C:\Windows\system32\drivers\nvhda32v.sys
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvoglv32.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvgenco322060.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvdispco3220140.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvd3dum.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvcuvid.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvcuda.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\nvcompiler.dll
2011-05-08 16:47:44 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-05-02 14:03:21 ----D---- C:\Program Files\Redblade 3.5e
2011-04-29 19:03:10 ----D---- C:\Content
2011-04-29 19:00:58 ----D---- C:\Program Files\Microsoft Research
2011-04-27 16:28:10 ----A---- C:\Windows\system32\prevhost.exe
2011-04-27 16:28:03 ----A---- C:\Windows\system32\esent.dll
2011-04-27 16:28:03 ----A---- C:\Windows\system32\drivers\nvstor.sys
2011-04-27 16:28:03 ----A---- C:\Windows\system32\drivers\nvraid.sys
2011-04-27 16:28:03 ----A---- C:\Windows\system32\drivers\ntfs.sys
2011-04-27 16:28:02 ----A---- C:\Windows\system32\fsutil.exe
2011-04-27 16:28:02 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2011-04-27 16:28:02 ----A---- C:\Windows\system32\drivers\storport.sys
2011-04-27 16:28:02 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2011-04-27 16:28:02 ----A---- C:\Windows\system32\drivers\amdxata.sys
2011-04-27 16:28:02 ----A---- C:\Windows\system32\drivers\amdsata.sys
2011-04-27 16:27:54 ----A---- C:\Windows\system32\XpsPrint.dll
2011-04-27 16:27:53 ----A---- C:\Windows\explorer.exe
2011-04-22 21:38:53 ----D---- C:\Program Files\CpuIdle
2011-04-22 21:38:53 ----A---- C:\Windows\system32\drivers\cpuidlep.sys
2011-04-22 17:05:39 ----SHD---- C:\found.000
2011-04-21 10:36:52 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-04-21 09:51:36 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2011-04-21 09:50:00 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2011-04-21 09:49:54 ----D---- C:\Program Files\Oracle
2011-04-19 15:55:45 ----A---- C:\Windows\system32\HMIPCore.dll
2011-04-18 19:14:45 ----D---- C:\Program Files\HD Tune
2011-04-18 14:37:44 ----D---- C:\Program Files\pdfforge Toolbar
2011-04-18 14:37:44 ----D---- C:\Program Files\Application Updater
2011-04-18 14:36:55 ----A---- C:\Windows\system32\pdfcmnnt.dll
2011-04-18 14:36:53 ----D---- C:\Program Files\PDFCreator
2011-04-18 14:36:53 ----A---- C:\Windows\system32\MSMPIDE.DLL
2011-04-18 13:54:40 ----A---- C:\Windows\system32\E_DCINST.DLL
2011-04-18 13:54:39 ----A---- C:\Windows\system32\E_FD4BGCE.DLL
2011-04-16 15:29:40 ----D---- C:\Program Files\Common Files\Desura
2011-04-16 15:27:42 ----D---- C:\ProgramData\Desura
2011-04-16 15:27:40 ----D---- C:\Program Files\Desura
2011-04-16 12:02:43 ----D---- C:\Program Files\Aura Beta 3
2011-04-15 16:10:41 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-15 16:10:41 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-15 16:10:41 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-15 16:10:39 ----A---- C:\Windows\system32\vbscript.dll
2011-04-15 16:10:39 ----A---- C:\Windows\system32\jscript.dll
2011-04-15 16:10:37 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-15 16:10:37 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-15 16:10:37 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-15 16:10:36 ----A---- C:\Windows\system32\atmlib.dll
2011-04-15 16:10:36 ----A---- C:\Windows\system32\atmfd.dll
2011-04-15 16:10:32 ----A---- C:\Windows\system32\mshtml.dll
2011-04-15 16:10:31 ----A---- C:\Windows\system32\ieframe.dll
2011-04-15 16:10:29 ----A---- C:\Windows\system32\urlmon.dll
2011-04-15 16:10:27 ----A---- C:\Windows\system32\wininet.dll
2011-04-15 16:10:26 ----A---- C:\Windows\system32\mstime.dll
2011-04-15 16:10:26 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-15 16:10:26 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-04-15 16:10:26 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-15 16:10:26 ----A---- C:\Windows\system32\licmgr10.dll
2011-04-15 16:10:26 ----A---- C:\Windows\system32\jsproxy.dll
2011-04-15 16:10:26 ----A---- C:\Windows\system32\ieui.dll
2011-04-15 16:10:26 ----A---- C:\Windows\system32\iertutil.dll
2011-04-15 16:10:26 ----A---- C:\Windows\system32\iepeers.dll
2011-04-15 16:10:26 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-15 16:10:25 ----A---- C:\Windows\system32\msfeedssync.exe
2011-04-15 16:10:07 ----A---- C:\Windows\system32\win32k.sys
2011-04-15 16:10:06 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-15 16:10:05 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-04-15 16:10:03 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-15 16:10:01 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-15 16:10:01 ----A---- C:\Windows\system32\mfc42.dll
2011-04-15 16:09:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-15 16:09:58 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-15 16:09:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-15 16:09:58 ----A---- C:\Windows\system32\drivers\bowser.sys

======List of files/folders modified in the last 1 months======

2011-05-14 17:24:52 ----D---- C:\Windows\Internet Logs
2011-05-14 17:24:47 ----D---- C:\Program Files\trend micro
2011-05-14 17:17:25 ----D---- C:\Users\PC\AppData\Roaming\Xfire
2011-05-14 17:17:17 ----D---- C:\Windows\temp
2011-05-14 17:15:40 ----D---- C:\ProgramData\NVIDIA
2011-05-14 17:04:31 ----D---- C:\Windows\system32\config
2011-05-14 16:21:18 ----D---- C:\Users\PC\AppData\Roaming\X-Chat 2
2011-05-14 12:33:41 ----D---- C:\Users\PC\AppData\Roaming\.purple
2011-05-14 12:33:11 ----D---- C:\Users\PC\AppData\Roaming\AIMP
2011-05-13 18:17:10 ----D---- C:\Windows
2011-05-13 17:39:24 ----AD---- C:\Windows\System32
2011-05-13 17:39:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-13 17:39:23 ----D---- C:\Windows\inf
2011-05-13 17:34:32 ----D---- C:\Windows\winsxs
2011-05-13 17:32:33 ----D---- C:\Windows\system32\DriverStore
2011-05-13 17:32:31 ----D---- C:\Windows\system32\drivers
2011-05-13 16:41:22 ----SHD---- C:\System Volume Information
2011-05-13 14:34:39 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2011-05-13 14:32:57 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-05-13 14:03:53 ----D---- C:\Windows\system32\catroot
2011-05-13 14:03:51 ----D---- C:\Windows\system32\catroot2
2011-05-13 14:03:49 ----D---- C:\ProgramData\Xfire
2011-05-12 21:29:22 ----D---- C:\ProgramData
2011-05-12 21:26:41 ----RD---- C:\Program Files
2011-05-12 20:12:08 ----SHD---- C:\Windows\Installer
2011-05-12 20:11:58 ----RD---- C:\Program Files\Skype
2011-05-12 20:11:58 ----D---- C:\Program Files\Common Files
2011-05-12 20:10:58 ----D---- C:\Users\PC\AppData\Roaming\skypePM
2011-05-12 20:10:42 ----D---- C:\Users\PC\AppData\Roaming\Skype
2011-05-12 20:10:15 ----D---- C:\ProgramData\Skype
2011-05-12 20:02:59 ----RSD---- C:\Windows\assembly
2011-05-12 13:50:38 ----D---- C:\Users\PC\AppData\Roaming\TS3Client
2011-05-11 22:18:58 ----D---- C:\Windows\debug
2011-05-11 22:18:57 ----A---- C:\Windows\system32\MRT.exe
2011-05-11 15:47:23 ----D---- C:\Program Files\Common Files\Steam
2011-05-11 13:56:15 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-05-09 18:09:53 ----A---- C:\Windows\system32\deployJava1.dll
2011-05-09 17:24:55 ----D---- C:\Program Files\Mozilla Firefox
2011-05-09 14:08:08 ----D---- C:\Windows\system32\Tasks
2011-05-08 20:42:48 ----D---- C:\Users\PC\AppData\Roaming\Teeworlds
2011-05-08 16:52:08 ----HD---- C:\Program Files\InstallShield Installation Information
2011-05-08 16:51:14 ----D---- C:\Program Files\NVIDIA Corporation
2011-05-08 16:50:31 ----RD---- C:\Users
2011-05-08 14:32:43 ----D---- C:\Windows\Prefetch
2011-05-07 10:47:39 ----D---- C:\Program Files\Defcon
2011-05-06 20:57:20 ----D---- C:\Program Files\IntelBurnTest
2011-05-05 22:23:56 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2011-05-03 19:25:15 ----D---- C:\Users\PC\AppData\Roaming\vlc
2011-05-01 22:16:59 ----D---- C:\Program Files\OpenOffice.org 3
2011-05-01 22:15:24 ----RSD---- C:\Windows\Fonts
2011-05-01 11:19:35 ----D---- C:\Windows\rescache
2011-04-29 23:40:59 ----D---- C:\Windows\AppPatch
2011-04-29 23:40:57 ----D---- C:\Windows\system32\ru-RU
2011-04-29 23:40:57 ----D---- C:\Windows\system32\en-US
2011-04-29 23:40:57 ----D---- C:\Windows\system32\cs-CZ
2011-04-24 22:44:47 ----D---- C:\Windows\Logs
2011-04-24 19:25:15 ----D---- C:\Fraps
2011-04-23 22:18:22 ----D---- C:\Users\PC\AppData\Roaming\.minecraft
2011-04-23 21:46:19 ----D---- C:\Program Files\CamStudio
2011-04-23 20:14:27 ----D---- C:\Windows\system32\sk-SK
2011-04-23 19:07:35 ----D---- C:\Users\PC\AppData\Roaming\gtk-2.0
2011-04-22 21:00:22 ----A---- C:\Windows\BlendSettings.ini
2011-04-21 17:21:14 ----D---- C:\Program Files\Microsoft Silverlight
2011-04-21 10:36:52 ----D---- C:\Program Files\DAEMON Tools Lite
2011-04-21 09:51:36 ----DC---- C:\Windows\system32\DRVSTORE
2011-04-20 19:50:28 ----D---- C:\Program Files\uTorrent
2011-04-19 18:38:57 ----D---- C:\Program Files\Opera
2011-04-18 17:06:48 ----D---- C:\Program Files\SugarSync
2011-04-18 16:30:06 ----D---- C:\Users\PC\AppData\Roaming\FileZilla
2011-04-18 16:26:10 ----D---- C:\Program Files\FileZilla FTP Client
2011-04-18 16:17:01 ----D---- C:\Users\PC\AppData\Roaming\Dropbox
2011-04-16 14:08:24 ----D---- C:\Windows\Microsoft.NET
2011-04-16 12:41:47 ----D---- C:\Program Files\DOSBox-0.74
2011-04-16 11:22:11 ----D---- C:\Windows\system32\migration
2011-04-16 11:22:11 ----D---- C:\Program Files\Internet Explorer
2011-04-15 18:05:55 ----D---- C:\Windows\system32\FxsTmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nhcDriverDevice;Notebook Hardware Control Driver; C:\Windows\system32\drivers\nhcDriver.sys [2011-03-16 71680]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-08-04 213024]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 psdrv02;CD Guard Environment Driver (v2); C:\Windows\system32\drivers\psdrv02.sys [2006-09-11 67960]
R0 pssync05;CD Guard Synchronization Driver (v5); C:\Windows\system32\drivers\pssync05.sys [2006-11-03 61312]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-03-14 431672]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2011-03-22 137656]
R1 cpuidlep;CpuIdle Pro System Driver; C:\Windows\system32\drivers\cpuidlep.sys [2011-04-22 4484]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-21 218688]
R1 sensorsview;sensorsview; \??\C:\Program Files\SensorsViewPro41\drv\sensorsview32.sys [2008-07-26 14416]
R1 SSHDRV65;SSHDRV65; \??\C:\Windows\system32\drivers\SSHDRV65.sys [2010-06-21 120320]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2011-02-17 160560]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2011-02-17 44784]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 461400]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-07-08 281760]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-12-13 61960]
R2 cpuz133;cpuz133; \??\C:\Windows\system32\drivers\cpuz133_x32.sys [2010-03-30 20968]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x32.sys [2010-11-09 21992]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2010-11-05 26872]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-07-08 25888]
R3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2010-01-05 1500160]
R3 bbcap;bbcap; C:\Windows\system32\DRIVERS\bbcap.sys [2010-07-30 4096]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-08-03 36608]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 I7Z300Filter;Icon7_Z300; C:\Windows\system32\drivers\I7Z300.sys [2010-01-20 12800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-20 2664032]
R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2010-02-09 722720]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2011-03-03 139368]
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-07-14 1068032]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2011-02-17 122032]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 catchme;catchme; \??\C:\Users\PC\AppData\Local\Temp\catchme.sys []
S3 cpuz130;cpuz130; \??\C:\Users\PC\AppData\Local\Temp\cpuz130\cpuz_x32.sys []
S3 CV2K1;CommView Network Monitor; C:\Windows\system32\DRIVERS\cv2k1.sys []
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt [2005-08-18 7168]
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\PC\AppData\Local\Temp\UDC2BE0.tmp []
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys []
S3 MSI_DVD_010507;MSI_DVD_010507; \??\C:\PROGRA~1\MSI\MSIWDev\DVDSYS32_100507.sys [2010-05-10 22328]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\msibios32_100507.sys [2010-05-10 25912]
S3 MSI_VGASYS_010507;MSI_VGASYS_010507; \??\C:\PROGRA~1\MSI\MSIWDev\VGASYS32_100507.sys [2010-05-10 16696]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\Windows\system32\NSNDIS5.SYS []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
S3 RTCore32;RTCore32; \??\C:\Program Files\RMClock\RTCore32.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2010-03-11 25088]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 169320]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 61168]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 49400]
S3 ts_arusb;[CommView] Atheros Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\ts_arusb.sys [2011-01-12 1053288]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-02-17 111152]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;TP-LINK Configuration Service; C:\Windows\system32\acs.exe [2010-05-21 499796]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-03-22 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2011-01-28 387072]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-08-10 387616]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-08-03 233472]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 1242504]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-11-05 488952]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-08-10 178720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-04-07 612456]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
R2 SensorsVService;SensorsVService; C:\Program Files\SensorsViewPro41\svservice.exe [2010-06-17 923648]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2010-11-16 2435592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 psrem02;CD Guard Drivers Auto Removal (v2); C:\Windows\system32\psrem02.exe [2006-05-11 358008]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Desura Install Service;Desura Install Service; C:\Program Files\Common Files\Desura\desura_service.exe [2011-04-16 129856]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-03-29 30192]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-04-26 403240]
S3 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 148848]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[Roli]

Zdravím, tohle fixni v HJT :

O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll (file missing)
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll (file missing)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Pidgin] C:\Program Files\Pidgin\pidgin.exe
O4 - Global Startup: 20Dollars2Surf.lnk = C:\Program Files\20Dollars2Surf\20dollars2surf.exe
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

HJT najdeš zde :

C:\Program Files\trend micro\PC.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

[mrkew2]

Malwarebytes' Anti-Malware 1.50.1.1100
http://www.malwarebytes.org

Verze databáze: 6579

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

14.5.2011 22:13:18
mbam-log-2011-05-14 (22-13-13).txt

Typ kontroly: Rychlý test
Testované objekty: 170018
Uplynulý čas: 6 minut, 30 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 3
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CURRENT_USER\SOFTWARE\CE8SIIFGSU (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\VXEG3ZNNE5 (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\JetSwap (Adware.JetSwap) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[Roli]

To co Mbam našel nech smazat.

Jinak v pořádku

[mrkew2]

Dobře a opět děkuji.

[Roli]

Není zač.