VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

prosim o kontrolu logu...pomale PC

https://forum.viry.cz:443/viewtopic.php?t=101333

Stránka 1 z 1

prosim o kontrolu logu...pomale PC

Napsal: 22 kvě 2010 16:10
od sima707
Logfile of random's system information tool 1.07 (written by random/random)
Run by Dagmar at 2010-05-22 17:09:13
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 6 GB (8%) free of 74 GB
Total RAM: 1015 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:09:46, on 22.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Dagmar\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Dagmar.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe
O4 - HKLM\..\Run: [LiveUpdate] C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SuperHybridEngine.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 8826 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cab746d10b4190.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cab746d1198fac.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
DVDVideoSoft Toolbar - C:\Program Files\DVDVideoSoft\tbDVDV.dll [2010-03-09 2355224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - DVDVideoSoft Toolbar - C:\Program Files\DVDVideoSoft\tbDVDV.dll [2010-03-09 2355224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-04-27 17881088]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2009-04-16 630784]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2009-03-13 98304]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2009-04-16 118784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-04-09 1512744]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-04-09 79144]
"snp2uvc"=C:\WINDOWS\vsnp2uvc.exe []
"LiveUpdate"=C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [2009-06-25 712704]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-08-18 1447168]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-04-28 142120]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-02-22 26101032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Dagmar\Application Data\U3\4530100C7A431EFD\0DE4F643-C398-46ec-9339-2362F2311932\Exec\skype.exe"="C:\Documents and Settings\Dagmar\Application Data\U3\4530100C7A431EFD\0DE4F643-C398-46ec-9339-2362F2311932\Exec\skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58ad31ad-f4a6-11de-b39d-0025d39019cf}]
shell\AutoRun\command - MILAN\\\\\\\\\\BALKAN.exe
shell\explore\command - MILAN\\\\\\\\\\\\BALKAN.exe
shell\open\command - MILAN\\\\\\\\\\\\BALKAN.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e61f446c-2d27-11df-b3de-e9401f79bb0f}]
shell\AutoRun\command - G:\LaunchU3.exe -a


======List of files/folders created in the last 1 months======

2010-05-22 17:09:14 ----D---- C:\Program Files\trend micro
2010-05-22 17:09:13 ----D---- C:\rsit
2010-05-17 22:29:07 ----D---- C:\Documents and Settings\Dagmar\Application Data\HPAppData
2010-05-13 18:01:54 ----D---- C:\Documents and Settings\All Users\Application Data\Visan
2010-05-13 17:58:46 ----D---- C:\Documents and Settings\Dagmar\Application Data\HP
2010-05-13 17:58:46 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG
2010-05-13 17:56:47 ----A---- C:\WINDOWS\system32\hpf3l70v.dll
2010-05-13 17:55:55 ----D---- C:\WINDOWS\Cache
2010-05-13 17:55:51 ----D---- C:\Program Files\Coupons
2010-05-13 17:55:30 ----D---- C:\Program Files\HP Photo Creations
2010-05-13 17:55:30 ----D---- C:\Documents and Settings\All Users\Application Data\HP Photo Creations
2010-05-13 17:55:15 ----D---- C:\Documents and Settings\Dagmar\Application Data\HpUpdate
2010-05-13 17:53:39 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2010-05-13 17:52:02 ----D---- C:\Program Files\Common Files\HP
2010-05-13 17:51:40 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2010-05-13 17:51:10 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2010-05-13 17:50:24 ----A---- C:\WINDOWS\system32\hppldcoi.dll
2010-05-13 17:50:24 ----A---- C:\WINDOWS\system32\hposwia_d02c.dll
2010-05-13 17:50:24 ----A---- C:\WINDOWS\system32\hpost_d02c.dll
2010-05-13 17:50:24 ----A---- C:\WINDOWS\system32\hposc_d02a.dll
2010-05-13 17:50:02 ----A---- C:\WINDOWS\system32\hpzids01.dll
2010-05-13 17:49:36 ----D---- C:\Program Files\HP
2010-05-13 17:48:59 ----HD---- C:\Config.Msi
2010-05-13 12:45:58 ----D---- C:\Atlas
2010-05-13 12:36:39 ----D---- C:\Program Files\PowerISO
2010-05-10 21:13:38 ----A---- C:\WINDOWS\unvise32.exe
2010-05-10 21:12:18 ----D---- C:\Program Files\Mplayer
2010-05-10 21:11:07 ----D---- C:\Program Files\Quake III Arena
2010-05-10 21:10:34 ----A---- C:\WINDOWS\IsUninst.exe
2010-05-10 21:10:17 ----A---- C:\WINDOWS\QIII.INI
2010-05-10 15:43:40 ----D---- C:\Program Files\iPod
2010-05-10 15:28:24 ----D---- C:\Program Files\Bonjour
2010-05-05 15:04:28 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-05-05 15:04:28 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-05-05 15:04:21 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-05-05 15:04:21 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-05-05 15:04:20 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-05-05 15:04:19 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-05-05 15:04:19 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-05-05 15:04:18 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-05-05 15:04:16 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-05-03 23:36:59 ----D---- C:\Program Files\AVCWare
2010-05-03 23:34:38 ----D---- C:\Documents and Settings\Dagmar\Application Data\ImTOO Software Studio
2010-05-03 23:33:48 ----D---- C:\Program Files\ImTOO
2010-05-03 22:47:34 ----D---- C:\Documents and Settings\Dagmar\Application Data\Acoustica
2010-05-03 22:44:52 ----A---- C:\WINDOWS\system32\Wnaspint.dll
2010-05-03 22:44:47 ----D---- C:\Program Files\Acoustica Shared Effects
2010-05-03 22:43:48 ----D---- C:\Program Files\VST
2010-05-03 22:43:48 ----D---- C:\Documents and Settings\All Users\Application Data\Acoustica
2010-05-03 22:43:45 ----D---- C:\Program Files\Acoustica Mixcraft 4
2010-05-03 21:31:39 ----D---- C:\Program Files\Acoustica Mixcraft 5
2010-05-03 21:15:47 ----D---- C:\DVDVideoSoft
2010-05-03 21:10:00 ----D---- C:\Program Files\Conduit
2010-05-03 21:07:16 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-05-03 21:07:13 ----D---- C:\Program Files\DVDVideoSoft
2010-05-03 18:32:10 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-05-03 18:31:56 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-05-03 18:31:51 ----D---- C:\Program Files\Xvid
2010-05-03 18:31:15 ----D---- C:\Program Files\FDRLab

======List of files/folders modified in the last 1 months======

2010-05-22 17:09:28 ----D---- C:\WINDOWS\Temp
2010-05-22 17:09:21 ----D---- C:\WINDOWS\Prefetch
2010-05-22 17:09:14 ----RD---- C:\Program Files
2010-05-22 17:07:02 ----D---- C:\Documents and Settings\Dagmar\Application Data\Skype
2010-05-22 00:04:45 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-19 21:15:47 ----D---- C:\WINDOWS\system32
2010-05-19 21:15:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-19 21:11:29 ----D---- C:\Documents and Settings\Dagmar\Application Data\skypePM
2010-05-19 15:09:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-13 18:16:20 ----D---- C:\WINDOWS
2010-05-13 17:58:14 ----A---- C:\WINDOWS\win.ini
2010-05-13 17:57:22 ----D---- C:\WINDOWS\system32\drivers
2010-05-13 17:56:36 ----D---- C:\WINDOWS\twain_32
2010-05-13 17:56:20 ----HD---- C:\WINDOWS\inf
2010-05-13 17:55:27 ----SHD---- C:\WINDOWS\Installer
2010-05-13 17:54:51 ----D---- C:\WINDOWS\WinSxS
2010-05-13 17:53:58 ----RSD---- C:\WINDOWS\Fonts
2010-05-13 17:52:02 ----D---- C:\Program Files\Common Files
2010-05-13 17:50:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-05-13 13:19:28 ----D---- C:\Documents and Settings\Dagmar\Application Data\U3
2010-05-11 15:04:39 ----D---- C:\Program Files\Google
2010-05-10 15:46:13 ----D---- C:\Program Files\iTunes
2010-05-10 15:43:35 ----D---- C:\Program Files\Common Files\Apple
2010-05-10 15:30:30 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-05-05 22:52:23 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-05 15:39:00 ----D---- C:\WINDOWS\system32\DirectX
2010-05-05 15:38:59 ----RSD---- C:\WINDOWS\assembly
2010-05-05 15:04:23 ----D---- C:\WINDOWS\Microsoft.NET
2010-05-01 18:49:18 ----D---- C:\Diablo II

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-08-18 53256]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-08-18 34312]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-08-18 39944]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-29 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-29 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-29 21568]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-04-27 5074944]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-03-02 38912]
R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2009-07-10 1015424]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2009-03-13 1759616]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-04-09 208816]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 akonoyfh;akonoyfh; C:\WINDOWS\system32\drivers\akonoyfh.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-03-13 1528928]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-10-16 41472]
S3 usbvideo;USB µo°T¸Ë¸m (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 uvclf;uvclf; C:\WINDOWS\system32\DRIVERS\uvclf.sys [2008-11-19 39040]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 atapi;atapi; C:\WINDOWS\system32\drivers\atapi.sys [2008-04-14 96512]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 545576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-15 135664]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-08-18 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Bezpečnosť rodiny v službe Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: prosim o kontrolu logu...pomale PC

Napsal: 22 kvě 2010 17:23
od 1danab
zdravím :)

toto vám něco říká BALKAN.exe?

:arrow: C:\WINDOWS\unvise32.exe otestujte na VIRUSTOTALu

jednoduchý návod: po načtení stránky, kliknout na Procházet, najít cestu k výše zmíněnému souboru a kliknout na tlačítko Odeslat soubor; pokud vyskočí hláška, že soubor byl už testován, ignorujte to a proveďte sken znova; po ukončení skenu sem vložte výsledky buď zkopírováním textu nebo vložením odkazu

Re: prosim o kontrolu logu...pomale PC

Napsal: 22 kvě 2010 19:11
od sima707
Zdravim a dakujem za pomoc :))
no subor BALKAN.exe mi nehovori nič

VIRUSTOTAL
Soubor unvise32.exe přijatý 2010.05.22 17:14:02 (UTC)
Současný stav: Dokončeno
Výsledek: 1/41 (2.44%)
Formátované
Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.23.00 2010.05.22 -
AntiVir 8.2.1.242 2010.05.21 -
Antiy-AVL 2.0.3.7 2010.05.21 -
Authentium 5.2.0.5 2010.05.22 -
Avast 4.8.1351.0 2010.05.22 -
Avast5 5.0.332.0 2010.05.22 -
AVG 9.0.0.787 2010.05.22 -
BitDefender 7.2 2010.05.22 -
CAT-QuickHeal 10.00 2010.05.21 -
ClamAV 0.96.0.3-git 2010.05.22 -
Comodo 4912 2010.05.22 -
DrWeb 5.0.2.03300 2010.05.22 -
eSafe 7.0.17.0 2010.05.20 -
eTrust-Vet 35.2.7503 2010.05.21 -
F-Prot 4.6.0.103 2010.05.22 -
F-Secure 9.0.15370.0 2010.05.22 -
Fortinet 4.1.133.0 2010.05.22 -
GData 21 2010.05.22 -
Ikarus T3.1.1.84.0 2010.05.22 -
Jiangmin 13.0.900 2010.05.22 -
Kaspersky 7.0.0.125 2010.05.22 -
McAfee 5.400.0.1158 2010.05.22 -
McAfee-GW-Edition 2010.1 2010.05.22 Heuristic.BehavesLike.Win32.PasswordStealer.H
Microsoft 1.5802 2010.05.22 -
NOD32 5137 2010.05.22 -
Norman 6.04.12 2010.05.22 -
nProtect 2010-05-22.01 2010.05.22 -
Panda 10.0.2.7 2010.05.22 -
PCTools 7.0.3.5 2010.05.22 -
Prevx 3.0 2010.05.22 -
Rising 22.48.05.04 2010.05.22 -
Sophos 4.53.0 2010.05.22 -
Sunbelt 6338 2010.05.22 -
Symantec 20101.1.0.89 2010.05.22 -
TheHacker 6.5.2.0.285 2010.05.22 -
TrendMicro 9.120.0.1004 2010.05.22 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.22 -
VBA32 3.12.12.5 2010.05.22 -
ViRobot 2010.5.20.2326 2010.05.22 -
VirusBuster 5.0.27.0 2010.05.22 -
Rozšiřující informace
File size: 86016 bytes
MD5...: 84b4f61f59a421bd85d97b35d194b42b
SHA1..: d3f2bac1a72f82c42d551c066c8ec841f46adb60
SHA256: f241f37d423dd5c192b22ca1d4655dbf9e9b861487a6ac0f958b190e975934dc
ssdeep: 1536:Pche6hyD7/XwxVwSmIULfBTpgj8wJK92a+SoLJMA:PkzhyDLXiwoULJE8wJ
K4a+So9T
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x8a7a
timedatestamp.....: 0x385a52ff (Fri Dec 17 15:13:03 1999)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xddb5 0xe000 6.52 2016979550b1336eb7ca4fa8332d7f11
.rdata 0xf000 0x1726 0x2000 4.38 233783be01153608f9480f0590b88a2f
.data 0x11000 0x2ff8 0x2000 4.13 dd586d7dfddbeecb449fcf42d8e3ed31
.rsrc 0x14000 0x1660 0x2000 3.30 4eb94c6f473197e2c1c22186dc261dff

( 8 imports )
> VERSION.dll: GetFileVersionInfoSizeA, VerQueryValueA, GetFileVersionInfoA
> KERNEL32.dll: GetProcAddress, GetPrivateProfileStringA, GetExitCodeProcess, WritePrivateProfileStringA, lstrcmpiA, Sleep, CloseHandle, GetLastError, lstrlenW, GetTickCount, GetTempFileNameA, MultiByteToWideChar, lstrcpynA, lstrcmpA, _lopen, GetSystemDirectoryA, WideCharToMultiByte, GetWindowsDirectoryA, GetTempPathA, FindFirstFileA, FindClose, FindNextFileA, GetShortPathNameA, DeleteFileA, GlobalHandle, GlobalAlloc, SetFileAttributesA, _hread, GetFileAttributesA, MoveFileExA, GetCurrentDirectoryA, SetCurrentDirectoryA, GlobalFree, lstrlenA, lstrcatA, WriteProfileStringA, OpenFile, _lread, _llseek, _lclose, LoadLibraryA, FindResourceA, LoadResource, LockResource, lstrcpyA, FreeResource, FreeLibrary, IsBadCodePtr, FlushFileBuffers, GlobalLock, CopyFileA, GlobalUnlock, RemoveDirectoryA, MulDiv, GetVersionExA, WriteFile, HeapDestroy, GetEnvironmentStringsW, HeapCreate, FreeEnvironmentStringsW, FreeEnvironmentStringsA, VirtualFree, GetStringTypeA, TerminateProcess, GetModuleFileNameA, UnhandledExceptionFilter, IsBadReadPtr, HeapSize, HeapReAlloc, LCMapStringW, LCMapStringA, HeapAlloc, HeapFree, GetOEMCP, GetACP, GetCPInfo, SetEndOfFile, GetStdHandle, SetHandleCount, SetStdHandle, GetCurrentProcess, GetEnvironmentStrings, ExitProcess, GetVersion, GetCommandLineA, GetStartupInfoA, GetModuleHandleA, MoveFileA, RtlUnwind, CreateFileA, GetFileType, ReadFile, SetFilePointer, IsBadWritePtr, VirtualAlloc, GetStringTypeW, SetUnhandledExceptionFilter
> USER32.dll: DialogBoxParamA, GetWindowRect, SetFocus, DispatchMessageA, GetDesktopWindow, IsWindowVisible, GetParent, EndPaint, BeginPaint, SetWindowTextA, GetWindow, SendMessageA, UpdateWindow, ShowWindow, CreateDialogParamA, GetSysColor, DestroyWindow, MoveWindow, TranslateMessage, PeekMessageA, OffsetRect, ScreenToClient, InvalidateRect, GetDlgItem, FillRect, DdeInitializeA, DdeUninitialize, DdeAccessData, DdeUnaccessData, DdeFreeDataHandle, DdeCreateStringHandleA, DdeConnect, DdeClientTransaction, DdeGetLastError, DdeDisconnect, DdeFreeStringHandle, LoadStringA, MessageBoxA, GetDC, EndDialog, SetDlgItemTextA, wsprintfA, ReleaseDC, CharUpperA, GetDlgItemTextA, PostMessageA, FindWindowA
> GDI32.dll: DeleteObject, CreateSolidBrush, GetDeviceCaps, GetObjectA, RemoveFontResourceA, CreateFontIndirectA
> ADVAPI32.dll: QueryServiceStatus, CloseServiceHandle, OpenSCManagerA, RegCloseKey, RegQueryInfoKeyA, RegOpenKeyExA, RegQueryValueA, RegQueryValueExA, ControlService, DeleteService, OpenServiceA, RegDeleteKeyA, RegEnumKeyA, RegOpenKeyA, RegSetValueA, RegSetValueExA, RegDeleteValueA
> SHELL32.dll: ShellExecuteExA, SHChangeNotify, SHGetSpecialFolderLocation, SHGetPathFromIDListA, SHGetMalloc
> ole32.dll: OleUninitialize, OleInitialize, StringFromGUID2
> OLEAUT32.dll: -

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
sigcheck:
publisher....: MindVision Software
copyright....: Copyright (c) MindVision Software 1995-2000
product......: Installer VISE
description..: Uninstall application file
original name: UNINSTAL.EXE
internal name: Installer VISE
file version.: 3.1.1
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned

Re: prosim o kontrolu logu...pomale PC

Napsal: 22 kvě 2010 19:41
od 1danab
stáhněte a uložte nejlépe na plochu ComboFix

spusťte aplikaci pod účtem s administrátorským oprávněním
po startu se zobrazí obrazovka s licenčními podmínkami, klikněte na tlačítko Ano:

Obrázek

může dojít k varování ohledně rezidentního štítu Vašeho antiviru a upozornění na nenainstalovanou konzoli pro zotavení; zatím jí neinstalujte

sken trvá cca 10 minut (může trvat i déle, podle množství souborů a rychlosti pc); během skenu nespouštějte žádné aplikace

během skenování může být Vaše pc restartováno, proto nepropadejte panice

upozornění: pokud používate antispyware s rezidentním štítem, deaktivujte jeho rezidentní štít, protože dochází při skenu a výmazu případného malware k nežádoucím kolizím Combofixu s rezidentem antispyware

po restartování vytvoří aplikace log, uložený na C:/Combofix.txt jeho obsah vložte sem :)

Re: prosim o kontrolu logu...pomale PC

Napsal: 22 kvě 2010 20:28
od sima707
tu je log z Combofixu
ComboFix 10-05-22.01 - Dagmar 22.05.2010 21:19:18.1.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1015.590 [GMT 2:00]
Running from: c:\documents and settings\Dagmar\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\Dagmar\LOCALS~1\Temp\install_flash_player.exe
c:\program files\FunWebProducts
c:\windows\system32\Thumbs.db

.
((((((((((((((((((((((((( Files Created from 2010-04-22 to 2010-05-22 )))))))))))))))))))))))))))))))
.

2010-05-22 15:09 . 2010-05-22 15:09 -------- d-----w- c:\program files\trend micro
2010-05-22 15:09 . 2010-05-22 15:09 -------- d-----w- C:\rsit
2010-05-17 20:29 . 2010-05-17 20:33 -------- d-----w- c:\documents and settings\Dagmar\Application Data\HPAppData
2010-05-16 20:19 . 2010-05-16 20:19 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-05-13 16:08 . 2010-05-13 16:08 -------- d-----w- c:\documents and settings\Dagmar\Local Settings\Application Data\HP
2010-05-13 15:55 . 2010-05-13 15:55 -------- d-----w- c:\program files\HP Photo Creations
2010-05-13 15:55 . 2010-05-14 17:00 -------- d-----w- c:\documents and settings\Dagmar\Application Data\HpUpdate
2010-05-13 15:53 . 2010-05-13 15:53 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2010-05-13 15:52 . 2010-05-13 15:52 -------- d-----w- c:\program files\Common Files\HP
2010-05-13 15:51 . 2010-05-13 15:51 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2010-05-13 15:51 . 2010-05-13 15:58 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2010-05-13 15:50 . 2009-02-11 11:03 712704 ----a-w- c:\windows\system32\hposwia_d02c.dll
2010-05-13 15:50 . 2009-02-11 11:03 589824 ----a-w- c:\windows\system32\hpost_d02c.dll
2010-05-13 15:50 . 2009-02-11 11:03 315392 ----a-w- c:\windows\system32\hposc_d02a.dll
2010-05-13 15:50 . 2008-10-29 00:27 372736 ----a-w- c:\windows\system32\hppldcoi.dll
2010-05-13 15:50 . 2008-10-29 00:27 21568 ----a-w- c:\windows\system32\drivers\HPZius12.sys
2010-05-13 15:50 . 2008-10-29 00:27 16496 ----a-w- c:\windows\system32\drivers\HPZipr12.sys
2010-05-13 15:50 . 2008-10-29 00:27 49920 ----a-w- c:\windows\system32\drivers\HPZid412.sys
2010-05-13 15:50 . 2009-04-16 11:53 452408 ----a-w- c:\windows\system32\hpzids01.dll
2010-05-13 15:49 . 2010-05-13 15:55 -------- d-----w- c:\program files\HP
2010-05-13 15:47 . 2010-05-13 15:58 169984 ----a-w- c:\windows\hpoins44.dat
2010-05-13 15:47 . 2010-01-30 13:12 512 ------w- c:\windows\hpomdl44.dat
2010-05-13 10:45 . 2010-05-20 19:58 -------- d-----w- C:\Atlas
2010-05-13 10:36 . 2010-05-13 10:36 -------- d-----w- c:\program files\PowerISO
2010-05-13 10:04 . 2008-04-14 12:00 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-05-11 08:55 . 2010-05-11 08:55 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\DVDVideoSoft
2010-05-10 19:13 . 1999-12-17 08:13 86016 ----a-w- c:\windows\unvise32.exe
2010-05-10 19:12 . 2010-05-10 19:12 -------- d-----w- c:\program files\Mplayer
2010-05-10 19:11 . 2010-05-10 19:28 -------- d-----w- c:\program files\Quake III Arena
2010-05-10 19:10 . 1999-10-09 15:30 305152 ----a-w- c:\windows\IsUninst.exe
2010-05-10 13:43 . 2010-05-10 13:43 -------- d-----w- c:\program files\iPod
2010-05-10 13:28 . 2010-05-10 13:28 -------- d-----w- c:\program files\Bonjour
2010-05-10 13:23 . 2010-05-10 13:23 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe
2010-05-05 20:56 . 2010-05-05 20:56 551 ----a-w- c:\windows\eReg.dat
2010-05-05 13:04 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-05-03 21:36 . 2010-05-03 21:36 -------- d-----w- c:\program files\AVCWare
2010-05-03 21:34 . 2010-05-03 21:34 -------- d-----w- c:\documents and settings\Dagmar\Application Data\ImTOO Software Studio
2010-05-03 21:33 . 2010-05-03 21:33 -------- d-----w- c:\program files\ImTOO
2010-05-03 20:47 . 2010-05-03 20:47 -------- d-----w- c:\documents and settings\Dagmar\Application Data\Acoustica
2010-05-03 20:44 . 2007-08-07 09:32 57344 ----a-w- c:\windows\system32\Wnaspint.dll
2010-05-03 20:44 . 2010-05-03 20:47 -------- d-----w- c:\program files\Acoustica Shared Effects
2010-05-03 20:43 . 2010-05-03 20:43 -------- d-----w- c:\program files\VST
2010-05-03 20:43 . 2010-05-03 20:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Acoustica
2010-05-03 20:43 . 2010-05-03 20:46 -------- d-----w- c:\program files\Acoustica Mixcraft 4
2010-05-03 19:31 . 2010-05-03 19:31 -------- d-----w- c:\program files\Acoustica Mixcraft 5
2010-05-03 19:15 . 2010-05-03 19:15 -------- d-----w- C:\DVDVideoSoft
2010-05-03 19:10 . 2010-05-03 19:10 -------- d-----w- c:\documents and settings\Dagmar\Local Settings\Application Data\Conduit
2010-05-03 19:10 . 2010-05-03 19:10 -------- d-----w- c:\documents and settings\Dagmar\Local Settings\Application Data\DVDVideoSoft
2010-05-03 19:10 . 2010-05-03 19:10 -------- d-----w- c:\program files\Conduit
2010-05-03 19:07 . 2010-05-03 19:09 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2010-05-03 19:07 . 2010-05-03 19:10 -------- d-----w- c:\program files\DVDVideoSoft
2010-05-03 16:32 . 2008-12-04 19:42 815104 ----a-w- c:\windows\system32\xvidcore.dll
2010-05-03 16:31 . 2008-12-04 19:46 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2010-05-03 16:31 . 2010-05-03 16:46 -------- d-----w- c:\program files\Xvid
2010-05-03 16:31 . 2010-05-03 16:31 -------- d-----w- c:\program files\FDRLab

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-22 19:11 . 2009-12-27 22:00 -------- d-----w- c:\documents and settings\Dagmar\Application Data\Skype
2010-05-21 14:08 . 2010-03-11 16:28 -------- d-----w- c:\documents and settings\Dagmar\Application Data\skypePM
2010-05-13 16:02 . 2009-12-19 17:41 69872 ----a-w- c:\documents and settings\Dagmar\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-13 16:01 . 2010-05-13 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Visan
2010-05-13 16:01 . 2010-05-13 15:55 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Photo Creations
2010-05-13 16:01 . 2010-05-13 16:01 1095152 ----a-w- c:\documents and settings\All Users\Application Data\HP Photo Creations\RocketEngine.dll
2010-05-13 16:01 . 2010-05-13 16:01 140784 ----a-w- c:\documents and settings\All Users\Application Data\HP Photo Creations\RLPNUpload.dll
2010-05-13 16:01 . 2010-05-13 16:01 321008 ----a-w- c:\documents and settings\All Users\Application Data\HP Photo Creations\PhotoProductCore.exe
2010-05-13 16:01 . 2010-05-13 16:01 145760 ----a-w- c:\documents and settings\All Users\Application Data\HP Photo Creations\PhotoProductReg.exe
2010-05-13 16:01 . 2010-05-13 16:01 210416 ----a-w- c:\documents and settings\All Users\Application Data\HP Photo Creations\ContentMan.dll
2010-05-13 15:59 . 2010-05-13 15:58 -------- d-----w- c:\documents and settings\Dagmar\Application Data\HP
2010-05-13 15:58 . 2010-05-13 15:58 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG
2010-05-13 15:55 . 2010-05-13 15:55 -------- d-----w- c:\program files\Coupons
2010-05-13 11:19 . 2010-03-11 16:05 -------- d-----w- c:\documents and settings\Dagmar\Application Data\U3
2010-05-11 13:04 . 2009-12-14 21:47 -------- d-----w- c:\program files\Google
2010-05-10 13:46 . 2010-04-03 10:12 -------- d-----w- c:\program files\iTunes
2010-05-10 13:43 . 2009-12-30 10:26 -------- d-----w- c:\program files\Common Files\Apple
2010-05-05 20:52 . 2009-09-02 11:29 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-17 08:23 . 2010-04-17 08:22 -------- d-----w- c:\program files\upnito.sk manager
2010-04-08 11:20 . 2010-04-08 11:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 11:20 . 2010-04-08 11:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-04-03 10:15 . 2010-04-03 10:12 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-04-03 10:07 . 2010-04-03 10:05 -------- d-----w- c:\program files\QuickTime
2010-03-31 15:25 . 2010-02-02 16:47 -------- d-----w- c:\documents and settings\Dagmar\Application Data\uTorrent
2010-03-29 11:40 . 2010-02-02 16:48 -------- d-----w- c:\program files\uTorrent
2010-03-11 16:28 . 2010-03-11 16:28 56 ---ha-w- c:\windows\system32\ezsidmv.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2010-03-09 2355224]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
2010-03-09 09:06 2355224 ----a-w- c:\program files\DVDVideoSoft\tbDVDV.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2010-03-09 2355224]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}"= "c:\program files\DVDVideoSoft\tbDVDV.dll" [2010-03-09 2355224]

[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-02-22 26101032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"RTHDCPL"="RTHDCPL.EXE" [2009-04-27 17881088]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-04-16 630784]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-03-13 98304]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2009-04-16 118784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-04-09 1512744]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-04-09 79144]
"LiveUpdate"="c:\program files\Asus\LiveUpdate\LiveUpdate.exe" [2009-06-25 712704]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-08-18 1447168]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2009-9-2 376832]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 -c--a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-02-06 16:50 3885408 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [18.8.2008 14:27 34312]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [21.12.2007 9:21 468224]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [28.8.2009 8:40 38912]
R3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [2.9.2009 13:32 1015424]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.1.2010 18:52 691696]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15.12.2009 0:07 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2.9.2009 13:29 1684736]
S3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [28.8.2009 8:40 39040]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-05-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cab746d10b4190.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 22:07]

2010-05-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cab746d1198fac.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-14 22:07]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-snp2uvc - c:\windows\vsnp2uvc.exe



**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************
.
Completion time: 2010-05-22 21:27:43
ComboFix-quarantined-files.txt 2010-05-22 19:27

Pre-Run: 10 084 929 536 bytes free
Post-Run: 15 adresárov, 12 049 784 832 voľných bajtov

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 42B8A43B6D41E3227418C1D6AF61FCE8

Re: prosim o kontrolu logu...pomale PC

Napsal: 22 kvě 2010 21:01
od 1danab
c:\windows\system32\drivers\uvclf.sys otestujte na VIRUSTOTALu

jednoduchý návod: po načtení stránky, kliknout na Procházet, najít cestu k výše zmíněnému souboru a kliknout na tlačítko Odeslat soubor; pokud vyskočí hláška, že soubor byl už testován, ignorujte to a proveďte sken znova; po ukončení skenu sem vložte výsledky buď zkopírováním textu nebo vložením odkazu :)

:???: pc je pořád pomalé?

Re: prosim o kontrolu logu...pomale PC

Napsal: 22 kvě 2010 21:45
od sima707
zatial posobi v poho :) len mi troska posahalo tablet..asi ho musim na novo nainstalovat
tak uz by mal byt cisty? :)

Soubor uvclf.sys přijatý 2010.05.22 20:42:48 (UTC)
Současný stav: Dokončeno
Výsledek: 0/41 (0%)
Formátované
Vytisknout výsledky
Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.23.00 2010.05.22 -
AntiVir 8.2.1.242 2010.05.21 -
Antiy-AVL 2.0.3.7 2010.05.21 -
Authentium 5.2.0.5 2010.05.22 -
Avast 4.8.1351.0 2010.05.22 -
Avast5 5.0.332.0 2010.05.22 -
AVG 9.0.0.787 2010.05.22 -
BitDefender 7.2 2010.05.22 -
CAT-QuickHeal 10.00 2010.05.21 -
ClamAV 0.96.0.3-git 2010.05.22 -
Comodo 4913 2010.05.22 -
DrWeb 5.0.2.03300 2010.05.22 -
eSafe 7.0.17.0 2010.05.20 -
eTrust-Vet 35.2.7503 2010.05.21 -
F-Prot 4.6.0.103 2010.05.22 -
F-Secure 9.0.15370.0 2010.05.22 -
Fortinet 4.1.133.0 2010.05.22 -
GData 21 2010.05.22 -
Ikarus T3.1.1.84.0 2010.05.22 -
Jiangmin 13.0.900 2010.05.22 -
Kaspersky 7.0.0.125 2010.05.22 -
McAfee 5.400.0.1158 2010.05.22 -
McAfee-GW-Edition 2010.1 2010.05.22 -
Microsoft 1.5802 2010.05.22 -
NOD32 5137 2010.05.22 -
Norman 6.04.12 2010.05.22 -
nProtect 2010-05-22.01 2010.05.22 -
Panda 10.0.2.7 2010.05.22 -
PCTools 7.0.3.5 2010.05.22 -
Prevx 3.0 2010.05.22 -
Rising 22.48.05.04 2010.05.22 -
Sophos 4.53.0 2010.05.22 -
Sunbelt 6340 2010.05.22 -
Symantec 20101.1.0.89 2010.05.22 -
TheHacker 6.5.2.0.285 2010.05.22 -
TrendMicro 9.120.0.1004 2010.05.22 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.22 -
VBA32 3.12.12.5 2010.05.22 -
ViRobot 2010.5.20.2326 2010.05.22 -
VirusBuster 5.0.27.0 2010.05.22 -
Rozšiřující informace
File size: 39040 bytes
MD5...: c019889035cdc1a06f2febc93cbb6897
SHA1..: 9484102d16ba462b6c8bd78b7b1b229eb54f54dc
SHA256: 370faa64e035967220c0873eb7bdd79a18365dc321fd769b2865bb21cc941a8f
ssdeep: 384:RFDAZO8BsP+w7ozxsSEavyLBqD06mHUGnAbY5JgPiPZo0hcTrRSSbu1:faOK
nxbE8A406FsS6hcTlxbu
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x8785
timedatestamp.....: 0x49236a17 (Wed Nov 19 01:21:27 2008)
machinetype.......: 0x14c (I386)

( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
init 0x500 0x3a2 0x400 5.39 b2298c937d6b613cac6840d8f47fa1a7
page 0x900 0x142 0x180 5.14 26bc49d7473717a5c0ba7383cd9de57f
.text 0xa80 0x48b8 0x4900 6.40 c22985d0fdfcf9ab3cf86a17c3404720
.rdata 0x5380 0x1f8 0x200 3.94 325e2b1f5204de68ea664839621043db
.data 0x5580 0x318c 0x3200 0.69 561206d3f8d451368712a5804aad6f4a
INIT 0x8780 0x752 0x780 5.23 4649b33d8712d70c9468c621abcc1e63
.rsrc 0x8f00 0x428 0x480 3.07 dbc75d7eaf4ca919992c73a689c00126
.reloc 0x9380 0x4aa 0x500 4.58 1f6a12895fc5472150e8eb80e6f87e39

( 4 imports )
> NTOSKRNL.EXE: ExAllocatePoolWithTag, IoDeleteDevice, IoCreateSymbolicLink, IoInitializeRemoveLockEx, IoCreateDevice, RtlInitUnicodeString, memset, RtlQueryRegistryValues, memmove, ExFreePoolWithTag, RtlCopyUnicodeString, ObfDereferenceObject, RtlFreeUnicodeString, RtlAnsiStringToUnicodeString, RtlInitAnsiString, IoReleaseRemoveLockEx, IoAcquireRemoveLockEx, KeSetEvent, IofCallDriver, IoBuildDeviceIoControlRequest, KeInitializeEvent, KeWaitForSingleObject, IoIsWdmVersionAvailable, KeDelayExecutionThread, IoAttachDeviceToDeviceStack, KeInitializeMutex, IofCompleteRequest, PoCallDriver, PoStartNextPowerIrp, IoDeleteSymbolicLink, IoReleaseRemoveLockAndWaitEx, IoDetachDevice, PsTerminateSystemThread, ZwClose, DbgPrint, IoOpenDeviceRegistryKey, PsCreateSystemThread, KeClearEvent, IoFreeWorkItem, memcpy, IoQueueWorkItem, IoAllocateWorkItem, strchr, ZwReadFile, ZwCreateFile, KeReleaseMutex, KeSetTimer, KeInitializeTimerEx, KeCancelTimer, IoCancelIrp, KeReadStateEvent, PoRequestPowerIrp, KeSetPriorityThread, KeGetCurrentThread, IoAllocateIrp, ObReferenceObjectByHandle, ZwCreateKey, ZwQueryValueKey, KeTickCount, KeBugCheckEx, RtlAppendUnicodeToString, RtlUnwind
> HAL.DLL: KeGetCurrentIrql
> USBD.SYS: USBD_ParseConfigurationDescriptorEx
> ntoskrnl.exe: _vsnwprintf, IoDriverObjectType, ObReferenceObjectByName

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win16/32 Executable Delphi generic (25.4%)
Clipper DOS Executable (24.8%)
Generic Win/DOS Executable (24.6%)
DOS Executable Generic (24.6%)
VXD Driver (0.3%)
sigcheck:
publisher....: GenesysLogic Technologies, Inc.
copyright....: GenesysLogic Technologies, Inc. All rights reserved.
product......: USB video filter driver
description..: uvclf.sys
original name: uvclf.sys
internal name: uvclf
file version.: 1.20081030
comments.....: .
signers......: -
signing date.: -
verified.....: Unsigned

Re: prosim o kontrolu logu...pomale PC

Napsal: 22 kvě 2010 21:52
od 1danab
už by to mělo být ok :wink:

Re: prosim o kontrolu logu...pomale PC

Napsal: 24 kvě 2010 13:22
od sima707
zdravim :) mohli by sme sa mi na to pozriet este raz? lebo ako som nainstalovala aktualizacie je na tom hadam horsie ako predtym
DAKUJEM

Logfile of random's system information tool 1.07 (written by random/random)
Run by Dagmar at 2010-05-24 14:21:34
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 10 GB (14%) free of 74 GB
Total RAM: 1015 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:21:59, on 24.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Dagmar\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Dagmar.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2269050
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: DVDVideoSoft Toolbar - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files\DVDVideoSoft\tbDVDV.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [LiveUpdate] C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: SuperHybridEngine.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 8850 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cab746d10b4190.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1cab746d1198fac.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
DVDVideoSoft Toolbar - C:\Program Files\DVDVideoSoft\tbDVDV.dll [2010-03-09 2355224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - DVDVideoSoft Toolbar - C:\Program Files\DVDVideoSoft\tbDVDV.dll [2010-03-09 2355224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-04-27 17881088]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2009-04-16 630784]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2009-03-13 98304]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2009-04-16 118784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-04-09 1512744]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-04-09 79144]
"LiveUpdate"=C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [2009-06-25 712704]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-08-18 1447168]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-04-28 142120]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-02-22 26101032]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58ad31ad-f4a6-11de-b39d-0025d39019cf}]
shell\AutoRun\command - MILAN\\\\\\\\\\BALKAN.exe
shell\explore\command - MILAN\\\\\\\\\\\\BALKAN.exe
shell\open\command - MILAN\\\\\\\\\\\\BALKAN.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd9f74ba-f611-11de-b3a0-0025d39019cf}]
shell\AutoRun\command - MILAN\\\\\\\\\\BALKAN.exe
shell\explore\command - MILAN\\\\\\\\\\\\BALKAN.exe
shell\open\command - MILAN\\\\\\\\\\\\BALKAN.exe


======List of files/folders created in the last 1 months======

2010-05-24 10:44:02 ----SHD---- C:\RECYCLER
2010-05-23 01:52:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-05-23 01:48:51 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-05-23 01:48:36 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-05-23 01:48:04 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-05-23 01:47:52 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-05-23 01:47:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-05-23 01:47:18 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-05-23 01:47:07 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-05-23 01:46:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-05-23 01:46:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-05-23 01:46:15 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-05-23 01:45:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-05-23 01:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-05-23 01:43:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-05-23 01:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-05-23 01:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-05-23 01:43:16 ----D---- C:\Program Files\MSXML 4.0
2010-05-23 01:43:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-05-22 21:34:53 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-05-22 21:27:47 ----D---- C:\WINDOWS\temp
2010-05-22 21:27:44 ----A---- C:\ComboFix.txt
2010-05-22 21:17:50 ----A---- C:\Boot.bak
2010-05-22 21:17:42 ----RASHD---- C:\cmdcons
2010-05-22 21:13:49 ----A---- C:\WINDOWS\MBR.exe
2010-05-22 21:13:47 ----A---- C:\WINDOWS\NIRCMD.exe
2010-05-22 21:13:41 ----A---- C:\WINDOWS\PEV.exe
2010-05-22 21:13:39 ----A---- C:\WINDOWS\SWREG.exe
2010-05-22 21:13:38 ----A---- C:\WINDOWS\zip.exe
2010-05-22 21:13:37 ----A---- C:\WINDOWS\sed.exe
2010-05-22 21:13:37 ----A---- C:\WINDOWS\grep.exe
2010-05-22 21:13:35 ----A---- C:\WINDOWS\SWSC.exe
2010-05-22 21:13:34 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-05-22 21:13:22 ----D---- C:\WINDOWS\ERDNT
2010-05-22 21:11:04 ----D---- C:\ComboFix
2010-05-22 21:09:02 ----D---- C:\Qoobox
2010-05-22 17:09:14 ----D---- C:\Program Files\trend micro
2010-05-22 17:09:13 ----D---- C:\rsit
2010-05-17 22:29:07 ----D---- C:\Documents and Settings\Dagmar\Application Data\HPAppData
2010-05-13 18:01:54 ----D---- C:\Documents and Settings\All Users\Application Data\Visan
2010-05-13 17:58:46 ----D---- C:\Documents and Settings\Dagmar\Application Data\HP
2010-05-13 17:58:46 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG
2010-05-13 17:56:47 ----A---- C:\WINDOWS\system32\hpf3l70v.dll
2010-05-13 17:55:55 ----D---- C:\WINDOWS\Cache
2010-05-13 17:55:51 ----D---- C:\Program Files\Coupons
2010-05-13 17:55:30 ----D---- C:\Program Files\HP Photo Creations
2010-05-13 17:55:30 ----D---- C:\Documents and Settings\All Users\Application Data\HP Photo Creations
2010-05-13 17:55:15 ----D---- C:\Documents and Settings\Dagmar\Application Data\HpUpdate
2010-05-13 17:53:39 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2010-05-13 17:52:02 ----D---- C:\Program Files\Common Files\HP
2010-05-13 17:51:40 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2010-05-13 17:51:10 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2010-05-13 17:50:24 ----A---- C:\WINDOWS\system32\hppldcoi.dll
2010-05-13 17:50:24 ----A---- C:\WINDOWS\system32\hposwia_d02c.dll
2010-05-13 17:50:24 ----A---- C:\WINDOWS\system32\hpost_d02c.dll
2010-05-13 17:50:24 ----A---- C:\WINDOWS\system32\hposc_d02a.dll
2010-05-13 17:50:02 ----A---- C:\WINDOWS\system32\hpzids01.dll
2010-05-13 17:49:36 ----D---- C:\Program Files\HP
2010-05-13 17:48:59 ----D---- C:\Config.Msi
2010-05-13 12:45:58 ----D---- C:\Atlas
2010-05-13 12:36:39 ----D---- C:\Program Files\PowerISO
2010-05-10 21:13:38 ----A---- C:\WINDOWS\unvise32.exe
2010-05-10 21:12:18 ----D---- C:\Program Files\Mplayer
2010-05-10 21:11:07 ----D---- C:\Program Files\Quake III Arena
2010-05-10 21:10:34 ----A---- C:\WINDOWS\IsUninst.exe
2010-05-10 21:10:17 ----A---- C:\WINDOWS\QIII.INI
2010-05-10 15:43:40 ----D---- C:\Program Files\iPod
2010-05-10 15:28:24 ----D---- C:\Program Files\Bonjour
2010-05-05 15:04:28 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-05-05 15:04:28 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-05-05 15:04:21 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-05-05 15:04:21 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-05-05 15:04:20 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-05-05 15:04:19 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-05-05 15:04:19 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-05-05 15:04:18 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-05-05 15:04:16 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-05-03 23:36:59 ----D---- C:\Program Files\AVCWare
2010-05-03 23:34:38 ----D---- C:\Documents and Settings\Dagmar\Application Data\ImTOO Software Studio
2010-05-03 23:33:48 ----D---- C:\Program Files\ImTOO
2010-05-03 22:47:34 ----D---- C:\Documents and Settings\Dagmar\Application Data\Acoustica
2010-05-03 22:44:52 ----A---- C:\WINDOWS\system32\Wnaspint.dll
2010-05-03 22:44:47 ----D---- C:\Program Files\Acoustica Shared Effects
2010-05-03 22:43:48 ----D---- C:\Program Files\VST
2010-05-03 22:43:48 ----D---- C:\Documents and Settings\All Users\Application Data\Acoustica
2010-05-03 22:43:45 ----D---- C:\Program Files\Acoustica Mixcraft 4
2010-05-03 21:31:39 ----D---- C:\Program Files\Acoustica Mixcraft 5
2010-05-03 21:15:47 ----D---- C:\DVDVideoSoft
2010-05-03 21:10:00 ----D---- C:\Program Files\Conduit
2010-05-03 21:07:16 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-05-03 21:07:13 ----D---- C:\Program Files\DVDVideoSoft
2010-05-03 18:32:10 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-05-03 18:31:56 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-05-03 18:31:51 ----D---- C:\Program Files\Xvid
2010-05-03 18:31:15 ----D---- C:\Program Files\FDRLab

======List of files/folders modified in the last 1 months======

2010-05-24 14:21:42 ----D---- C:\WINDOWS\Prefetch
2010-05-24 14:19:56 ----D---- C:\Documents and Settings\Dagmar\Application Data\Skype
2010-05-24 11:11:58 ----D---- C:\WINDOWS\system32
2010-05-24 11:11:57 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-24 11:08:15 ----D---- C:\Documents and Settings\Dagmar\Application Data\skypePM
2010-05-24 11:06:11 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-23 22:45:14 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-23 12:32:43 ----D---- C:\Documents and Settings\Dagmar\Application Data\uTorrent
2010-05-23 01:55:51 ----D---- C:\WINDOWS
2010-05-23 01:52:50 ----HD---- C:\WINDOWS\inf
2010-05-23 01:52:46 ----HD---- C:\WINDOWS\$hf_mig$
2010-05-23 01:48:55 ----A---- C:\WINDOWS\imsins.BAK
2010-05-23 01:48:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-05-23 01:48:53 ----D---- C:\WINDOWS\system32\drivers
2010-05-23 01:46:47 ----D---- C:\Program Files\Movie Maker
2010-05-23 01:44:38 ----D---- C:\Program Files\Internet Explorer
2010-05-23 01:43:59 ----D---- C:\Program Files\Outlook Express
2010-05-23 01:43:25 ----SHD---- C:\WINDOWS\Installer
2010-05-23 01:43:25 ----D---- C:\WINDOWS\WinSxS
2010-05-23 01:43:16 ----RD---- C:\Program Files
2010-05-22 21:25:53 ----A---- C:\WINDOWS\system.ini
2010-05-22 21:21:29 ----D---- C:\WINDOWS\AppPatch
2010-05-22 21:21:26 ----D---- C:\Program Files\Common Files
2010-05-22 21:17:50 ----RASH---- C:\boot.ini
2010-05-13 17:58:14 ----A---- C:\WINDOWS\win.ini
2010-05-13 17:56:36 ----D---- C:\WINDOWS\twain_32
2010-05-13 17:53:58 ----RSD---- C:\WINDOWS\Fonts
2010-05-13 17:50:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-05-13 13:19:28 ----D---- C:\Documents and Settings\Dagmar\Application Data\U3
2010-05-11 15:04:39 ----D---- C:\Program Files\Google
2010-05-10 15:46:13 ----D---- C:\Program Files\iTunes
2010-05-10 15:43:35 ----D---- C:\Program Files\Common Files\Apple
2010-05-10 15:30:30 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-05-05 22:52:23 ----HD---- C:\Program Files\InstallShield Installation Information
2010-05-05 15:39:00 ----D---- C:\WINDOWS\system32\DirectX
2010-05-05 15:38:59 ----RSD---- C:\WINDOWS\assembly
2010-05-05 15:04:23 ----D---- C:\WINDOWS\Microsoft.NET
2010-05-01 18:49:18 ----D---- C:\Diablo II
2010-04-30 11:51:08 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-08-18 53256]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-08-18 34312]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-08-18 39944]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-29 49920]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-29 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-29 21568]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-04-27 5074944]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-03-02 38912]
R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2009-07-10 1015424]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2009-03-13 1759616]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-04-09 208816]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-10-16 41472]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-03-13 1528928]
S3 aualpok3;aualpok3; C:\WINDOWS\system32\drivers\aualpok3.sys []
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\Dagmar\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB µo°T¸Ë¸m (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 uvclf;uvclf; C:\WINDOWS\system32\DRIVERS\uvclf.sys [2008-11-19 39040]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 atapi;atapi; C:\WINDOWS\system32\drivers\atapi.sys [2008-04-14 96512]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-04-16 144672]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-04-08 345376]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-04-28 545576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-15 135664]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-08-18 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Bezpečnosť rodiny v službe Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: prosim o kontrolu logu...pomale PC

Napsal: 24 kvě 2010 16:52
od 1danab
otevřete si Poznámkový blok, do kterého zkopírujte obsah tohoto skriptu
REGEDIT4

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58ad31ad-f4a6-11de-b39d-0025d39019cf}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd9f74ba-f611-11de-b3a0-0025d39019cf}]
potom si výsledný soubor uložte jako např. uprava.reg (jako typ souboru zvolte při ukládání Všechny soubory) a dvojitým poklikáním spusťte, případné hlášky o úpravě registru potvrďte

:arrow: ještě můžete zkusit pročistit pc
- bud rucne v Tempech a Temporary Internet Files
- nebo pomoci Ccleaneru

navod prosty:

polozka Cleaner - zde vycistite stroj od nepotrebnych souboru vcetne vysypani Kose a vymazu docasnych souboru prohlizecu vcetne Cookies
polozka Issues - zde vycistite registry; pred aplikaci doporucuji jejich zalohu, kterou Ccleaner pred Fix Registry nabizi; cisteni registru je treba nekolikrat za sebou zopakovat!
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz