KURZOR IDE POMALY
Napsal: 01 čer 2010 18:16
AHOJAHOJ
PROSIM O POMOC KURZOR IDE NIEKEDY POMALY. VYHADZOVALO MI OKNA ZE:
VISTA DEFENDER
WINDOWS SECURITY ALERT
MY COMPUTER ONLINE SCAN
VISTA DEFENDER ALERT - SECURITY HOLE DETECTED
POTOM SOM VYCISTIL ASI NIECIM A PRESTALO ALE KURZOR OD MYSKY IDE POMALY NIEKEDY A ASI NEVIEM CI TO NENI TYM ZE NECHAVAM OKNA DLHO OTVORENE A ICH NEZAVRIEM AJ NIEKOLKO DNI A POTOM IDE KURZOR POMALY A NIEKDY JE POCITAC POMALY. ASI TAM NIECO MENSIE BUDE . PROSIM O POMOC. TU JE LOG:
Logfile of random's system information tool 1.07 (written by random/random)
Run by chocholousek at 2010-06-01 12:51:47
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 431 GB (72%) free of 595 GB
Total RAM: 3838 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:51:59 PM, on 6/1/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\WINDOWS\PixArt\Pac207\Monitor.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files (x86)\IOI\ButtonMonitor.exe
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Nero\Update\NANotify.exe
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\chocholousek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJKI5WXS\RSIT[1].exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files (x86)\trend micro\chocholousek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html ... P&M=GT5694
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html ... P&M=GT5694
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html ... P&M=GT5694
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: TBSB05974 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file)
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [ButtonMonitor] C:\Program Files (x86)\IOI\ButtonMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [EPSON WorkForce 310 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFHA.EXE /FU "C:\Windows\TEMP\E_S35AF.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files (x86)\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6. ... ontrol.CAB
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 12681 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll [2010-03-23 940856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-05-25 278128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-25 814648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll [2010-03-23 160056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll [2010-03-23 940856]
{0C8413C1-FAD1-446C-8584-BE50576F863E}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-05-25 278128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"ButtonMonitor"=C:\Program Files (x86)\IOI\ButtonMonitor.exe [2008-03-16 53248]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-24 81000]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-10-03 39792]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2009-07-13 292128]
"EEventManager"=C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe [2009-01-12 669520]
"FUFAXSTM"=C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [2009-02-06 843776]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-07-03 64000]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2008-01-18 40072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 138240]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]
"EPSON WorkForce 310 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFHA.EXE [2008-11-17 223232]
"Power2GoExpress"=C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2006-11-23 2469888]
"Skype"=C:\Program Files (x86)\Skype\\Phone\Skype.exe [2010-03-09 26100520]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-04-28 39408]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BigFix.lnk - C:\Program Files\BigFix\bigfix.exe
C:\Users\chocholousek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 2.4.lnk - C:\Program Files (x86)\OpenOffice.org 2.4\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"ForceActiveDesktopOn"=
"NoActiveDesktopChanges"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f1d3531-510a-11de-8f12-001c25e843b0}]
shell\AutoRun\command - K:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8fe25bd-b368-11dd-a5a7-001c25e843b0}]
shell\AutoRun\command - J:\wd_windows_tools\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9002a02-59e0-11df-8e1f-001c25e843b0}]
shell\AutoRun\command - wscript.exe VirusCleaner.vbe
shell\open\command - wscript.exe VirusCleaner.vbe
======File associations======
.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-05-27 03:01:17 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-05-25 18:51:45 ----D---- C:\ADVENTIST_DISC
2010-05-25 18:40:05 ----D---- C:\Users\chocholousek\AppData\Roaming\Nero
2010-05-25 18:26:48 ----D---- C:\ProgramData\Nero
2010-05-25 18:25:51 ----D---- C:\Program Files (x86)\Common Files\Nero
2010-05-25 18:25:33 ----D---- C:\Program Files (x86)\Nero
2010-05-25 18:15:22 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2010-05-25 18:14:33 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2010-05-25 18:13:47 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2010-05-25 18:12:44 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2010-05-25 18:12:01 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2010-05-25 17:46:43 ----A---- C:\Windows\SysWOW64\msimsg.dll
2010-05-25 17:46:43 ----A---- C:\Windows\SysWOW64\msiexec.exe
2010-05-25 17:46:42 ----A---- C:\Windows\SysWOW64\msihnd.dll
2010-05-25 17:46:40 ----A---- C:\Windows\SysWOW64\msi.dll
2010-05-25 17:30:43 ----A---- C:\Windows\SysWOW64\tzres.dll
2010-05-24 22:47:33 ----D---- C:\Users\chocholousek\AppData\Roaming\Uniblue
2010-05-12 06:58:08 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2010-05-03 15:43:14 ----D---- C:\Program Files (x86)\Search Toolbar
======List of files/folders modified in the last 1 months======
2010-06-01 12:51:59 ----D---- C:\Windows\Prefetch
2010-06-01 12:51:57 ----D---- C:\Program Files (x86)\trend micro
2010-06-01 12:51:44 ----D---- C:\Windows\Temp
2010-06-01 12:34:40 ----D---- C:\Windows\System32
2010-06-01 12:34:40 ----D---- C:\Windows\inf
2010-06-01 03:08:24 ----SHD---- C:\System Volume Information
2010-06-01 03:02:44 ----SHD---- C:\Windows\Installer
2010-05-27 03:01:39 ----D---- C:\Windows\winsxs
2010-05-27 03:01:35 ----D---- C:\Windows\SysWOW64
2010-05-27 03:01:32 ----D---- C:\WINDOWS
2010-05-27 03:01:17 ----RD---- C:\Program Files (x86)
2010-05-26 03:02:42 ----D---- C:\Program Files (x86)\Internet Explorer
2010-05-26 03:01:17 ----D---- C:\Windows\SysWOW64\en-US
2010-05-25 18:44:36 ----D---- C:\Windows\rescache
2010-05-25 18:26:48 ----HD---- C:\ProgramData
2010-05-25 18:25:51 ----D---- C:\Program Files (x86)\Common Files
2010-05-25 18:23:00 ----D---- C:\Users\chocholousek\AppData\Roaming\OpenOffice.org2
2010-05-25 18:16:06 ----RSD---- C:\Windows\assembly
2010-05-25 18:11:37 ----D---- C:\Windows\Logs
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\zh-TW
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\uk-UA
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\tr-TR
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\th-TH
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\sv-SE
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\sr-Latn-CS
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\sl-SI
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\sk-SK
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\pt-PT
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\pt-BR
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\pl-PL
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\nl-NL
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\lv-LV
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\lt-LT
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\ko-KR
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\it-IT
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\hu-HU
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\hr-HR
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\he-IL
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\fr-FR
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\fi-FI
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\et-EE
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\es-ES
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\el-GR
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\de-DE
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\bg-BG
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\zh-CN
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\ru-RU
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\ro-RO
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\nb-NO
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\ja-JP
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\da-DK
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\cs-CZ
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\ar-SA
2010-05-25 17:54:07 ----D---- C:\Users\chocholousek\AppData\Roaming\Skype
2010-05-25 17:44:27 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-05-25 16:27:11 ----D---- C:\ProgramData\DVD Shrink
2010-05-25 16:24:08 ----D---- C:\Program Files (x86)\DVD Shrink
2010-05-25 16:03:37 ----D---- C:\Users\chocholousek\AppData\Roaming\skypePM
2010-05-25 14:33:53 ----SD---- C:\Users\chocholousek\AppData\Roaming\Microsoft
2010-05-24 23:54:26 ----D---- C:\Windows\Debug
2010-05-24 23:49:21 ----D---- C:\Program Files (x86)\CCleaner
2010-05-13 03:01:50 ----D---- C:\Program Files (x86)\Windows Mail
2010-05-03 18:00:55 ----D---- C:\ProgramData\Yahoo! Companion
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSP;avast! Self Protection; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys []
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys []
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio64.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 CAXHWBS2;CAXHWBS2; C:\Windows\system32\DRIVERS\CAXHWBS2.sys []
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys []
R3 PAC207;Webcam 1200; C:\Windows\system32\DRIVERS\PFC027.SYS []
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2008-03-16 340000]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR64.SYS []
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys []
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-24 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-24 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-12-09 17416]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2009-04-24 92008]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe []
R2 YahooAUService;Yahoo! Updater; C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-24 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-24 352920]
R3 iPod Service;iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-28 136176]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe [2008-01-29 165416]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-28 182768]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-20 19968]
-----------------EOF-----------------
PROSIM O POMOC KURZOR IDE NIEKEDY POMALY. VYHADZOVALO MI OKNA ZE:
VISTA DEFENDER
WINDOWS SECURITY ALERT
MY COMPUTER ONLINE SCAN
VISTA DEFENDER ALERT - SECURITY HOLE DETECTED
POTOM SOM VYCISTIL ASI NIECIM A PRESTALO ALE KURZOR OD MYSKY IDE POMALY NIEKEDY A ASI NEVIEM CI TO NENI TYM ZE NECHAVAM OKNA DLHO OTVORENE A ICH NEZAVRIEM AJ NIEKOLKO DNI A POTOM IDE KURZOR POMALY A NIEKDY JE POCITAC POMALY. ASI TAM NIECO MENSIE BUDE . PROSIM O POMOC. TU JE LOG:
Logfile of random's system information tool 1.07 (written by random/random)
Run by chocholousek at 2010-06-01 12:51:47
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 431 GB (72%) free of 595 GB
Total RAM: 3838 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:51:59 PM, on 6/1/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\WINDOWS\PixArt\Pac207\Monitor.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files (x86)\IOI\ButtonMonitor.exe
C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Nero\Update\NANotify.exe
C:\Program Files (x86)\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\chocholousek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LJKI5WXS\RSIT[1].exe
C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files (x86)\trend micro\chocholousek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html ... P&M=GT5694
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html ... P&M=GT5694
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html ... P&M=GT5694
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: TBSB05974 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - (no file)
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {0C8413C1-FAD1-446C-8584-BE50576F863E} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [ButtonMonitor] C:\Program Files (x86)\IOI\ButtonMonitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [EPSON WorkForce 310 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFHA.EXE /FU "C:\Windows\TEMP\E_S35AF.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files (x86)\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~2\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.com/static/m/cab/2.6. ... ontrol.CAB
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAudioService - Unknown owner - C:\Windows\system32\DRIVERS\xaudio64.exe (file missing)
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
--
End of file - 12681 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll [2010-03-23 940856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-05-25 278128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-25 814648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll [2010-03-23 160056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll [2010-03-23 940856]
{0C8413C1-FAD1-446C-8584-BE50576F863E}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-05-25 278128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"ButtonMonitor"=C:\Program Files (x86)\IOI\ButtonMonitor.exe [2008-03-16 53248]
"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-24 81000]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-10-03 39792]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2009-07-13 292128]
"EEventManager"=C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe [2009-01-12 669520]
"FUFAXSTM"=C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [2009-02-06 843776]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-07-03 64000]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2008-01-18 40072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 138240]
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2009-04-24 251240]
"EPSON WorkForce 310 Series"=C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFHA.EXE [2008-11-17 223232]
"Power2GoExpress"=C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2006-11-23 2469888]
"Skype"=C:\Program Files (x86)\Skype\\Phone\Skype.exe [2010-03-09 26100520]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-04-28 39408]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
BigFix.lnk - C:\Program Files\BigFix\bigfix.exe
C:\Users\chocholousek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 2.4.lnk - C:\Program Files (x86)\OpenOffice.org 2.4\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"ForceActiveDesktopOn"=
"NoActiveDesktopChanges"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8f1d3531-510a-11de-8f12-001c25e843b0}]
shell\AutoRun\command - K:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8fe25bd-b368-11dd-a5a7-001c25e843b0}]
shell\AutoRun\command - J:\wd_windows_tools\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9002a02-59e0-11df-8e1f-001c25e843b0}]
shell\AutoRun\command - wscript.exe VirusCleaner.vbe
shell\open\command - wscript.exe VirusCleaner.vbe
======File associations======
.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-05-27 03:01:17 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-05-25 18:51:45 ----D---- C:\ADVENTIST_DISC
2010-05-25 18:40:05 ----D---- C:\Users\chocholousek\AppData\Roaming\Nero
2010-05-25 18:26:48 ----D---- C:\ProgramData\Nero
2010-05-25 18:25:51 ----D---- C:\Program Files (x86)\Common Files\Nero
2010-05-25 18:25:33 ----D---- C:\Program Files (x86)\Nero
2010-05-25 18:15:22 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2010-05-25 18:14:33 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2010-05-25 18:13:47 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2010-05-25 18:12:44 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2010-05-25 18:12:01 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2010-05-25 17:46:43 ----A---- C:\Windows\SysWOW64\msimsg.dll
2010-05-25 17:46:43 ----A---- C:\Windows\SysWOW64\msiexec.exe
2010-05-25 17:46:42 ----A---- C:\Windows\SysWOW64\msihnd.dll
2010-05-25 17:46:40 ----A---- C:\Windows\SysWOW64\msi.dll
2010-05-25 17:30:43 ----A---- C:\Windows\SysWOW64\tzres.dll
2010-05-24 22:47:33 ----D---- C:\Users\chocholousek\AppData\Roaming\Uniblue
2010-05-12 06:58:08 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2010-05-03 15:43:14 ----D---- C:\Program Files (x86)\Search Toolbar
======List of files/folders modified in the last 1 months======
2010-06-01 12:51:59 ----D---- C:\Windows\Prefetch
2010-06-01 12:51:57 ----D---- C:\Program Files (x86)\trend micro
2010-06-01 12:51:44 ----D---- C:\Windows\Temp
2010-06-01 12:34:40 ----D---- C:\Windows\System32
2010-06-01 12:34:40 ----D---- C:\Windows\inf
2010-06-01 03:08:24 ----SHD---- C:\System Volume Information
2010-06-01 03:02:44 ----SHD---- C:\Windows\Installer
2010-05-27 03:01:39 ----D---- C:\Windows\winsxs
2010-05-27 03:01:35 ----D---- C:\Windows\SysWOW64
2010-05-27 03:01:32 ----D---- C:\WINDOWS
2010-05-27 03:01:17 ----RD---- C:\Program Files (x86)
2010-05-26 03:02:42 ----D---- C:\Program Files (x86)\Internet Explorer
2010-05-26 03:01:17 ----D---- C:\Windows\SysWOW64\en-US
2010-05-25 18:44:36 ----D---- C:\Windows\rescache
2010-05-25 18:26:48 ----HD---- C:\ProgramData
2010-05-25 18:25:51 ----D---- C:\Program Files (x86)\Common Files
2010-05-25 18:23:00 ----D---- C:\Users\chocholousek\AppData\Roaming\OpenOffice.org2
2010-05-25 18:16:06 ----RSD---- C:\Windows\assembly
2010-05-25 18:11:37 ----D---- C:\Windows\Logs
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\zh-TW
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\uk-UA
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\tr-TR
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\th-TH
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\sv-SE
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\sr-Latn-CS
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\sl-SI
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\sk-SK
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\pt-PT
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\pt-BR
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\pl-PL
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\nl-NL
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\lv-LV
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\lt-LT
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\ko-KR
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\it-IT
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\hu-HU
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\hr-HR
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\he-IL
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\fr-FR
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\fi-FI
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\et-EE
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\es-ES
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\el-GR
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\de-DE
2010-05-25 17:54:57 ----D---- C:\Windows\SysWOW64\bg-BG
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\zh-CN
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\ru-RU
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\ro-RO
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\nb-NO
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\ja-JP
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\da-DK
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\cs-CZ
2010-05-25 17:54:56 ----D---- C:\Windows\SysWOW64\ar-SA
2010-05-25 17:54:07 ----D---- C:\Users\chocholousek\AppData\Roaming\Skype
2010-05-25 17:44:27 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-05-25 16:27:11 ----D---- C:\ProgramData\DVD Shrink
2010-05-25 16:24:08 ----D---- C:\Program Files (x86)\DVD Shrink
2010-05-25 16:03:37 ----D---- C:\Users\chocholousek\AppData\Roaming\skypePM
2010-05-25 14:33:53 ----SD---- C:\Users\chocholousek\AppData\Roaming\Microsoft
2010-05-24 23:54:26 ----D---- C:\Windows\Debug
2010-05-24 23:49:21 ----D---- C:\Program Files (x86)\CCleaner
2010-05-13 03:01:50 ----D---- C:\Program Files (x86)\Windows Mail
2010-05-03 18:00:55 ----D---- C:\ProgramData\Yahoo! Companion
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\SysWOW64\drivers\aswRdr.sys []
R1 aswSP;avast! Self Protection; C:\Windows\SysWOW64\drivers\aswSP.sys []
R1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys []
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys []
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio64.sys []
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 CAXHWBS2;CAXHWBS2; C:\Windows\system32\DRIVERS\CAXHWBS2.sys []
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys []
R3 PAC207;Webcam 1200; C:\Windows\system32\DRIVERS\PFC027.SYS []
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187B.sys [2008-03-16 340000]
R3 RTSTOR;USB Mass Storage Device; C:\Windows\system32\drivers\RTSTOR64.SYS []
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\CAX_CNXT.sys []
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-24 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe []
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-24 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-12-09 17416]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2009-04-24 92008]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio64.exe []
R2 YahooAUService;Yahoo! Updater; C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-24 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-24 352920]
R3 iPod Service;iPod Service; C:\Program Files (x86)\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-04-28 136176]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe [2008-01-29 165416]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-28 182768]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-20 19968]
-----------------EOF-----------------