log RSIT
Napsal: 26 led 2011 17:40
Logfile of random's system information tool 1.08 (written by random/random)
Run by michal at 2011-01-26 17:36:40
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 52 GB (28%) free of 187 GB
Total RAM: 2047 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:36:48, on 26. 1. 2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Game Booster\gbtray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
D:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\michal\Videos\Downloads\RSIT.exe
C:\Program Files\trend micro\michal.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [hpqSRMon] D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [{6D5A3F68-EEBC-C82D-D121-4B7F78C5A724}] \
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: CacheBoost Performance Optimizer and Tuner Service (CacheBoost Service) - Systweak Inc - C:\Program Files\Systweak\Systweak CacheBoost\cbsrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: eRecovery Service (eRecoveryService) - Unknown owner - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 6330 bytes
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\Crysis Wars(R) Updates.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2552291509-578217736-3520049274-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2552291509-578217736-3520049274-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-10-01 718688]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"hpqSRMon"=D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"{6D5A3F68-EEBC-C82D-D121-4B7F78C5A724}"=\ []
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
D:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CacheBoost]
C:\Program Files\Systweak\Systweak CacheBoost\trayicon.exe [2008-03-09 74480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\michal\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-25 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-12-20 443728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files\Pando Networks\Media Booster\PMB.exe [2010-09-14 2969496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\steam.exe [2010-11-17 1242448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
D:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"ShutdownWithoutLogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveTrack"=1
"NoFileAssociate"=0
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2011-01-24 15:05:09 ----A---- C:\Windows\AutoKMS.ini
2011-01-20 13:30:39 ----D---- C:\Program Files\Cenega Czech
2011-01-16 19:18:44 ----D---- C:\Programme
2011-01-15 10:36:13 ----A---- C:\Windows\didakta.ini
2011-01-15 10:36:12 ----A---- C:\Windows\system32\VB6STKIT.DLL
2011-01-09 16:16:27 ----A---- C:\Settings.ini
2011-01-08 20:25:05 ----D---- C:\Program Files\Common Files\Microsoft Games
2011-01-07 20:24:36 ----D---- C:\Users\michal\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
2011-01-06 21:00:08 ----D---- C:\Users\michal\AppData\Roaming\My Battle for Middle-earth(tm) II Files
2011-01-02 17:19:56 ----D---- C:\Program Files\Common Files\Blizzard Entertainment.086b2e6f.temp
2011-01-01 15:45:21 ----A---- C:\Windows\system32\pbsvc_bc2.exe
2010-12-29 21:24:30 ----ASH---- C:\hiberfil.sys
2010-12-29 21:12:46 ----A---- C:\Windows\system32\OpenCL.dll
2010-12-29 21:12:46 ----A---- C:\Windows\system32\nvwgf2um.dll
2010-12-29 21:12:46 ----A---- C:\Windows\system32\nvoglv32.dll
2010-12-29 21:12:46 ----A---- C:\Windows\system32\nvgenco322030.dll
2010-12-29 21:12:46 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-12-29 21:12:45 ----A---- C:\Windows\system32\nvdispco322050.dll
2010-12-29 21:12:45 ----A---- C:\Windows\system32\nvd3dum.dll
2010-12-29 21:12:45 ----A---- C:\Windows\system32\nvcuvid.dll
2010-12-29 21:12:45 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-12-29 21:12:45 ----A---- C:\Windows\system32\nvcuda.dll
2010-12-29 21:12:44 ----A---- C:\Windows\system32\nvcompiler.dll
2010-12-29 21:12:43 ----A---- C:\Windows\system32\nvapi.dll
2010-12-27 18:45:12 ----D---- C:\Program Files\Microsoft Synchronization Services
2010-12-27 18:45:10 ----D---- C:\Program Files\Common Files\DESIGNER
2010-12-27 18:44:36 ----D---- C:\Program Files\Microsoft Sync Framework
2010-12-27 18:44:36 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-12-27 18:43:02 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-12-27 18:40:54 ----D---- C:\Windows\SHELLNEW
2010-12-27 18:40:48 ----D---- C:\Program Files\Microsoft Analysis Services
======List of files/folders modified in the last 1 months======
2011-01-26 17:36:45 ----D---- C:\Program Files\Trend Micro
2011-01-26 17:36:42 ----D---- C:\Windows\Temp
2011-01-26 17:30:20 ----D---- C:\Users\michal\AppData\Roaming\Skype
2011-01-26 16:45:18 ----D---- C:\Windows\System32
2011-01-26 16:45:13 ----A---- C:\Windows\system32\PnkBstrB.exe
2011-01-26 16:38:40 ----D---- C:\Users\michal\AppData\Roaming\skypePM
2011-01-26 16:21:24 ----D---- C:\Windows\Prefetch
2011-01-26 14:49:30 ----D---- C:\Program Files\Common Files\Steam
2011-01-26 14:49:25 ----D---- C:\Program Files\Steam
2011-01-26 14:35:41 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 7
2011-01-26 14:06:56 ----AD---- C:\ProgramData\TEMP
2011-01-26 14:06:52 ----D---- C:\ProgramData\NVIDIA
2011-01-25 19:40:20 ----D---- C:\Windows
2011-01-25 16:38:40 ----D---- C:\Users\michal\AppData\Roaming\Dark Sector
2011-01-24 17:13:31 ----SHD---- C:\System Volume Information
2011-01-24 16:59:50 ----D---- C:\Windows\system32\drivers
2011-01-24 15:05:09 ----D---- C:\Windows\Tasks
2011-01-24 15:05:09 ----D---- C:\Windows\system32\Tasks
2011-01-22 13:17:17 ----D---- C:\Users\michal\AppData\Roaming\Hamachi
2011-01-20 13:31:05 ----D---- C:\Windows\inf
2011-01-20 13:31:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-20 13:30:39 ----D---- C:\Program Files
2011-01-19 18:22:20 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 6
2011-01-16 19:38:28 ----D---- C:\ProgramData\Electronic Arts
2011-01-16 18:40:02 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-01-16 18:31:24 ----RSD---- C:\Windows\assembly
2011-01-16 18:18:41 ----SHD---- C:\Windows\Installer
2011-01-16 18:18:41 ----SHD---- C:\Config.Msi
2011-01-16 18:10:57 ----D---- C:\Program Files\Electronic Arts
2011-01-15 16:30:55 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-15 15:48:38 ----D---- C:\Users\michal\AppData\Roaming\vlc
2011-01-14 17:32:54 ----SD---- C:\Users\michal\AppData\Roaming\Microsoft
2011-01-14 15:25:31 ----D---- C:\Program Files\EA Games
2011-01-11 20:11:56 ----A---- C:\Windows\system32\PnkBstrA.exe
2011-01-08 20:25:05 ----D---- C:\Program Files\Common Files
2011-01-07 20:20:10 ----D---- C:\Windows\system32\catroot2
2011-01-07 16:26:19 ----D---- C:\ProgramData\Microsoft Help
2011-01-04 17:29:59 ----D---- C:\Windows\Minidump
2010-12-29 21:36:48 ----SD---- C:\Windows\Downloaded Program Files
2010-12-29 21:22:40 ----D---- C:\Program Files\NVIDIA Corporation
2010-12-29 21:20:20 ----D---- C:\Windows\Help
2010-12-29 21:18:48 ----D---- C:\Windows\system32\catroot
2010-12-29 21:02:22 ----D---- C:\ProgramData
2010-12-28 08:02:37 ----D---- C:\Windows\Microsoft.NET
2010-12-27 18:46:27 ----RSD---- C:\Windows\Fonts
2010-12-27 18:46:17 ----D---- C:\Program Files\Common Files\microsoft shared
2010-12-27 18:46:04 ----D---- C:\Program Files\MSBuild
2010-12-27 18:44:36 ----SD---- C:\ProgramData\Microsoft
2010-12-27 18:42:05 ----A---- C:\Windows\win.ini
2010-12-27 18:41:52 ----D---- C:\Program Files\Common Files\System
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvstor32;nvstor32; C:\Windows\system32\drivers\nvstor32.sys [2007-01-27 101160]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-17 691696]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [2010-05-12 95024]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-06-20 271360]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-06-20 18048]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-11-02 25280]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-05-03 6144]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-10-22 10084360]
R3 Ph3xIB32;Philips 713x VU PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-09-10 62424]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-09 194560]
S2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 arj55eep;arj55eep; C:\Windows\system32\drivers\arj55eep.sys []
S3 catchme;catchme; \??\C:\Users\michal\AppData\Local\Temp\catchme.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-18 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-18 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-18 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 600680]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-01-11 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 CacheBoost Service;CacheBoost Performance Optimizer and Tuner Service; C:\Program Files\Systweak\Systweak CacheBoost\cbsrv.exe [2008-03-09 187120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-29 31048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-01-13 407336]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
prosím o kontrolu
Run by michal at 2011-01-26 17:36:40
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 52 GB (28%) free of 187 GB
Total RAM: 2047 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:36:48, on 26. 1. 2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Game Booster\gbtray.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
D:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\michal\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\michal\Videos\Downloads\RSIT.exe
C:\Program Files\trend micro\michal.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [hpqSRMon] D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [{6D5A3F68-EEBC-C82D-D121-4B7F78C5A724}] \
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: CacheBoost Performance Optimizer and Tuner Service (CacheBoost Service) - Systweak Inc - C:\Program Files\Systweak\Systweak CacheBoost\cbsrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: eRecovery Service (eRecoveryService) - Unknown owner - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 6330 bytes
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\Crysis Wars(R) Updates.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2552291509-578217736-3520049274-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2552291509-578217736-3520049274-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-10-01 718688]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"hpqSRMon"=D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"{6D5A3F68-EEBC-C82D-D121-4B7F78C5A724}"=\ []
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
D:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CacheBoost]
C:\Program Files\Systweak\Systweak CacheBoost\trayicon.exe [2008-03-09 74480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\michal\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-25 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
D:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-12-20 963976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-12-20 443728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster]
C:\Program Files\Pando Networks\Media Booster\PMB.exe [2010-09-14 2969496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\steam.exe [2010-11-17 1242448]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
D:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"ShutdownWithoutLogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveTrack"=1
"NoFileAssociate"=0
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2011-01-24 15:05:09 ----A---- C:\Windows\AutoKMS.ini
2011-01-20 13:30:39 ----D---- C:\Program Files\Cenega Czech
2011-01-16 19:18:44 ----D---- C:\Programme
2011-01-15 10:36:13 ----A---- C:\Windows\didakta.ini
2011-01-15 10:36:12 ----A---- C:\Windows\system32\VB6STKIT.DLL
2011-01-09 16:16:27 ----A---- C:\Settings.ini
2011-01-08 20:25:05 ----D---- C:\Program Files\Common Files\Microsoft Games
2011-01-07 20:24:36 ----D---- C:\Users\michal\AppData\Roaming\My The Lord of the Rings, The Rise of the Witch-king Files
2011-01-06 21:00:08 ----D---- C:\Users\michal\AppData\Roaming\My Battle for Middle-earth(tm) II Files
2011-01-02 17:19:56 ----D---- C:\Program Files\Common Files\Blizzard Entertainment.086b2e6f.temp
2011-01-01 15:45:21 ----A---- C:\Windows\system32\pbsvc_bc2.exe
2010-12-29 21:24:30 ----ASH---- C:\hiberfil.sys
2010-12-29 21:12:46 ----A---- C:\Windows\system32\OpenCL.dll
2010-12-29 21:12:46 ----A---- C:\Windows\system32\nvwgf2um.dll
2010-12-29 21:12:46 ----A---- C:\Windows\system32\nvoglv32.dll
2010-12-29 21:12:46 ----A---- C:\Windows\system32\nvgenco322030.dll
2010-12-29 21:12:46 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2010-12-29 21:12:45 ----A---- C:\Windows\system32\nvdispco322050.dll
2010-12-29 21:12:45 ----A---- C:\Windows\system32\nvd3dum.dll
2010-12-29 21:12:45 ----A---- C:\Windows\system32\nvcuvid.dll
2010-12-29 21:12:45 ----A---- C:\Windows\system32\nvcuvenc.dll
2010-12-29 21:12:45 ----A---- C:\Windows\system32\nvcuda.dll
2010-12-29 21:12:44 ----A---- C:\Windows\system32\nvcompiler.dll
2010-12-29 21:12:43 ----A---- C:\Windows\system32\nvapi.dll
2010-12-27 18:45:12 ----D---- C:\Program Files\Microsoft Synchronization Services
2010-12-27 18:45:10 ----D---- C:\Program Files\Common Files\DESIGNER
2010-12-27 18:44:36 ----D---- C:\Program Files\Microsoft Sync Framework
2010-12-27 18:44:36 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-12-27 18:43:02 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-12-27 18:40:54 ----D---- C:\Windows\SHELLNEW
2010-12-27 18:40:48 ----D---- C:\Program Files\Microsoft Analysis Services
======List of files/folders modified in the last 1 months======
2011-01-26 17:36:45 ----D---- C:\Program Files\Trend Micro
2011-01-26 17:36:42 ----D---- C:\Windows\Temp
2011-01-26 17:30:20 ----D---- C:\Users\michal\AppData\Roaming\Skype
2011-01-26 16:45:18 ----D---- C:\Windows\System32
2011-01-26 16:45:13 ----A---- C:\Windows\system32\PnkBstrB.exe
2011-01-26 16:38:40 ----D---- C:\Users\michal\AppData\Roaming\skypePM
2011-01-26 16:21:24 ----D---- C:\Windows\Prefetch
2011-01-26 14:49:30 ----D---- C:\Program Files\Common Files\Steam
2011-01-26 14:49:25 ----D---- C:\Program Files\Steam
2011-01-26 14:35:41 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 7
2011-01-26 14:06:56 ----AD---- C:\ProgramData\TEMP
2011-01-26 14:06:52 ----D---- C:\ProgramData\NVIDIA
2011-01-25 19:40:20 ----D---- C:\Windows
2011-01-25 16:38:40 ----D---- C:\Users\michal\AppData\Roaming\Dark Sector
2011-01-24 17:13:31 ----SHD---- C:\System Volume Information
2011-01-24 16:59:50 ----D---- C:\Windows\system32\drivers
2011-01-24 15:05:09 ----D---- C:\Windows\Tasks
2011-01-24 15:05:09 ----D---- C:\Windows\system32\Tasks
2011-01-22 13:17:17 ----D---- C:\Users\michal\AppData\Roaming\Hamachi
2011-01-20 13:31:05 ----D---- C:\Windows\inf
2011-01-20 13:31:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-20 13:30:39 ----D---- C:\Program Files
2011-01-19 18:22:20 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 6
2011-01-16 19:38:28 ----D---- C:\ProgramData\Electronic Arts
2011-01-16 18:40:02 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-01-16 18:31:24 ----RSD---- C:\Windows\assembly
2011-01-16 18:18:41 ----SHD---- C:\Windows\Installer
2011-01-16 18:18:41 ----SHD---- C:\Config.Msi
2011-01-16 18:10:57 ----D---- C:\Program Files\Electronic Arts
2011-01-15 16:30:55 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-15 15:48:38 ----D---- C:\Users\michal\AppData\Roaming\vlc
2011-01-14 17:32:54 ----SD---- C:\Users\michal\AppData\Roaming\Microsoft
2011-01-14 15:25:31 ----D---- C:\Program Files\EA Games
2011-01-11 20:11:56 ----A---- C:\Windows\system32\PnkBstrA.exe
2011-01-08 20:25:05 ----D---- C:\Program Files\Common Files
2011-01-07 20:20:10 ----D---- C:\Windows\system32\catroot2
2011-01-07 16:26:19 ----D---- C:\ProgramData\Microsoft Help
2011-01-04 17:29:59 ----D---- C:\Windows\Minidump
2010-12-29 21:36:48 ----SD---- C:\Windows\Downloaded Program Files
2010-12-29 21:22:40 ----D---- C:\Program Files\NVIDIA Corporation
2010-12-29 21:20:20 ----D---- C:\Windows\Help
2010-12-29 21:18:48 ----D---- C:\Windows\system32\catroot
2010-12-29 21:02:22 ----D---- C:\ProgramData
2010-12-28 08:02:37 ----D---- C:\Windows\Microsoft.NET
2010-12-27 18:46:27 ----RSD---- C:\Windows\Fonts
2010-12-27 18:46:17 ----D---- C:\Program Files\Common Files\microsoft shared
2010-12-27 18:46:04 ----D---- C:\Program Files\MSBuild
2010-12-27 18:44:36 ----SD---- C:\ProgramData\Microsoft
2010-12-27 18:42:05 ----A---- C:\Windows\win.ini
2010-12-27 18:41:52 ----D---- C:\Program Files\Common Files\System
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 nvstor32;nvstor32; C:\Windows\system32\drivers\nvstor32.sys [2007-01-27 101160]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-03-17 691696]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [2010-05-12 95024]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-06-20 271360]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-06-20 18048]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-11-02 25280]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2007-05-03 6144]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-10-22 10084360]
R3 Ph3xIB32;Philips 713x VU PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-09-10 62424]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-09 194560]
S2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 arj55eep;arj55eep; C:\Windows\system32\drivers\arj55eep.sys []
S3 catchme;catchme; \??\C:\Users\michal\AppData\Local\Temp\catchme.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-18 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-18 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-18 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2010-10-16 600680]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-01-11 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 CacheBoost Service;CacheBoost Performance Optimizer and Tuner Service; C:\Program Files\Systweak\Systweak CacheBoost\cbsrv.exe [2008-03-09 187120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-29 31048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; D:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-01-13 407336]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
prosím o kontrolu
Stahnete Ccleaner