Prosím o preventivní kotrolu,zda se mi PC občas zasekaný
Napsal: 31 bře 2011 14:46
Logfile of random's system information tool 1.08 (written by random/random)
Run by Sabca at 2011-03-31 15:45:58
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 18 GB (23%) free of 76 GB
Total RAM: 1151 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:46:06, on 31.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sabca\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Sabca.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/sk27211/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: RailNotification - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPFFontCache_v0400.exe (file missing)
--
End of file - 5766 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1177238915-1606980848-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1177238915-1606980848-1004UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-27 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-27 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-02-27 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverScanner]
C:\Program Files\Uniblue\DriverScanner\launcher.exe delay 20000 []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWPersistentQueuedReporting]
C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [2010-02-28 519584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.4\ICQ.exe [2011-03-01 119608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-01-26 15026056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamersFirst LIVE!.lnk]
C:\PROGRA~1\GAMERS~1\LIVE!\Live.exe [2010-07-07 2805104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WINDOW~2\WINDOW~1.EXE [2010-06-23 123904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RailNotification]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2010-06-23 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2010-06-23 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2010-06-23 304128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
======List of files/folders created in the last 1 months======
2011-03-31 15:45:59 ----D---- C:\Program Files\trend micro
2011-03-31 15:45:58 ----D---- C:\rsit
2011-03-27 14:36:43 ----D---- C:\My Recorded Files
2011-03-27 14:33:00 ----D---- C:\Program Files\Zrychleni Pocitace
2011-03-27 13:14:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-03-27 13:13:45 ----D---- C:\Program Files\Pando Networks
2011-03-27 12:58:02 ----D---- C:\Program Files\GamersFirst
2011-03-27 12:19:17 ----A---- C:\War_Rock_20100927.exe
2011-03-26 19:39:53 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2011-03-26 19:39:51 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2011-03-26 19:39:22 ----D---- C:\Documents and Settings\Sabca\Data aplikací\TuneUp Software
2011-03-26 19:39:09 ----D---- C:\Program Files\TuneUp Utilities 2011
2011-03-26 19:38:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2011-03-26 19:38:33 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-03-24 21:51:50 ----D---- C:\WINDOWS\Sun
2011-03-24 08:36:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2011-03-20 09:40:44 ----D---- C:\WINDOWS\system32\Nexus Radio
2011-03-20 09:40:44 ----D---- C:\Program Files\Nexus Radio
2011-03-20 09:40:44 ----D---- C:\My Saved Files
2011-03-20 09:40:44 ----D---- C:\My Plugins
2011-03-17 23:25:57 ----D---- C:\Program Files\ICQ6Toolbar
2011-03-17 23:25:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2011-03-17 23:25:35 ----D---- C:\Documents and Settings\Sabca\Data aplikací\Mozilla
2011-03-15 21:03:22 ----D---- C:\Documents and Settings\Sabca\Data aplikací\.purple
2011-03-15 21:01:31 ----D---- C:\Program Files\Pidgin
2011-03-13 15:04:05 ----D---- C:\Program Files\Cenega Czech
2011-03-13 13:11:19 ----D---- C:\Documents and Settings\Sabca\Data aplikací\Windows Search
2011-03-13 13:10:28 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2011-03-13 13:06:01 ----D---- C:\Program Files\JoWooD
2011-03-13 12:04:45 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-03-13 12:04:25 ----D---- C:\WINDOWS\system32\AGEIA
2011-03-13 12:04:24 ----D---- C:\Program Files\AGEIA Technologies
2011-03-13 12:03:53 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-03-13 11:27:29 ----D---- C:\Program Files\Common Files\DirectX
2011-03-13 11:27:04 ----D---- C:\Program Files\Pat & Mat
2011-03-13 11:17:04 ----D---- C:\Program Files\SMBX
2011-03-13 11:03:43 ----D---- C:\Program Files\KAO the Kangaroo
2011-03-13 11:03:33 ----A---- C:\WINDOWS\IsUn0405.exe
2011-03-12 21:04:45 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2011-03-12 21:04:03 ----D---- C:\Program Files\DAEMON Tools Lite
2011-03-12 21:03:53 ----D---- C:\Documents and Settings\Sabca\Data aplikací\DAEMON Tools Lite
2011-03-12 21:03:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2011-03-12 20:53:50 ----D---- C:\Documents and Settings\Sabca\Data aplikací\Ashampoo
2011-03-12 20:53:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\ashampoo
2011-03-12 20:52:13 ----D---- C:\Program Files\Ashampoo
2011-03-12 19:59:08 ----D---- C:\Program Files\uTorrent
2011-03-08 11:12:37 ----D---- C:\Documents and Settings\Sabca\Data aplikací\WinRAR
2011-03-01 16:55:26 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2011-03-01 16:55:24 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2011-03-01 16:55:23 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2011-03-01 16:55:21 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2011-03-01 16:55:20 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2011-03-01 16:55:19 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2011-03-01 16:55:17 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2011-03-01 16:55:15 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2011-03-01 16:55:13 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011-03-01 16:55:11 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2011-03-01 16:55:07 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011-03-01 16:55:00 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-03-01 16:55:00 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2011-03-01 16:54:59 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2011-03-01 16:54:51 ----D---- C:\Program Files\Analog Devices
2011-03-01 16:54:51 ----A---- C:\WINDOWS\system32\drivers\smwdm.sys
2011-03-01 16:54:51 ----A---- C:\WINDOWS\system32\drivers\smsens.sys
2011-03-01 16:54:51 ----A---- C:\WINDOWS\system32\drivers\aeaudio.sys
2011-03-01 16:54:51 ----A---- C:\WINDOWS\system32\CleanUp.exe
2011-03-01 16:54:51 ----A---- C:\WINDOWS\system32\a3d.dll
2011-03-01 16:54:50 ----A---- C:\WINDOWS\system32\DSndUp.exe
2011-03-01 16:54:11 ----D---- C:\dell
======List of files/folders modified in the last 1 months======
2011-03-31 15:45:59 ----RD---- C:\Program Files
2011-03-31 15:40:59 ----D---- C:\WINDOWS\pss
2011-03-31 15:40:31 ----D---- C:\WINDOWS\Temp
2011-03-31 15:40:19 ----D---- C:\WINDOWS
2011-03-31 14:39:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-31 07:29:53 ----D---- C:\Documents and Settings\Sabca\Data aplikací\esmska
2011-03-30 21:13:09 ----D---- C:\Documents and Settings\Sabca\Data aplikací\Skype
2011-03-30 14:25:39 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-27 21:06:29 ----D---- C:\Documents and Settings\Sabca\Data aplikací\ICQ
2011-03-27 18:51:23 ----D---- C:\WINDOWS\system32\Adobe
2011-03-27 18:35:52 ----D---- C:\WINDOWS\system32\drivers
2011-03-27 18:04:06 ----D---- C:\WINDOWS\system32\DirectX
2011-03-27 18:04:05 ----HD---- C:\WINDOWS\inf
2011-03-27 13:19:35 ----D---- C:\WINDOWS\Microsoft.NET
2011-03-27 12:47:26 ----D---- C:\WINDOWS\system32
2011-03-27 12:47:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-03-27 12:43:15 ----D---- C:\WINDOWS\SoftwareDistribution
2011-03-27 11:30:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-03-27 11:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-03-27 11:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-03-27 11:30:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-03-27 11:30:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-03-27 11:30:32 ----D---- C:\Documents and Settings\Sabca\Data aplikací\uTorrent
2011-03-27 11:30:31 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-03-27 11:30:31 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-03-27 11:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-03-26 23:18:42 ----SHD---- C:\WINDOWS\Installer
2011-03-26 19:39:58 ----D---- C:\WINDOWS\system32\config
2011-03-25 23:25:45 ----SD---- C:\Documents and Settings\Sabca\Data aplikací\Microsoft
2011-03-25 14:01:59 ----D---- C:\WINDOWS\Prefetch
2011-03-24 19:25:56 ----D---- C:\Documents and Settings\Sabca\Data aplikací\PhotoScape
2011-03-24 08:36:30 ----HD---- C:\WINDOWS\$hf_mig$
2011-03-17 18:29:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-03-17 18:28:11 ----D---- C:\Documents and Settings\Sabca\Data aplikací\Adobe
2011-03-13 12:04:23 ----D---- C:\WINDOWS\WinSxS
2011-03-13 12:03:53 ----D---- C:\Program Files\Common Files
2011-03-12 21:09:45 ----SD---- C:\WINDOWS\Tasks
2011-03-12 21:06:37 ----D---- C:\WINDOWS\Debug
2011-03-10 14:18:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-03-10 14:18:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-10 14:16:11 ----A---- C:\WINDOWS\system32\MRT.exe
2011-03-07 09:05:52 ----D---- C:\Program Files\Esmska
2011-03-03 21:14:35 ----D---- C:\Program Files\ICQ7.4
2011-03-03 20:01:54 ----D---- C:\Documents and Settings\Sabca\Data aplikací\TeamViewer
2011-03-01 16:54:48 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-01 16:54:44 ----D---- C:\Program Files\Common Files\InstallShield
2011-03-01 14:46:45 ----D---- C:\Program Files\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-03-12 218688]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2010-06-23 62848]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-02-28 545024]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys []
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 DumpDrv;Crash Dump Driver; C:\WINDOWS\system32\drivers\DumpDrv.sys [2010-06-23 9472]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2010-06-23 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2010-06-23 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2010-06-23 133632]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-27 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-03-04 1523008]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2010-06-23 14848]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2010-06-23 14848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2010-06-23 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPFFontCache_v0400.exe []
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-06-23 14848]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2010-06-23 439808]
-----------------EOF-----------------
Run by Sabca at 2011-03-31 15:45:58
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 18 GB (23%) free of 76 GB
Total RAM: 1151 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:46:06, on 31.3.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Sabca\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Sabca.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/sk27211/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [KB976002-v5] rundll32.exe advpack.dll,LaunchINFSection OPMWXPUP.inf,BrowserChoiceGoo (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: RailNotification - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPFFontCache_v0400.exe (file missing)
--
End of file - 5766 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AutoKMS.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1177238915-1606980848-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-436374069-1177238915-1606980848-1004UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-27 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-27 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\Sabca\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-02-27 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverScanner]
C:\Program Files\Uniblue\DriverScanner\launcher.exe delay 20000 []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWPersistentQueuedReporting]
C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [2010-02-28 519584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.4\ICQ.exe [2011-03-01 119608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-01-26 15026056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamersFirst LIVE!.lnk]
C:\PROGRA~1\GAMERS~1\LIVE!\Live.exe [2010-07-07 2805104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WINDOW~2\WINDOW~1.EXE [2010-06-23 123904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RailNotification]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2010-06-23 239496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2010-06-23 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2010-06-23 304128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
======List of files/folders created in the last 1 months======
2011-03-31 15:45:59 ----D---- C:\Program Files\trend micro
2011-03-31 15:45:58 ----D---- C:\rsit
2011-03-27 14:36:43 ----D---- C:\My Recorded Files
2011-03-27 14:33:00 ----D---- C:\Program Files\Zrychleni Pocitace
2011-03-27 13:14:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-03-27 13:13:45 ----D---- C:\Program Files\Pando Networks
2011-03-27 12:58:02 ----D---- C:\Program Files\GamersFirst
2011-03-27 12:19:17 ----A---- C:\War_Rock_20100927.exe
2011-03-26 19:39:53 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2011-03-26 19:39:51 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2011-03-26 19:39:22 ----D---- C:\Documents and Settings\Sabca\Data aplikací\TuneUp Software
2011-03-26 19:39:09 ----D---- C:\Program Files\TuneUp Utilities 2011
2011-03-26 19:38:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2011-03-26 19:38:33 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-03-24 21:51:50 ----D---- C:\WINDOWS\Sun
2011-03-24 08:36:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2011-03-20 09:40:44 ----D---- C:\WINDOWS\system32\Nexus Radio
2011-03-20 09:40:44 ----D---- C:\Program Files\Nexus Radio
2011-03-20 09:40:44 ----D---- C:\My Saved Files
2011-03-20 09:40:44 ----D---- C:\My Plugins
2011-03-17 23:25:57 ----D---- C:\Program Files\ICQ6Toolbar
2011-03-17 23:25:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2011-03-17 23:25:35 ----D---- C:\Documents and Settings\Sabca\Data aplikací\Mozilla
2011-03-15 21:03:22 ----D---- C:\Documents and Settings\Sabca\Data aplikací\.purple
2011-03-15 21:01:31 ----D---- C:\Program Files\Pidgin
2011-03-13 15:04:05 ----D---- C:\Program Files\Cenega Czech
2011-03-13 13:11:19 ----D---- C:\Documents and Settings\Sabca\Data aplikací\Windows Search
2011-03-13 13:10:28 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2011-03-13 13:06:01 ----D---- C:\Program Files\JoWooD
2011-03-13 12:04:45 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-03-13 12:04:25 ----D---- C:\WINDOWS\system32\AGEIA
2011-03-13 12:04:24 ----D---- C:\Program Files\AGEIA Technologies
2011-03-13 12:03:53 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-03-13 11:27:29 ----D---- C:\Program Files\Common Files\DirectX
2011-03-13 11:27:04 ----D---- C:\Program Files\Pat & Mat
2011-03-13 11:17:04 ----D---- C:\Program Files\SMBX
2011-03-13 11:03:43 ----D---- C:\Program Files\KAO the Kangaroo
2011-03-13 11:03:33 ----A---- C:\WINDOWS\IsUn0405.exe
2011-03-12 21:04:45 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2011-03-12 21:04:03 ----D---- C:\Program Files\DAEMON Tools Lite
2011-03-12 21:03:53 ----D---- C:\Documents and Settings\Sabca\Data aplikací\DAEMON Tools Lite
2011-03-12 21:03:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2011-03-12 20:53:50 ----D---- C:\Documents and Settings\Sabca\Data aplikací\Ashampoo
2011-03-12 20:53:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\ashampoo
2011-03-12 20:52:13 ----D---- C:\Program Files\Ashampoo
2011-03-12 19:59:08 ----D---- C:\Program Files\uTorrent
2011-03-08 11:12:37 ----D---- C:\Documents and Settings\Sabca\Data aplikací\WinRAR
2011-03-01 16:55:26 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2011-03-01 16:55:24 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2011-03-01 16:55:23 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2011-03-01 16:55:21 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2011-03-01 16:55:20 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2011-03-01 16:55:19 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2011-03-01 16:55:17 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2011-03-01 16:55:15 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2011-03-01 16:55:13 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011-03-01 16:55:11 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2011-03-01 16:55:07 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011-03-01 16:55:00 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-03-01 16:55:00 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2011-03-01 16:54:59 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2011-03-01 16:54:51 ----D---- C:\Program Files\Analog Devices
2011-03-01 16:54:51 ----A---- C:\WINDOWS\system32\drivers\smwdm.sys
2011-03-01 16:54:51 ----A---- C:\WINDOWS\system32\drivers\smsens.sys
2011-03-01 16:54:51 ----A---- C:\WINDOWS\system32\drivers\aeaudio.sys
2011-03-01 16:54:51 ----A---- C:\WINDOWS\system32\CleanUp.exe
2011-03-01 16:54:51 ----A---- C:\WINDOWS\system32\a3d.dll
2011-03-01 16:54:50 ----A---- C:\WINDOWS\system32\DSndUp.exe
2011-03-01 16:54:11 ----D---- C:\dell
======List of files/folders modified in the last 1 months======
2011-03-31 15:45:59 ----RD---- C:\Program Files
2011-03-31 15:40:59 ----D---- C:\WINDOWS\pss
2011-03-31 15:40:31 ----D---- C:\WINDOWS\Temp
2011-03-31 15:40:19 ----D---- C:\WINDOWS
2011-03-31 14:39:52 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-31 07:29:53 ----D---- C:\Documents and Settings\Sabca\Data aplikací\esmska
2011-03-30 21:13:09 ----D---- C:\Documents and Settings\Sabca\Data aplikací\Skype
2011-03-30 14:25:39 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-27 21:06:29 ----D---- C:\Documents and Settings\Sabca\Data aplikací\ICQ
2011-03-27 18:51:23 ----D---- C:\WINDOWS\system32\Adobe
2011-03-27 18:35:52 ----D---- C:\WINDOWS\system32\drivers
2011-03-27 18:04:06 ----D---- C:\WINDOWS\system32\DirectX
2011-03-27 18:04:05 ----HD---- C:\WINDOWS\inf
2011-03-27 13:19:35 ----D---- C:\WINDOWS\Microsoft.NET
2011-03-27 12:47:26 ----D---- C:\WINDOWS\system32
2011-03-27 12:47:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-03-27 12:43:15 ----D---- C:\WINDOWS\SoftwareDistribution
2011-03-27 11:30:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-03-27 11:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-03-27 11:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-03-27 11:30:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-03-27 11:30:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-03-27 11:30:32 ----D---- C:\Documents and Settings\Sabca\Data aplikací\uTorrent
2011-03-27 11:30:31 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-03-27 11:30:31 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-03-27 11:30:30 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-03-26 23:18:42 ----SHD---- C:\WINDOWS\Installer
2011-03-26 19:39:58 ----D---- C:\WINDOWS\system32\config
2011-03-25 23:25:45 ----SD---- C:\Documents and Settings\Sabca\Data aplikací\Microsoft
2011-03-25 14:01:59 ----D---- C:\WINDOWS\Prefetch
2011-03-24 19:25:56 ----D---- C:\Documents and Settings\Sabca\Data aplikací\PhotoScape
2011-03-24 08:36:30 ----HD---- C:\WINDOWS\$hf_mig$
2011-03-17 18:29:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-03-17 18:28:11 ----D---- C:\Documents and Settings\Sabca\Data aplikací\Adobe
2011-03-13 12:04:23 ----D---- C:\WINDOWS\WinSxS
2011-03-13 12:03:53 ----D---- C:\Program Files\Common Files
2011-03-12 21:09:45 ----SD---- C:\WINDOWS\Tasks
2011-03-12 21:06:37 ----D---- C:\WINDOWS\Debug
2011-03-10 14:18:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-03-10 14:18:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-10 14:16:11 ----A---- C:\WINDOWS\system32\MRT.exe
2011-03-07 09:05:52 ----D---- C:\Program Files\Esmska
2011-03-03 21:14:35 ----D---- C:\Program Files\ICQ7.4
2011-03-03 20:01:54 ----D---- C:\Documents and Settings\Sabca\Data aplikací\TeamViewer
2011-03-01 16:54:48 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-01 16:54:44 ----D---- C:\Program Files\Common Files\InstallShield
2011-03-01 14:46:45 ----D---- C:\Program Files\Microsoft Silverlight
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-03-12 218688]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2010-06-23 62848]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-02-28 545024]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys []
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 DumpDrv;Crash Dump Driver; C:\WINDOWS\system32\drivers\DumpDrv.sys [2010-06-23 9472]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2010-06-23 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2010-06-23 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2010-06-23 133632]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-27 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-03-04 1523008]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2010-06-23 14848]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2010-06-23 14848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2010-06-23 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPFFontCache_v0400.exe []
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-06-23 14848]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2010-06-23 439808]
-----------------EOF-----------------
