Prosím o preventivní kontrolu logu

[Ryan]

není zač, hezký den

[AjkaM]

Prosím, koukněte mi na log

Logfile of random's system information tool 1.06 (written by random/random)
Run by Ajka at 2009-07-29 15:44:55
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (42%) free of 38 GB
Total RAM: 1527 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:45:03, on 29.7.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Ajka\Plocha\RSIT.exe
C:\Program Files\trend micro\Ajka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7296120468
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CFAB90B3-E452-4F2E-8902-EB27ECECA020}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 6517 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{A62FB77C-198B-469A-A6F1-ED945A2DE36B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-27 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-27 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-10 16126464]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-04-04 1822720]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-28 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-28 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-28 137752]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-03-13 1443072]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

======List of files/folders created in the last 1 months======

2009-07-29 15:44:56 ----D---- C:\Program Files\trend micro
2009-07-29 15:44:55 ----D---- C:\rsit
2009-07-29 02:03:26 ----D---- C:\Documents and Settings\Ajka\Data aplikací\Skype
2009-07-29 02:03:20 ----D---- C:\Program Files\Common Files\Skype
2009-07-29 02:03:16 ----RD---- C:\Program Files\Skype
2009-07-28 11:08:30 ----D---- C:\Documents and Settings\Ajka\Data aplikací\skypePM
2009-07-27 17:41:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2009-07-21 18:45:39 ----D---- C:\Program Files\NOS
2009-07-21 18:45:37 ----D---- C:\Config.Msi
2009-07-14 11:29:55 ----D---- C:\Program Files\Microsoft
2009-07-14 11:29:39 ----D---- C:\Program Files\Windows Live SkyDrive
2009-07-14 11:29:28 ----D---- C:\Program Files\Windows Live
2009-07-14 11:27:12 ----D---- C:\Program Files\Common Files\Windows Live
2009-07-01 19:04:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy

======List of files/folders modified in the last 1 months======

2009-07-29 15:45:02 ----D---- C:\WINDOWS\Prefetch
2009-07-29 15:44:56 ----RD---- C:\Program Files
2009-07-29 15:44:56 ----D---- C:\WINDOWS\Temp
2009-07-29 15:34:35 ----D---- C:\Program Files\Mozilla Firefox
2009-07-29 15:23:09 ----D---- C:\WINDOWS
2009-07-29 09:23:05 ----SHD---- C:\WINDOWS\Installer
2009-07-29 08:40:26 ----D---- C:\WINDOWS\system32\CatRoot2
2009-07-29 02:24:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-07-29 02:03:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2009-07-29 02:01:35 ----D---- C:\Program Files\Common Files
2009-07-28 22:07:31 ----A---- C:\WINDOWS\win.ini
2009-07-28 11:08:30 ----D---- C:\WINDOWS\system32
2009-07-27 19:34:23 ----A---- C:\WINDOWS\NeroDigital.ini
2009-07-27 17:47:08 ----HD---- C:\WINDOWS\inf
2009-07-27 17:47:08 ----D---- C:\WINDOWS\system32\drivers
2009-07-25 14:14:50 ----D---- C:\Documents and Settings\Ajka\Data aplikací\Vso
2009-07-23 16:14:28 ----D---- C:\Program Files\Windows Live Safety Center
2009-07-23 16:14:21 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-07-22 21:23:08 ----A---- C:\WINDOWS\wincmd.ini
2009-07-21 18:46:15 ----D---- C:\WINDOWS\system32\config
2009-07-21 18:45:56 ----D---- C:\WINDOWS\system32\wbem
2009-07-21 18:45:55 ----D---- C:\WINDOWS\Registration
2009-07-15 21:43:57 ----SHD---- C:\System Volume Information
2009-07-15 21:43:57 ----D---- C:\WINDOWS\system32\Restore
2009-07-15 21:42:49 ----D---- C:\WINDOWS\Debug
2009-07-15 02:18:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-07-15 02:18:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2009-07-15 01:27:06 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-14 11:30:29 ----SD---- C:\Documents and Settings\Ajka\Data aplikací\Microsoft
2009-07-14 11:29:44 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-07-14 11:29:44 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-07-13 05:44:28 ----D---- C:\Program Files\ESET
2009-07-07 17:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-05 08:41:00 ----D---- C:\Program Files\Internet Explorer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-13 29704]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-03-13 54280]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-13 40456]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-03-13 71176]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l251x86.sys [2007-07-03 29696]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-03-13 30728]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-10 4397568]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-03-18 47360]
R3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-07-24 10394624]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S3 ZSMC0305;VIMICRO USB PC Camera V; C:\WINDOWS\System32\Drivers\usbVM305.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2008-03-13 472320]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-27 152984]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-06-03 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-03-13 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-06-03 360192]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Dobrý večer
Log vypadá ok, jsou nějaké problémy s pc?

[AjkaM]

Dobrý večer,
děkuji za kontrolu .
Problémy nemám, šlo mi opravdu jenom o prevenci, moc díky.
Příjemný zbytek večera.

[motji]

Není zač,
Vám také hezký večer

[AjkaM]

Zdravím Vás,
opět se na Vás obracím s prosbou o kontrolu logu .
Mám v poslední době s pc problémy- počítač je nějak pomalý, i když dříve tomu tak nebylo a internetové připojení je dostatečné (40MB), mám problémy např. při komunikaci na sky s puštěnou webkou, na webových stránkách se mi kolikrát stránka dlooouho načítá nebo nereaguje vůbec- a sama už si nevím rady , možná najdete chybu.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Ajka at 2010-10-23 11:08:08
Microsoft Windows 7 Ultimate
System drive C: has 25 GB (65%) free of 38 GB
Total RAM: 1527 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:08:17, on 23.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\tsnp325.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Ajka\Desktop\RSIT.exe
C:\Program Files\trend micro\Ajka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TNOD UP] "C:\Program Files\TNod User & Password Finder\TNODUP.exe" /i
O4 - HKLM\..\Run: [tsnp325] C:\Windows\tsnp325.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resour ... cctrl2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4D6C72E-B1D0-4EBC-9298-6747F2DD99B5}: NameServer = 62.129.50.20,85.135.32.100
O17 - HKLM\System\CS1\Services\Tcpip\..\{B4D6C72E-B1D0-4EBC-9298-6747F2DD99B5}: NameServer = 62.129.50.20,85.135.32.100
O17 - HKLM\System\CS2\Services\Tcpip\..\{B4D6C72E-B1D0-4EBC-9298-6747F2DD99B5}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\wia6eb~1\datamngr\datamngr.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 4699 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-19 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]
"TNOD UP"=C:\Program Files\TNod User & Password Finder\TNODUP.exe [2010-04-02 1811968]
"tsnp325"=C:\Windows\tsnp325.exe [2007-04-21 270336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\wia6eb~1\datamngr\datamngr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-10-23 11:02:36 ----D---- C:\Windows\Minidump
2010-10-23 11:00:29 ----D---- C:\Program Files\trend micro
2010-10-23 11:00:28 ----D---- C:\rsit
2010-10-23 10:22:07 ----D---- C:\Program Files\Windows Live Safety Center
2010-10-20 12:53:26 ----D---- C:\Users\Ajka\AppData\Roaming\COWON
2010-10-20 12:51:40 ----D---- C:\Program Files\Common Files\COWON
2010-10-20 12:51:38 ----D---- C:\Program Files\JetAudio
2010-10-19 22:06:28 ----D---- C:\ProgramData\Apple Computer
2010-10-19 22:06:28 ----D---- C:\Program Files\QuickTime
2010-10-19 22:05:41 ----D---- C:\Program Files\Common Files\Apple
2010-10-19 22:05:29 ----D---- C:\ProgramData\Apple
2010-10-19 22:05:29 ----D---- C:\Program Files\Apple Software Update
2010-10-19 21:02:55 ----D---- C:\Users\Ajka\AppData\Roaming\Mozilla
2010-10-19 20:03:23 ----D---- C:\Windows\system32\appmgmt
2010-10-19 19:05:35 ----A---- C:\Windows\system32\uxtuneup.dll
2010-10-19 19:05:35 ----A---- C:\Windows\system32\authuitu.dll
2010-10-19 19:03:25 ----A---- C:\Windows\system32\TURegOpt.exe
2010-10-19 19:02:52 ----D---- C:\Users\Ajka\AppData\Roaming\TuneUp Software
2010-10-19 19:02:38 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-10-19 19:02:08 ----D---- C:\ProgramData\TuneUp Software
2010-10-19 19:02:03 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-10-19 18:42:29 ----D---- C:\Users\Ajka\AppData\Roaming\ICQ
2010-10-19 18:42:22 ----D---- C:\Program Files\ICQ7.2
2010-10-19 18:33:55 ----D---- C:\Users\Ajka\AppData\Roaming\skypePM
2010-10-19 18:32:10 ----D---- C:\Program Files\Common Files\Skype
2010-10-19 18:32:06 ----RD---- C:\Program Files\Skype
2010-10-19 18:32:05 ----D---- C:\Users\Ajka\AppData\Roaming\Skype
2010-10-19 18:32:02 ----D---- C:\ProgramData\Skype
2010-10-19 18:06:15 ----A---- C:\Windows\system32\msonpmon.dll
2010-10-19 18:02:48 ----D---- C:\Program Files\Microsoft Works
2010-10-19 18:02:24 ----D---- C:\Program Files\Microsoft Visual Studio
2010-10-19 18:02:23 ----D---- C:\Program Files\Common Files\DESIGNER
2010-10-19 18:01:51 ----D---- C:\Windows\PCHEALTH
2010-10-19 18:01:51 ----D---- C:\Program Files\Microsoft.NET
2010-10-19 17:59:31 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-10-19 17:58:39 ----D---- C:\ProgramData\Microsoft Help
2010-10-19 17:57:59 ----RHD---- C:\MSOCache
2010-10-19 17:49:04 ----D---- C:\Windows\system32\directx
2010-10-19 17:39:18 ----D---- C:\Users\Ajka\AppData\Roaming\VitySoft
2010-10-19 17:38:10 ----D---- C:\ProgramData\Sun
2010-10-19 17:38:08 ----D---- C:\Program Files\Common Files\Java
2010-10-19 17:37:44 ----A---- C:\Windows\system32\javaws.exe
2010-10-19 17:37:44 ----A---- C:\Windows\system32\javaw.exe
2010-10-19 17:37:44 ----A---- C:\Windows\system32\java.exe
2010-10-19 17:37:44 ----A---- C:\Windows\system32\deployJava1.dll
2010-10-19 17:37:24 ----D---- C:\Program Files\Java
2010-10-19 17:23:17 ----D---- C:\Users\Ajka\AppData\Roaming\GHISLER
2010-10-19 17:23:17 ----D---- C:\totalcmd
2010-10-19 17:23:17 ----A---- C:\Windows\UC.PIF
2010-10-19 17:23:17 ----A---- C:\Windows\RAR.PIF
2010-10-19 17:23:17 ----A---- C:\Windows\PKZIP.PIF
2010-10-19 17:23:17 ----A---- C:\Windows\PKUNZIP.PIF
2010-10-19 17:23:17 ----A---- C:\Windows\NOCLOSE.PIF
2010-10-19 17:23:17 ----A---- C:\Windows\LHA.PIF
2010-10-19 17:23:17 ----A---- C:\Windows\ARJ.PIF
2010-10-19 17:21:25 ----D---- C:\Program Files\Microsoft Office
2010-10-19 17:21:04 ----D---- C:\Program Files\MSECache
2010-10-19 17:03:24 ----D---- C:\Users\Ajka\AppData\Roaming\Macromedia
2010-10-19 17:03:24 ----D---- C:\Users\Ajka\AppData\Roaming\Adobe
2010-10-19 17:03:16 ----D---- C:\Windows\system32\Macromed
2010-10-19 16:47:55 ----D---- C:\ProgramData\Adobe
2010-10-19 16:47:42 ----D---- C:\Program Files\Common Files\Adobe
2010-10-19 16:47:42 ----D---- C:\Program Files\Adobe
2010-10-19 16:31:16 ----D---- C:\Program Files\CCleaner
2010-10-19 16:29:49 ----D---- C:\Users\Ajka\AppData\Roaming\WinRAR
2010-10-19 16:22:54 ----D---- C:\Program Files\WinRAR
2010-10-19 16:13:29 ----D---- C:\Windows\system32\Wat
2010-10-19 16:02:29 ----A---- C:\Windows\vsnp325.exe
2010-10-19 16:02:29 ----A---- C:\Windows\tsnp325.exe
2010-10-19 16:02:29 ----A---- C:\Windows\snp325.ini
2010-10-19 16:02:26 ----A---- C:\Windows\system32\drivers\snp325.sys
2010-10-19 16:02:25 ----A---- C:\Windows\system32\vsnp325.dll
2010-10-19 16:02:25 ----A---- C:\Windows\system32\rsnp325.dll
2010-10-19 16:02:24 ----D---- C:\Program Files\Common Files\snp325
2010-10-19 16:02:23 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-19 16:02:01 ----D---- C:\Users\Ajka\AppData\Roaming\InstallShield
2010-10-19 16:00:24 ----A---- C:\Windows\amcap.exe
2010-10-19 16:00:03 ----A---- C:\Windows\system32\csnp325.dll
2010-10-19 14:53:06 ----A---- C:\Windows\system32\msv1_0.dll
2010-10-19 14:50:59 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-10-19 14:50:59 ----A---- C:\Windows\system32\PresentationHost.exe
2010-10-19 14:50:59 ----A---- C:\Windows\system32\netfxperf.dll
2010-10-19 14:50:59 ----A---- C:\Windows\system32\mscoree.dll
2010-10-19 14:50:59 ----A---- C:\Windows\system32\dfshim.dll
2010-10-19 14:44:31 ----A---- C:\Windows\system32\browserchoice.exe
2010-10-19 14:43:19 ----A---- C:\Windows\system32\MRT.exe
2010-10-19 14:43:01 ----A---- C:\Windows\system32\drivers\ks.sys
2010-10-19 14:41:51 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-10-19 14:41:51 ----A---- C:\Windows\system32\CertEnroll.dll
2010-10-19 14:41:50 ----A---- C:\Windows\system32\winresume.exe
2010-10-19 14:41:50 ----A---- C:\Windows\system32\winload.exe
2010-10-19 14:41:47 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-10-19 14:41:46 ----A---- C:\Windows\system32\asycfilt.dll
2010-10-19 14:41:06 ----A---- C:\Windows\system32\shell32.dll
2010-10-19 14:41:04 ----A---- C:\Windows\system32\vbscript.dll
2010-10-19 14:41:04 ----A---- C:\Windows\system32\jscript.dll
2010-10-19 14:41:03 ----A---- C:\Windows\system32\rtutils.dll
2010-10-19 14:41:01 ----A---- C:\Windows\system32\ir32_32.dll
2010-10-19 14:41:01 ----A---- C:\Windows\system32\iccvid.dll
2010-10-19 14:40:44 ----A---- C:\Windows\system32\inetcomm.dll
2010-10-19 14:40:32 ----A---- C:\Windows\system32\CPFilters.dll
2010-10-19 14:40:31 ----A---- C:\Windows\system32\msdri.dll
2010-10-19 14:40:30 ----A---- C:\Windows\system32\psisdecd.dll
2010-10-19 14:40:20 ----A---- C:\Windows\system32\mshtml.dll
2010-10-19 14:40:17 ----A---- C:\Windows\system32\ieframe.dll
2010-10-19 14:40:16 ----A---- C:\Windows\system32\iertutil.dll
2010-10-19 14:40:15 ----A---- C:\Windows\system32\urlmon.dll
2010-10-19 14:40:15 ----A---- C:\Windows\system32\mstime.dll
2010-10-19 14:40:15 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-19 14:40:14 ----A---- C:\Windows\system32\wininet.dll
2010-10-19 14:40:14 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-19 14:40:13 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-19 14:40:13 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-19 14:40:13 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-19 14:40:13 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-19 14:40:13 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-19 14:40:13 ----A---- C:\Windows\system32\ieui.dll
2010-10-19 14:40:13 ----A---- C:\Windows\system32\iepeers.dll
2010-10-19 14:40:04 ----A---- C:\Windows\system32\lsasrv.dll
2010-10-19 14:40:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-10-19 14:40:03 ----A---- C:\Windows\system32\spoolsv.exe
2010-10-19 14:40:02 ----A---- C:\Windows\system32\msasn1.dll
2010-10-19 14:40:01 ----A---- C:\Windows\system32\msxml3.dll
2010-10-19 14:39:58 ----A---- C:\Windows\system32\tzres.dll
2010-10-19 14:39:53 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-10-19 14:39:49 ----A---- C:\Windows\system32\ole32.dll
2010-10-19 14:39:49 ----A---- C:\Windows\explorer.exe
2010-10-19 14:39:48 ----A---- C:\Windows\system32\winlogon.exe
2010-10-19 14:39:48 ----A---- C:\Windows\system32\t2embed.dll
2010-10-19 14:39:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-10-19 14:39:43 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-10-19 14:39:42 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-19 14:39:41 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-19 14:39:41 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-19 14:39:41 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-19 14:39:40 ----A---- C:\Windows\system32\schannel.dll
2010-10-19 14:39:39 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-19 14:39:39 ----A---- C:\Windows\system32\mfc40.dll
2010-10-19 14:39:36 ----A---- C:\Windows\system32\comctl32.dll
2010-10-19 14:39:35 ----A---- C:\Windows\system32\ntdll.dll
2010-10-19 14:39:33 ----A---- C:\Windows\system32\kernel32.dll
2010-10-19 14:39:33 ----A---- C:\Windows\system32\apphelp.dll
2010-10-19 14:39:24 ----A---- C:\Windows\system32\wmp.dll
2010-10-19 14:39:23 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-19 14:39:21 ----A---- C:\Windows\system32\tsbyuv.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\quartz.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\msyuv.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\msvidc32.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\msrle32.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\mciavi32.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\iyuv_32.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\avifil32.dll
2010-10-19 14:39:19 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-10-19 14:39:19 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-10-19 14:39:19 ----A---- C:\Windows\system32\secproc_isv.dll
2010-10-19 14:39:19 ----A---- C:\Windows\system32\secproc.dll
2010-10-19 14:39:19 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-10-19 14:39:19 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-10-19 14:39:19 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-10-19 14:39:19 ----A---- C:\Windows\system32\RMActivate.exe
2010-10-19 14:39:17 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-19 14:39:16 ----A---- C:\Windows\system32\win32k.sys
2010-10-19 14:39:16 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-10-19 14:39:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-10-19 14:39:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-10-19 14:39:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-10-19 14:33:48 ----A---- C:\Windows\system32\fontsub.dll
2010-10-19 14:33:48 ----A---- C:\Windows\system32\atmlib.dll
2010-10-19 14:33:48 ----A---- C:\Windows\system32\atmfd.dll
2010-10-19 14:31:08 ----D---- C:\Program Files\Mozilla Firefox
2010-10-19 14:16:29 ----D---- C:\Program Files\TNod User & Password Finder
2010-10-19 14:13:54 ----D---- C:\Users\Ajka\AppData\Roaming\ESET
2010-10-19 14:12:17 ----D---- C:\ProgramData\ESET
2010-10-19 14:12:17 ----D---- C:\Program Files\ESET
2010-10-19 14:10:56 ----SHD---- C:\Windows\Installer
2010-10-19 14:06:03 ----A---- C:\Windows\system32\drivers\iteraid.sys
2010-10-19 13:55:59 ----D---- C:\Windows\Panther
2010-10-19 13:43:31 ----SHD---- C:\System Volume Information
2010-10-19 13:39:34 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-19 13:18:25 ----D---- C:\Windows\system32\x64
2010-10-19 13:18:25 ----A---- C:\Windows\system32\igxpun.exe
2010-10-19 13:18:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-10-19 13:17:29 ----A---- C:\Windows\system32\wintrust.dll
2010-10-19 13:17:22 ----A---- C:\Windows\system32\cabview.dll
2010-10-19 13:12:47 ----D---- C:\Users\Ajka\AppData\Roaming\Identities
2010-10-19 13:12:23 ----SD---- C:\Users\Ajka\AppData\Roaming\Microsoft
2010-10-19 13:12:23 ----D---- C:\Users\Ajka\AppData\Roaming\Media Center Programs
2010-10-19 13:10:13 ----SHD---- C:\Recovery
2010-10-19 13:10:13 ----SHD---- C:\ProgramData\Šablony
2010-10-19 13:10:13 ----SHD---- C:\ProgramData\Plocha
2010-10-19 13:10:13 ----SHD---- C:\ProgramData\Oblíbené položky
2010-10-19 13:10:13 ----SHD---- C:\ProgramData\Nabídka Start
2010-10-19 13:10:13 ----SHD---- C:\ProgramData\Dokumenty
2010-10-19 13:10:13 ----SHD---- C:\ProgramData\Data aplikací
2010-10-19 13:00:44 ----D---- C:\Windows\SoftwareDistribution
2010-10-19 12:57:26 ----D---- C:\Windows\Prefetch
2010-10-19 12:57:19 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 months======

2010-10-23 11:08:14 ----D---- C:\Windows\Temp
2010-10-23 11:07:31 ----D---- C:\Windows\System32
2010-10-23 11:07:27 ----D---- C:\Windows\inf
2010-10-23 11:05:56 ----D---- C:\Windows
2010-10-23 11:00:29 ----RD---- C:\Program Files
2010-10-23 10:50:49 ----D---- C:\Windows\system32\config
2010-10-23 10:22:10 ----D---- C:\Windows\Downloaded Program Files
2010-10-23 09:01:24 ----D---- C:\Windows\winsxs
2010-10-23 08:47:11 ----RSD---- C:\Windows\assembly
2010-10-23 01:05:54 ----RSD---- C:\Windows\Fonts
2010-10-23 01:05:48 ----D---- C:\Program Files\Common Files\microsoft shared
2010-10-22 21:12:42 ----D---- C:\Windows\system32\NDF
2010-10-22 14:46:34 ----D---- C:\Windows\system32\catroot2
2010-10-22 11:28:10 ----HD---- C:\ProgramData
2010-10-21 17:22:21 ----D---- C:\Windows\system32\drivers
2010-10-21 07:52:02 ----D---- C:\Windows\system32\Tasks
2010-10-20 23:44:33 ----A---- C:\Windows\win.ini
2010-10-20 12:51:40 ----D---- C:\Program Files\Common Files
2010-10-20 10:07:39 ----D---- C:\Windows\rescache
2010-10-19 22:06:55 ----D---- C:\Program Files\Internet Explorer
2010-10-19 20:16:35 ----D---- C:\Program Files\DVD Maker
2010-10-19 19:24:33 ----D---- C:\Windows\Microsoft.NET
2010-10-19 18:02:39 ----D---- C:\Program Files\MSBuild
2010-10-19 18:01:51 ----SD---- C:\ProgramData\Microsoft
2010-10-19 17:59:18 ----D---- C:\Windows\ShellNew
2010-10-19 17:49:17 ----D---- C:\Windows\Logs
2010-10-19 16:33:32 ----D---- C:\Windows\debug
2010-10-19 16:13:22 ----D---- C:\Windows\system32\catroot
2010-10-19 16:03:21 ----D---- C:\Windows\system32\DriverStore
2010-10-19 16:02:29 ----D---- C:\Windows\twain_32
2010-10-19 15:48:34 ----D---- C:\Windows\system32\migration
2010-10-19 15:48:33 ----D---- C:\Windows\system32\cs-CZ
2010-10-19 15:48:29 ----D---- C:\Windows\AppPatch
2010-10-19 15:48:29 ----D---- C:\Program Files\Windows Mail
2010-10-19 15:48:28 ----D---- C:\Windows\system32\Boot
2010-10-19 15:48:27 ----D---- C:\Windows\ehome
2010-10-19 15:48:26 ----D---- C:\Program Files\Windows Media Player
2010-10-19 13:55:30 ----D---- C:\Windows\Setup
2010-10-19 13:31:23 ----D---- C:\Windows\system32\CodeIntegrity
2010-10-19 13:23:26 ----D---- C:\Windows\system32\wdi
2010-10-19 13:17:30 ----D---- C:\Windows\system32\restore
2010-10-19 13:16:29 ----D---- C:\Windows\system32\wbem
2010-10-19 13:12:44 ----SHD---- C:\$Recycle.Bin
2010-10-19 13:12:22 ----RD---- C:\Users
2010-10-19 13:10:13 ----D---- C:\Windows\system32\Recovery
2010-10-19 13:10:13 ----D---- C:\Program Files\Windows NT
2010-10-19 13:01:18 ----D---- C:\Windows\system32\sysprep
2010-10-19 12:58:24 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iteraid;ITERAID_Service_Install; C:\Windows\system32\DRIVERS\iteraid.sys [2004-06-01 24971]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-11-16 135048]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-11-16 38240]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet - adaptér; C:\Windows\system32\DRIVERS\l260x86.sys [2009-07-14 29184]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-06-19 33096]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 SNP325;USB PC Camera (SNPSTD325); C:\Windows\system32\DRIVERS\snp325.sys [2007-07-24 10394624]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-09-30 1051968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-10-19 435008]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-19 1343400]

[vyosek]

Zdravim a pekny den preji

Jelikoz je kolegyne marod (bacil ji bacil) tak za ni zaskocim...

Vzhledem k tomu, ze pouzivate nelegalni SW se nedivim, ze jste navstevnikem naseho fora
Dle pravidel fora (viz zde a a zde bod c.3 ) se vsak nelegalnim SW nezabyvame, jelikoz nelegalni programy jsou vetsinou zdrojem haveti. Navic tim porusujete i autorska prava a pachate trestny cin.

Obstarejte si proto legalni ochranu Vaseho PC (antivir+firewall), pote sem vlozte novy log z RSITu a CKScanneru - viz nize.

Osobne Vam doporucuji kombinaci Avast+ZoneAlarm. Prehled antiviru mate ZDE a firewallu TADY.

[AjkaM]

Dobrý den,
tak jsem, doufám, chybu napravila ...
A vkládám tedy nové logy....

Logfile of random's system information tool 1.08 (written by random/random)
Run by Ajka at 2010-10-24 12:04:14
Microsoft Windows 7 Ultimate
System drive C: has 25 GB (66%) free of 38 GB
Total RAM: 1527 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:04:22, on 24.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\tsnp325.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Ajka\Desktop\RSIT.exe
C:\Program Files\trend micro\Ajka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchqu.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [tsnp325] C:\Windows\tsnp325.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B4D6C72E-B1D0-4EBC-9298-6747F2DD99B5}: NameServer = 62.129.50.20,85.135.32.100
O17 - HKLM\System\CS1\Services\Tcpip\..\{B4D6C72E-B1D0-4EBC-9298-6747F2DD99B5}: NameServer = 62.129.50.20,85.135.32.100
O17 - HKLM\System\CS2\Services\Tcpip\..\{B4D6C72E-B1D0-4EBC-9298-6747F2DD99B5}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\wia6eb~1\datamngr\datamngr.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 4824 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-10-19 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"tsnp325"=C:\Windows\tsnp325.exe [2007-04-21 270336]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-09-02 1043968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~1\wia6eb~1\datamngr\datamngr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-10-24 12:04:17 ----D---- C:\Program Files\trend micro
2010-10-24 12:04:14 ----D---- C:\rsit
2010-10-24 11:32:08 ----D---- C:\Program Files\Zrychleni Pocitace
2010-10-24 10:43:07 ----A---- C:\Windows\system32\vsregexp.dll
2010-10-24 10:42:53 ----A---- C:\Windows\system32\drivers\netio.sys
2010-10-24 10:42:20 ----A---- C:\Windows\system32\zlcommdb.dll
2010-10-24 10:42:19 ----A---- C:\Windows\system32\zlcomm.dll
2010-10-24 10:42:04 ----A---- C:\Windows\system32\vswmi.dll
2010-10-24 10:41:54 ----A---- C:\Windows\system32\zpeng25.dll
2010-10-24 10:41:54 ----A---- C:\Windows\system32\vsxml.dll
2010-10-24 10:41:51 ----A---- C:\Windows\system32\vspubapi.dll
2010-10-24 10:41:51 ----A---- C:\Windows\system32\vsmonapi.dll
2010-10-24 10:41:48 ----A---- C:\Windows\system32\vsdata.dll
2010-10-24 10:41:34 ----D---- C:\Windows\system32\ZoneLabs
2010-10-24 10:41:34 ----A---- C:\Windows\system32\drivers\vsdatant.sys
2010-10-24 10:41:29 ----D---- C:\Program Files\Zone Labs
2010-10-24 10:40:34 ----D---- C:\ProgramData\CheckPoint
2010-10-24 10:40:24 ----D---- C:\Windows\Internet Logs
2010-10-24 10:40:24 ----A---- C:\Windows\system32\vsinit.dll
2010-10-24 10:40:23 ----A---- C:\Windows\system32\vsutil.dll
2010-10-24 10:18:25 ----D---- C:\Users\Ajka\AppData\Roaming\Avira
2010-10-24 10:15:50 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2010-10-24 10:15:50 ----A---- C:\Windows\system32\drivers\avipbb.sys
2010-10-24 10:15:50 ----A---- C:\Windows\system32\drivers\avgntmgr.sys
2010-10-24 10:15:50 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2010-10-24 10:15:50 ----A---- C:\Windows\system32\drivers\avgntdd.sys
2010-10-24 10:15:49 ----D---- C:\ProgramData\Avira
2010-10-24 10:15:49 ----D---- C:\Program Files\Avira
2010-10-23 18:59:23 ----D---- C:\Program Files\Common Files\Skype
2010-10-23 18:59:19 ----RD---- C:\Program Files\Skype
2010-10-23 11:02:36 ----D---- C:\Windows\Minidump
2010-10-23 10:22:07 ----D---- C:\Program Files\Windows Live Safety Center
2010-10-20 12:53:26 ----D---- C:\Users\Ajka\AppData\Roaming\COWON
2010-10-20 12:51:40 ----D---- C:\Program Files\Common Files\COWON
2010-10-20 12:51:38 ----D---- C:\Program Files\JetAudio
2010-10-19 22:06:28 ----D---- C:\ProgramData\Apple Computer
2010-10-19 22:06:28 ----D---- C:\Program Files\QuickTime
2010-10-19 22:05:41 ----D---- C:\Program Files\Common Files\Apple
2010-10-19 22:05:29 ----D---- C:\ProgramData\Apple
2010-10-19 22:05:29 ----D---- C:\Program Files\Apple Software Update
2010-10-19 21:02:55 ----D---- C:\Users\Ajka\AppData\Roaming\Mozilla
2010-10-19 20:03:23 ----D---- C:\Windows\system32\appmgmt
2010-10-19 19:05:35 ----A---- C:\Windows\system32\uxtuneup.dll
2010-10-19 19:05:35 ----A---- C:\Windows\system32\authuitu.dll
2010-10-19 19:03:25 ----A---- C:\Windows\system32\TURegOpt.exe
2010-10-19 19:02:52 ----D---- C:\Users\Ajka\AppData\Roaming\TuneUp Software
2010-10-19 19:02:38 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-10-19 19:02:08 ----D---- C:\ProgramData\TuneUp Software
2010-10-19 19:02:03 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-10-19 18:42:29 ----D---- C:\Users\Ajka\AppData\Roaming\ICQ
2010-10-19 18:42:22 ----D---- C:\Program Files\ICQ7.2
2010-10-19 18:33:55 ----D---- C:\Users\Ajka\AppData\Roaming\skypePM
2010-10-19 18:32:05 ----D---- C:\Users\Ajka\AppData\Roaming\Skype
2010-10-19 18:32:02 ----D---- C:\ProgramData\Skype
2010-10-19 18:06:15 ----A---- C:\Windows\system32\msonpmon.dll
2010-10-19 18:02:48 ----D---- C:\Program Files\Microsoft Works
2010-10-19 18:02:24 ----D---- C:\Program Files\Microsoft Visual Studio
2010-10-19 18:02:23 ----D---- C:\Program Files\Common Files\DESIGNER
2010-10-19 18:01:51 ----D---- C:\Windows\PCHEALTH
2010-10-19 18:01:51 ----D---- C:\Program Files\Microsoft.NET
2010-10-19 17:59:31 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-10-19 17:58:39 ----D---- C:\ProgramData\Microsoft Help
2010-10-19 17:57:59 ----RHD---- C:\MSOCache
2010-10-19 17:49:04 ----D---- C:\Windows\system32\directx
2010-10-19 17:39:18 ----D---- C:\Users\Ajka\AppData\Roaming\VitySoft
2010-10-19 17:38:10 ----D---- C:\ProgramData\Sun
2010-10-19 17:38:08 ----D---- C:\Program Files\Common Files\Java
2010-10-19 17:37:44 ----A---- C:\Windows\system32\javaws.exe
2010-10-19 17:37:44 ----A---- C:\Windows\system32\javaw.exe
2010-10-19 17:37:44 ----A---- C:\Windows\system32\java.exe
2010-10-19 17:37:44 ----A---- C:\Windows\system32\deployJava1.dll
2010-10-19 17:37:24 ----D---- C:\Program Files\Java
2010-10-19 17:23:17 ----D---- C:\Users\Ajka\AppData\Roaming\GHISLER
2010-10-19 17:23:17 ----D---- C:\totalcmd
2010-10-19 17:23:17 ----A---- C:\Windows\UC.PIF
2010-10-19 17:23:17 ----A---- C:\Windows\RAR.PIF
2010-10-19 17:23:17 ----A---- C:\Windows\PKZIP.PIF
2010-10-19 17:23:17 ----A---- C:\Windows\PKUNZIP.PIF
2010-10-19 17:23:17 ----A---- C:\Windows\NOCLOSE.PIF
2010-10-19 17:23:17 ----A---- C:\Windows\LHA.PIF
2010-10-19 17:23:17 ----A---- C:\Windows\ARJ.PIF
2010-10-19 17:21:25 ----D---- C:\Program Files\Microsoft Office
2010-10-19 17:21:04 ----D---- C:\Program Files\MSECache
2010-10-19 17:03:24 ----D---- C:\Users\Ajka\AppData\Roaming\Macromedia
2010-10-19 17:03:24 ----D---- C:\Users\Ajka\AppData\Roaming\Adobe
2010-10-19 17:03:16 ----D---- C:\Windows\system32\Macromed
2010-10-19 16:47:55 ----D---- C:\ProgramData\Adobe
2010-10-19 16:47:42 ----D---- C:\Program Files\Common Files\Adobe
2010-10-19 16:47:42 ----D---- C:\Program Files\Adobe
2010-10-19 16:31:16 ----D---- C:\Program Files\CCleaner
2010-10-19 16:29:49 ----D---- C:\Users\Ajka\AppData\Roaming\WinRAR
2010-10-19 16:22:54 ----D---- C:\Program Files\WinRAR
2010-10-19 16:13:29 ----D---- C:\Windows\system32\Wat
2010-10-19 16:02:29 ----A---- C:\Windows\vsnp325.exe
2010-10-19 16:02:29 ----A---- C:\Windows\tsnp325.exe
2010-10-19 16:02:29 ----A---- C:\Windows\snp325.ini
2010-10-19 16:02:26 ----A---- C:\Windows\system32\drivers\snp325.sys
2010-10-19 16:02:25 ----A---- C:\Windows\system32\vsnp325.dll
2010-10-19 16:02:25 ----A---- C:\Windows\system32\rsnp325.dll
2010-10-19 16:02:24 ----D---- C:\Program Files\Common Files\snp325
2010-10-19 16:02:23 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-19 16:02:01 ----D---- C:\Users\Ajka\AppData\Roaming\InstallShield
2010-10-19 16:00:24 ----A---- C:\Windows\amcap.exe
2010-10-19 16:00:03 ----A---- C:\Windows\system32\csnp325.dll
2010-10-19 14:53:06 ----A---- C:\Windows\system32\msv1_0.dll
2010-10-19 14:50:59 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-10-19 14:50:59 ----A---- C:\Windows\system32\PresentationHost.exe
2010-10-19 14:50:59 ----A---- C:\Windows\system32\netfxperf.dll
2010-10-19 14:50:59 ----A---- C:\Windows\system32\mscoree.dll
2010-10-19 14:50:59 ----A---- C:\Windows\system32\dfshim.dll
2010-10-19 14:44:31 ----A---- C:\Windows\system32\browserchoice.exe
2010-10-19 14:43:19 ----A---- C:\Windows\system32\MRT.exe
2010-10-19 14:43:01 ----A---- C:\Windows\system32\drivers\ks.sys
2010-10-19 14:41:51 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-10-19 14:41:51 ----A---- C:\Windows\system32\CertEnroll.dll
2010-10-19 14:41:50 ----A---- C:\Windows\system32\winresume.exe
2010-10-19 14:41:50 ----A---- C:\Windows\system32\winload.exe
2010-10-19 14:41:47 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-10-19 14:41:46 ----A---- C:\Windows\system32\asycfilt.dll
2010-10-19 14:41:06 ----A---- C:\Windows\system32\shell32.dll
2010-10-19 14:41:04 ----A---- C:\Windows\system32\vbscript.dll
2010-10-19 14:41:04 ----A---- C:\Windows\system32\jscript.dll
2010-10-19 14:41:03 ----A---- C:\Windows\system32\rtutils.dll
2010-10-19 14:41:01 ----A---- C:\Windows\system32\ir32_32.dll
2010-10-19 14:41:01 ----A---- C:\Windows\system32\iccvid.dll
2010-10-19 14:40:44 ----A---- C:\Windows\system32\inetcomm.dll
2010-10-19 14:40:32 ----A---- C:\Windows\system32\CPFilters.dll
2010-10-19 14:40:31 ----A---- C:\Windows\system32\msdri.dll
2010-10-19 14:40:30 ----A---- C:\Windows\system32\psisdecd.dll
2010-10-19 14:40:20 ----A---- C:\Windows\system32\mshtml.dll
2010-10-19 14:40:17 ----A---- C:\Windows\system32\ieframe.dll
2010-10-19 14:40:16 ----A---- C:\Windows\system32\iertutil.dll
2010-10-19 14:40:15 ----A---- C:\Windows\system32\urlmon.dll
2010-10-19 14:40:15 ----A---- C:\Windows\system32\mstime.dll
2010-10-19 14:40:15 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-19 14:40:14 ----A---- C:\Windows\system32\wininet.dll
2010-10-19 14:40:14 ----A---- C:\Windows\system32\iedkcs32.dll
2010-10-19 14:40:13 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-19 14:40:13 ----A---- C:\Windows\system32\msfeedssync.exe
2010-10-19 14:40:13 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-10-19 14:40:13 ----A---- C:\Windows\system32\licmgr10.dll
2010-10-19 14:40:13 ----A---- C:\Windows\system32\jsproxy.dll
2010-10-19 14:40:13 ----A---- C:\Windows\system32\ieui.dll
2010-10-19 14:40:13 ----A---- C:\Windows\system32\iepeers.dll
2010-10-19 14:40:04 ----A---- C:\Windows\system32\lsasrv.dll
2010-10-19 14:40:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-10-19 14:40:03 ----A---- C:\Windows\system32\spoolsv.exe
2010-10-19 14:40:02 ----A---- C:\Windows\system32\msasn1.dll
2010-10-19 14:40:01 ----A---- C:\Windows\system32\msxml3.dll
2010-10-19 14:39:58 ----A---- C:\Windows\system32\tzres.dll
2010-10-19 14:39:53 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-10-19 14:39:49 ----A---- C:\Windows\system32\ole32.dll
2010-10-19 14:39:49 ----A---- C:\Windows\explorer.exe
2010-10-19 14:39:48 ----A---- C:\Windows\system32\winlogon.exe
2010-10-19 14:39:48 ----A---- C:\Windows\system32\t2embed.dll
2010-10-19 14:39:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-10-19 14:39:43 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-10-19 14:39:42 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-19 14:39:41 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-19 14:39:41 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-19 14:39:41 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-19 14:39:40 ----A---- C:\Windows\system32\schannel.dll
2010-10-19 14:39:39 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-19 14:39:39 ----A---- C:\Windows\system32\mfc40.dll
2010-10-19 14:39:36 ----A---- C:\Windows\system32\comctl32.dll
2010-10-19 14:39:35 ----A---- C:\Windows\system32\ntdll.dll
2010-10-19 14:39:33 ----A---- C:\Windows\system32\kernel32.dll
2010-10-19 14:39:33 ----A---- C:\Windows\system32\apphelp.dll
2010-10-19 14:39:24 ----A---- C:\Windows\system32\wmp.dll
2010-10-19 14:39:23 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-19 14:39:21 ----A---- C:\Windows\system32\tsbyuv.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\quartz.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\msyuv.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\msvidc32.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\msrle32.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\mciavi32.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\iyuv_32.dll
2010-10-19 14:39:21 ----A---- C:\Windows\system32\avifil32.dll
2010-10-19 14:39:19 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-10-19 14:39:19 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-10-19 14:39:19 ----A---- C:\Windows\system32\secproc_isv.dll
2010-10-19 14:39:19 ----A---- C:\Windows\system32\secproc.dll
2010-10-19 14:39:19 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-10-19 14:39:19 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-10-19 14:39:19 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-10-19 14:39:19 ----A---- C:\Windows\system32\RMActivate.exe
2010-10-19 14:39:17 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-19 14:39:16 ----A---- C:\Windows\system32\win32k.sys
2010-10-19 14:39:16 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-10-19 14:39:15 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-10-19 14:39:14 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-10-19 14:39:14 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-10-19 14:33:48 ----A---- C:\Windows\system32\fontsub.dll
2010-10-19 14:33:48 ----A---- C:\Windows\system32\atmlib.dll
2010-10-19 14:33:48 ----A---- C:\Windows\system32\atmfd.dll
2010-10-19 14:31:08 ----D---- C:\Program Files\Mozilla Firefox
2010-10-19 14:13:54 ----D---- C:\Users\Ajka\AppData\Roaming\ESET
2010-10-19 14:12:17 ----D---- C:\ProgramData\ESET
2010-10-19 14:10:56 ----SHD---- C:\Windows\Installer
2010-10-19 14:06:03 ----A---- C:\Windows\system32\drivers\iteraid.sys
2010-10-19 13:55:59 ----D---- C:\Windows\Panther
2010-10-19 13:43:31 ----SHD---- C:\System Volume Information
2010-10-19 13:39:34 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-19 13:18:25 ----D---- C:\Windows\system32\x64
2010-10-19 13:18:25 ----A---- C:\Windows\system32\igxpun.exe
2010-10-19 13:18:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-10-19 13:17:29 ----A---- C:\Windows\system32\wintrust.dll
2010-10-19 13:17:22 ----A---- C:\Windows\system32\cabview.dll
2010-10-19 13:12:47 ----D---- C:\Users\Ajka\AppData\Roaming\Identities
2010-10-19 13:12:23 ----SD---- C:\Users\Ajka\AppData\Roaming\Microsoft
2010-10-19 13:12:23 ----D---- C:\Users\Ajka\AppData\Roaming\Media Center Programs
2010-10-19 13:10:13 ----SHD---- C:\Recovery
2010-10-19 13:10:13 ----SHD---- C:\ProgramData\Šablony
2010-10-19 13:10:13 ----SHD---- C:\ProgramData\Plocha
2010-10-19 13:10:13 ----SHD---- C:\ProgramData\Oblíbené položky
2010-10-19 13:10:13 ----SHD---- C:\ProgramData\Nabídka Start
2010-10-19 13:10:13 ----SHD---- C:\ProgramData\Dokumenty
2010-10-19 13:10:13 ----SHD---- C:\ProgramData\Data aplikací
2010-10-19 13:00:44 ----D---- C:\Windows\SoftwareDistribution
2010-10-19 12:57:26 ----D---- C:\Windows\Prefetch
2010-10-19 12:57:19 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 months======

2010-10-24 12:04:17 ----RD---- C:\Program Files
2010-10-24 11:51:22 ----D---- C:\Windows\Temp
2010-10-24 11:04:00 ----D---- C:\Windows\system32\config
2010-10-24 10:55:48 ----D---- C:\Windows
2010-10-24 10:54:03 ----D---- C:\Windows\System32
2010-10-24 10:54:03 ----D---- C:\Windows\inf
2010-10-24 10:50:01 ----D---- C:\Windows\winsxs
2010-10-24 10:48:12 ----D---- C:\Windows\system32\drivers
2010-10-24 10:42:58 ----D---- C:\Windows\system32\catroot
2010-10-24 10:41:39 ----D---- C:\Windows\system32\DriverStore
2010-10-24 10:40:34 ----HD---- C:\ProgramData
2010-10-24 10:13:38 ----D---- C:\Program Files\Common Files\microsoft shared
2010-10-23 18:59:35 ----D---- C:\Windows\system32\Tasks
2010-10-23 18:59:23 ----D---- C:\Program Files\Common Files
2010-10-23 10:22:10 ----D---- C:\Windows\Downloaded Program Files
2010-10-23 08:47:11 ----RSD---- C:\Windows\assembly
2010-10-23 01:05:54 ----RSD---- C:\Windows\Fonts
2010-10-22 21:12:42 ----D---- C:\Windows\system32\NDF
2010-10-22 14:46:34 ----D---- C:\Windows\system32\catroot2
2010-10-20 23:44:33 ----A---- C:\Windows\win.ini
2010-10-20 10:07:39 ----D---- C:\Windows\rescache
2010-10-19 22:06:55 ----D---- C:\Program Files\Internet Explorer
2010-10-19 20:16:35 ----D---- C:\Program Files\DVD Maker
2010-10-19 19:24:33 ----D---- C:\Windows\Microsoft.NET
2010-10-19 18:02:39 ----D---- C:\Program Files\MSBuild
2010-10-19 18:01:51 ----SD---- C:\ProgramData\Microsoft
2010-10-19 17:59:18 ----D---- C:\Windows\ShellNew
2010-10-19 17:49:17 ----D---- C:\Windows\Logs
2010-10-19 16:33:32 ----D---- C:\Windows\debug
2010-10-19 16:02:29 ----D---- C:\Windows\twain_32
2010-10-19 15:48:34 ----D---- C:\Windows\system32\migration
2010-10-19 15:48:33 ----D---- C:\Windows\system32\cs-CZ
2010-10-19 15:48:29 ----D---- C:\Windows\AppPatch
2010-10-19 15:48:29 ----D---- C:\Program Files\Windows Mail
2010-10-19 15:48:28 ----D---- C:\Windows\system32\Boot
2010-10-19 15:48:27 ----D---- C:\Windows\ehome
2010-10-19 15:48:26 ----D---- C:\Program Files\Windows Media Player
2010-10-19 13:55:30 ----D---- C:\Windows\Setup
2010-10-19 13:31:23 ----D---- C:\Windows\system32\CodeIntegrity
2010-10-19 13:23:26 ----D---- C:\Windows\system32\wdi
2010-10-19 13:17:30 ----D---- C:\Windows\system32\restore
2010-10-19 13:16:29 ----D---- C:\Windows\system32\wbem
2010-10-19 13:12:44 ----SHD---- C:\$Recycle.Bin
2010-10-19 13:12:22 ----RD---- C:\Users
2010-10-19 13:10:13 ----D---- C:\Windows\system32\Recovery
2010-10-19 13:10:13 ----D---- C:\Program Files\Windows NT
2010-10-19 13:01:18 ----D---- C:\Windows\system32\sysprep
2010-10-19 12:58:24 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iteraid;ITERAID_Service_Install; C:\Windows\system32\DRIVERS\iteraid.sys [2004-06-01 24971]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2010-05-15 461400]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet - adaptér; C:\Windows\system32\DRIVERS\l260x86.sys [2009-07-14 29184]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 SNP325;USB PC Camera (SNPSTD325); C:\Windows\system32\DRIVERS\snp325.sys [2007-07-24 10394624]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-09-30 1051968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2010-09-02 2435592]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-10-19 435008]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-19 1343400


CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11

[vyosek]

Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)

• c:\progra~1\wia6eb~1\datamngr\datamngr.dll
• Kliknete na Prochazet
• Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
• Pokud napise Soubor byl jiz testovan, dejte otestovat znovu
• Kliknete na Otestovat soubor
• Vysledek analyzy sem vlozte (jako odkaz)

[AjkaM]

Omlovám se, možná hloupý dotaz, ale....
Netuším, jak cestu vložit, když soubor, který chcete otestovat, nemůžu najít, resp., nevím, kde je uložený.

[vyosek]

Oznacite si ten soubor tady na foru (ten modry text) a date ctrl+c (kopirovat)

Kliknete na strance VirusTotal na tlacitko prochazet a date ctrl+v (vlozit)

Pak jen klik otevrit a send file - mozna bude pak treba jeste klik na Reanalsyse, at se otestuje Vas soubor

Po probehnuti testu antiviry kliknete do radku s adresou (nahore v prohlizeci), tu zkopirujete a sem na forum vlozite

Taky se po otestovani muzete podivat na vysledek a ten sem vlozit - je to horni cast nad vysledky jednotlivych antiviru

File name: UsbFix.exe
Submission date: 2010-10-24 13:36:38 (UTC)
Current status: finished
Result: 13/ 41 (31.7%)

[AjkaM]

Děkuji za polopatické vysvětlení .
Ptala jsem se proto, že tímto způsobem jsem to provedla, ale akorát jsem se dozvěděla, že tato cesta neexistuje.

[vyosek]

Mozna se VT nelibi ta zkracena cesta, nevadi najdeme si jej, resp. se podivame ci tam je nebo neni

Stahnete SytemLook (viz muj podpis) a ulozte jej na plochu

• Do okna vlozte skript nize

• Kód: Vybrat vše

  :filefind
  datamngr.dll

• Kliknete na Look
• Tlacitko Look se zmeni na Scanning a zsedne
• Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
• Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte

[AjkaM]

Tady je výsledek:

SystemLook 04.09.10 by jpshortstuff
Log created at 18:36 on 24/10/2010 by Ajka
Administrator - Elevation successful

========== filefind ==========

Searching for "datamngr.dll"
No files found.

[vyosek]

Stahnete OTM (viz muj podpis)

• Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
• Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

• Kód: Vybrat vše

  :reg
  [HKCU\Software\Microsoft\Internet Explorer\Main]
  "Start Page"="www.google.com"
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp /s
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]

• Kliknete na cervene tlacitko MoveIt!
• Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Napiste ci doslo ke zlepseni