Dobrý den prosím o preventivní kontrolu logu z notebooku HP. Děkuji.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Miloš at 2011-07-13 12:41:21
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 23 GB (8%) free of 297 GB
Total RAM: 3069 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:41:29, on 13.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Java\jre6\launch4j-tmp\frd.exe
C:\Users\Miloš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miloš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Miloš\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miloš\Downloads\RSIT.exe
C:\Program Files\trend micro\Miloš.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: vShare Toolbar - {043C5167-00BB-4324-AF7E-62013FAEDACF} - C:\Program Files\vShare\vshare_toolbar.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=010111 serial=DR12CRS-1736730-YNQ lang=CZ
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [facemoods] "C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe" /md I
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-395227406-1693366131-1795795476-1007\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-395227406-1693366131-1795795476-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - C:\Program Files\vShare\vshare_toolbar.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\Windows\system32\Hpservice.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - c:\Windows\system32\vfsFPService.exe
--
End of file - 10658 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-395227406-1693366131-1795795476-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-395227406-1693366131-1795795476-1001UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{043C5167-00BB-4324-AF7E-62013FAEDACF}]
vShare Toolbar - C:\Program Files\vShare\vshare_toolbar.dll [2011-02-26 482360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-04-17 1256512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - C:\Program Files\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll [2010-10-26 262144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]
{043C5167-00BB-4324-AF7E-62013FAEDACF} - vShare Toolbar - C:\Program Files\vShare\vshare_toolbar.dll [2011-02-26 482360]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll [2010-10-26 217088]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 1721640]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-23 495708]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-27 321080]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2009-04-17 842816]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2021400]
"CorelDRAW Graphics Suite 11b"=C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [2004-06-23 729088]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2011-04-20 58656]
"CTCheck"=C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe [2007-10-25 380928]
"facemoods"=C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe [2010-10-26 323584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
"CTSyncU.exe"=C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe [2007-07-17 868352]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2011-06-07 399736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-07-13 12:36:02 ----D---- C:\Program Files\trend micro
2011-07-12 23:00:23 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-12 23:00:17 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-07-12 23:00:17 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-07-12 23:00:13 ----A---- C:\Windows\system32\kernel32.dll
2011-07-12 23:00:12 ----A---- C:\Windows\system32\winsrv.dll
2011-07-12 23:00:12 ----A---- C:\Windows\system32\conhost.exe
2011-07-12 23:00:07 ----A---- C:\Windows\system32\win32k.sys
2011-07-08 14:53:31 ----D---- C:\Program Files\Elaborate Bytes
2011-07-08 14:51:58 ----D---- C:\Program Files\CDisplay
2011-07-07 23:49:41 ----D---- C:\Users\Miloš\AppData\Roaming\VitySoft
2011-07-04 16:27:17 ----D---- C:\Program Files\Common Files\SWF Studio
2011-07-04 16:23:07 ----D---- C:\Program Files\LucasArts
2011-07-03 11:06:58 ----D---- C:\Users\Miloš\AppData\Roaming\Mp3tag
2011-07-03 11:06:42 ----D---- C:\Program Files\Mp3tag
2011-06-29 11:57:19 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-29 11:57:14 ----A---- C:\Windows\system32\tquery.dll
2011-06-29 11:57:14 ----A---- C:\Windows\system32\mssrch.dll
2011-06-29 11:57:12 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-29 11:57:12 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-29 11:57:12 ----A---- C:\Windows\system32\mssph.dll
2011-06-29 11:57:11 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-29 11:57:11 ----A---- C:\Windows\system32\mssvp.dll
2011-06-29 11:57:10 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-29 11:57:10 ----A---- C:\Windows\system32\msscntrs.dll
2011-06-27 11:51:35 ----A---- C:\Windows\system32\javaws.exe
2011-06-27 11:51:35 ----A---- C:\Windows\system32\javaw.exe
2011-06-27 11:51:35 ----A---- C:\Windows\system32\java.exe
2011-06-24 21:29:56 ----D---- C:\Users\Miloš\AppData\Roaming\vlc
2011-06-24 21:29:07 ----D---- C:\Program Files\VideoLAN
2011-06-18 23:11:19 ----D---- C:\Program Files\iPod
2011-06-18 23:11:18 ----D---- C:\Program Files\iTunes
2011-06-15 10:04:40 ----A---- C:\Windows\system32\mshtmled.dll
2011-06-15 10:04:39 ----A---- C:\Windows\system32\jscript9.dll
2011-06-15 10:04:39 ----A---- C:\Windows\system32\jscript.dll
2011-06-15 10:04:39 ----A---- C:\Windows\system32\ieui.dll
2011-06-15 10:04:39 ----A---- C:\Windows\system32\iertutil.dll
2011-06-15 10:04:37 ----A---- C:\Windows\system32\urlmon.dll
2011-06-15 10:04:37 ----A---- C:\Windows\system32\mshtml.dll
2011-06-15 10:04:37 ----A---- C:\Windows\system32\ieframe.dll
2011-06-15 09:50:48 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-15 09:50:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-15 09:50:48 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-15 09:50:43 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-06-15 09:50:42 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-15 09:50:38 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-15 09:50:36 ----A---- C:\Windows\system32\d3d10_1.dll
2011-06-15 09:50:19 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-15 09:50:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-15 09:50:04 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-15 09:50:04 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
======List of files/folders modified in the last 1 months======
2011-07-13 12:41:25 ----D---- C:\Windows\Temp
2011-07-13 12:41:21 ----D---- C:\rsit
2011-07-13 12:37:36 ----D---- C:\Windows\Prefetch
2011-07-13 12:36:02 ----RD---- C:\Program Files
2011-07-13 12:32:14 ----D---- C:\Users\Miloš\AppData\Roaming\uTorrent
2011-07-13 10:38:12 ----D---- C:\Windows\System32
2011-07-13 10:38:12 ----D---- C:\Windows\inf
2011-07-13 10:38:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-13 09:45:32 ----RD---- C:\Users
2011-07-13 09:14:07 ----D---- C:\Windows\system32\config
2011-07-13 02:22:31 ----SHD---- C:\System Volume Information
2011-07-12 23:09:02 ----D---- C:\Windows\winsxs
2011-07-12 23:06:58 ----D---- C:\Windows\system32\DriverStore
2011-07-12 23:06:57 ----D---- C:\Windows\system32\drivers
2011-07-12 23:01:45 ----A---- C:\Windows\system32\MRT.exe
2011-07-12 23:01:40 ----SHD---- C:\Windows\Installer
2011-07-12 23:01:36 ----D---- C:\ProgramData\Microsoft Help
2011-07-12 23:00:00 ----D---- C:\Windows\system32\catroot
2011-07-12 22:59:49 ----D---- C:\Windows\system32\catroot2
2011-07-12 14:08:56 ----D---- C:\Temp
2011-07-12 11:43:40 ----A---- C:\Windows\system32\PnkBstrB.exe
2011-07-09 11:08:38 ----D---- C:\Windows
2011-07-08 16:07:47 ----A---- C:\Windows\system32\PnkBstrA.exe
2011-07-08 14:53:51 ----HD---- C:\ProgramData
2011-07-08 14:53:43 ----D---- C:\Windows\system32\Tasks
2011-07-04 16:27:17 ----D---- C:\Program Files\Common Files
2011-07-04 16:23:20 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-04 16:22:49 ----D---- C:\Program Files\Common Files\InstallShield
2011-07-02 18:42:53 ----D---- C:\Users\Miloš\AppData\Roaming\ICQ
2011-07-02 18:42:53 ----D---- C:\Program Files\ICQ7.2
2011-06-30 11:58:14 ----RSD---- C:\Windows\assembly
2011-06-30 11:52:06 ----D---- C:\Program Files\SEGA
2011-06-29 11:59:00 ----RSD---- C:\Windows\Fonts
2011-06-29 11:58:25 ----D---- C:\Program Files\Microsoft Office
2011-06-27 11:51:33 ----D---- C:\Program Files\Java
2011-06-26 15:17:30 ----D---- C:\Program Files\JDownloader
2011-06-18 23:11:18 ----D---- C:\Program Files\Common Files\Apple
2011-06-15 11:03:00 ----D---- C:\Windows\Microsoft.NET
2011-06-15 10:13:07 ----D---- C:\Program Files\Microsoft Silverlight
2011-06-15 10:11:45 ----D---- C:\Program Files\Internet Explorer
2011-06-14 11:46:54 ----D---- C:\Program Files\2K Sports
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-17 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-06-06 83872]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-06-06 25888]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2008-03-14 280192]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-08 2506232]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2010-03-23 423424]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 adlmoir8;adlmoir8; C:\Windows\system32\drivers\adlmoir8.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-01 100560]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-04-17 322624]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 26168]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-21 615528]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-07-08 75136]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [2010-03-23 229458]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 vfsFPService;Validity Fingerprint Service; c:\Windows\system32\vfsFPService.exe [2009-03-26 599344]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-17 655624]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 820520]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-03-12 435016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-17 1343400]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu
Zdravim a pekny den preji 
Ono to nebude jen preventivka, tam toho je 
Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Ono to nebude jen preventivka, tam toho je Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Pokud ho havet blokuje, pouzijte jeden z nasledujicich
motji píše: Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill SCR:
http://download.bleepingcomputer.com/grinler/rkill.scr
Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif - Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- Ted nerestartujte PC - prisli byste o ucinek RKillu
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Tady posílám log z programu ComboFix.
ComboFix 11-07-12.09 - Miloš 13.07.2011 13:12:06.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3069.1954 [GMT 2:00]
Spuštěný z: c:\users\MiloÜ\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\facemoods.com
c:\program files\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoods.crx
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoods.png
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodsApp.dll
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodsEng.dll
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
c:\program files\facemoods.com\facemoods\1.4.17.7\uninstall.exe
c:\program files\facemoods.com\sqlite3.dll
c:\windows\system32\no
c:\windows\system32\no\DPCrProv.dll.mui
c:\windows\system32\no\DPSDApi.dll.mui
c:\windows\system32\SV
c:\windows\system32\SV\DPCrProv.dll.mui
c:\windows\system32\SV\DPSDApi.dll.mui
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-13 do 2011-07-13 )))))))))))))))))))))))))))))))
.
.
2011-07-13 11:24 . 2011-07-13 11:24 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2011-07-13 11:24 . 2011-07-13 11:24 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2011-07-13 11:24 . 2011-07-13 11:24 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2011-07-13 11:24 . 2011-07-13 11:24 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2011-07-13 11:24 . 2011-07-13 11:24 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2011-07-13 11:22 . 2011-07-13 11:22 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-07-13 11:22 . 2011-07-13 11:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-13 10:36 . 2011-07-13 10:41 -------- d-----w- c:\program files\trend micro
2011-07-13 07:45 . 2011-07-13 07:45 -------- d-----w- c:\users\Guest
2011-07-12 08:04 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{18ADF3A6-9DD6-4537-99B0-1915974F0E0A}\mpengine.dll
2011-07-08 12:53 . 2011-07-08 12:53 -------- d-----w- c:\program files\Elaborate Bytes
2011-07-08 12:51 . 2011-07-08 12:51 -------- d-----w- c:\program files\CDisplay
2011-07-07 21:49 . 2011-07-07 21:49 -------- d-----w- c:\users\Miloš\AppData\Roaming\VitySoft
2011-07-04 14:27 . 2011-07-04 14:27 -------- d-----w- c:\program files\Common Files\SWF Studio
2011-07-04 14:23 . 2011-07-04 14:23 -------- d-----w- c:\program files\LucasArts
2011-07-04 14:22 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-07-04 14:22 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2011-07-04 14:22 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-07-04 14:22 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-07-03 09:06 . 2011-07-03 09:09 -------- d-----w- c:\users\Miloš\AppData\Roaming\Mp3tag
2011-07-03 09:06 . 2011-07-03 09:06 -------- d-----w- c:\program files\Mp3tag
2011-06-29 09:57 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 09:57 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 09:57 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 09:57 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 09:57 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 09:57 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 09:57 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 09:57 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 09:57 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 09:57 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-24 19:29 . 2011-06-24 19:30 -------- d-----w- c:\users\Miloš\AppData\Roaming\vlc
2011-06-24 19:29 . 2011-06-24 19:29 -------- d-----w- c:\program files\VideoLAN
2011-06-18 21:11 . 2011-06-18 21:11 -------- d-----w- c:\program files\iPod
2011-06-18 21:11 . 2011-06-18 21:12 -------- d-----w- c:\program files\iTunes
2011-06-15 08:04 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-06-15 08:04 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-15 08:04 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-15 07:50 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 07:50 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 07:50 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 07:50 . 2011-04-25 04:31 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 07:50 . 2011-04-25 02:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 07:50 . 2011-05-03 04:30 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-15 07:50 . 2011-01-17 05:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-15 07:50 . 2011-02-25 05:34 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-15 07:50 . 2011-04-27 02:17 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 07:50 . 2011-04-27 02:17 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 07:50 . 2011-04-27 02:17 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-14 10:17 . 2011-06-14 10:17 54600192 --sha-w- c:\windows\system32\nba2k11.dat
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-12 09:43 . 2011-01-14 17:21 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-07-12 09:43 . 2011-01-28 18:30 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-07-12 09:43 . 2011-01-14 17:21 268952 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-07-12 09:43 . 2011-01-14 17:21 214816 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-08 14:07 . 2011-01-14 17:21 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-06-06 20:42 . 2011-06-06 20:32 83872 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-06-06 20:42 . 2011-06-06 20:32 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-05-28 12:56 . 2011-05-28 12:56 65536 ----a-w- c:\windows\system32\frapsvid.dll
2011-05-24 17:14 . 2010-12-17 17:06 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-21 06:01 . 2011-06-04 21:39 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-05-21 06:01 . 2011-06-04 21:37 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-05-21 06:01 . 2011-06-04 21:37 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-05-21 06:01 . 2011-06-04 21:37 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-21 06:01 . 2011-06-04 21:37 5301352 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-21 06:01 . 2011-06-04 21:37 2804328 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-21 06:01 . 2011-06-04 21:37 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-21 06:01 . 2011-06-04 21:37 16456296 ----a-w- c:\windows\system32\nvoglv32.dll
2011-05-21 06:01 . 2011-06-04 21:37 11992680 ----a-w- c:\windows\system32\nvd3dum.dll
2011-05-21 06:01 . 2011-06-04 21:37 10589800 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-05-21 06:01 . 2011-06-04 21:37 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-21 06:01 . 2011-06-04 21:37 12392 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-05-21 06:01 . 2010-10-16 11:42 615528 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-21 06:01 . 2010-10-16 11:42 301672 ----a-w- c:\windows\system32\nvhotkey.dll
2011-05-21 06:01 . 2010-10-16 11:42 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-21 06:01 . 2010-10-16 11:42 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-21 06:01 . 2010-10-16 11:42 3693672 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-21 06:01 . 2010-10-16 11:42 2557544 ----a-w- c:\windows\system32\nvsvc.dll
2011-05-21 06:01 . 2009-10-03 10:40 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-05-21 06:01 . 2009-10-03 05:02 6555240 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-05-21 06:01 . 2009-10-03 05:02 2335848 ----a-w- c:\windows\system32\nvapi.dll
2011-05-16 10:03 . 2011-05-16 10:03 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 09:41 . 2011-06-04 21:37 26216 ----a-w- c:\windows\system32\nvhdap32.dll
2011-05-10 09:41 . 2011-06-04 21:37 65640 ----a-w- c:\windows\system32\nvapo32v.dll
2011-05-10 09:41 . 2011-06-04 21:37 139368 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2011-05-10 09:41 . 2011-06-04 21:37 865896 ----a-w- c:\windows\system32\nvhdagenco322040.dll
2011-05-10 06:06 . 2011-05-10 06:06 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-05-10 06:06 . 2011-05-10 06:06 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-05-10 04:55 . 2011-05-10 04:55 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-05-10 04:55 . 2010-12-20 19:20 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-05-04 02:52 . 2010-12-19 11:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-22 19:14 . 2011-05-25 09:34 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-21 08:50 . 2011-01-09 09:57 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-21 08:50 . 2011-01-09 09:57 109144 ----a-w- c:\windows\system32\OpenAL32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2011-01-05 133432]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-06-07 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-23 495708]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 321080]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-04-17 842816]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"CorelDRAW Graphics Suite 11b"="c:\program files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe" [2004-06-22 729088]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"CTCheck"="c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-10-25 380928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Miloš\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"ISUSPM Startup"=c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-01 100560]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-17 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-17 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2009-03-26 599344]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys [2008-03-14 280192]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.facemoods.com/?a=ddrnw
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - c:\program files\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
HKLM-Run-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe
AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.7\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-395227406-1693366131-1795795476-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{279C5F83-B773-A17C-F0A4-54A468B8BA1A}*]
"hannabenojedgpad"=hex:6a,61,67,63,68,67,69,61,64,66,61,70,62,6d,62,69,6e,6d,
69,70,00,00
"iadjglkijgjcdfadlf"=hex:6a,61,67,63,68,67,69,61,64,66,61,70,62,6d,62,69,6e,6d,
69,70,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(564)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\conhost.exe
c:\windows\PEV.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2011-07-13 13:29:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-13 11:29
.
Před spuštěním: Volných bajtů: 24 227 397 632
Po spuštění: Volných bajtů: 24 948 367 360
.
- - End Of File - - 463A5436B33292D6B2E06FA79A7FC5F4
ComboFix 11-07-12.09 - Miloš 13.07.2011 13:12:06.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3069.1954 [GMT 2:00]
Spuštěný z: c:\users\MiloÜ\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\facemoods.com
c:\program files\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoods.crx
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoods.png
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodsApp.dll
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodsEng.dll
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe
c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
c:\program files\facemoods.com\facemoods\1.4.17.7\uninstall.exe
c:\program files\facemoods.com\sqlite3.dll
c:\windows\system32\no
c:\windows\system32\no\DPCrProv.dll.mui
c:\windows\system32\no\DPSDApi.dll.mui
c:\windows\system32\SV
c:\windows\system32\SV\DPCrProv.dll.mui
c:\windows\system32\SV\DPSDApi.dll.mui
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-13 do 2011-07-13 )))))))))))))))))))))))))))))))
.
.
2011-07-13 11:24 . 2011-07-13 11:24 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2011-07-13 11:24 . 2011-07-13 11:24 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2011-07-13 11:24 . 2011-07-13 11:24 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2011-07-13 11:24 . 2011-07-13 11:24 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2011-07-13 11:24 . 2011-07-13 11:24 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2011-07-13 11:22 . 2011-07-13 11:22 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-07-13 11:22 . 2011-07-13 11:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-13 10:36 . 2011-07-13 10:41 -------- d-----w- c:\program files\trend micro
2011-07-13 07:45 . 2011-07-13 07:45 -------- d-----w- c:\users\Guest
2011-07-12 08:04 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{18ADF3A6-9DD6-4537-99B0-1915974F0E0A}\mpengine.dll
2011-07-08 12:53 . 2011-07-08 12:53 -------- d-----w- c:\program files\Elaborate Bytes
2011-07-08 12:51 . 2011-07-08 12:51 -------- d-----w- c:\program files\CDisplay
2011-07-07 21:49 . 2011-07-07 21:49 -------- d-----w- c:\users\Miloš\AppData\Roaming\VitySoft
2011-07-04 14:27 . 2011-07-04 14:27 -------- d-----w- c:\program files\Common Files\SWF Studio
2011-07-04 14:23 . 2011-07-04 14:23 -------- d-----w- c:\program files\LucasArts
2011-07-04 14:22 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-07-04 14:22 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2011-07-04 14:22 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-07-04 14:22 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-07-03 09:06 . 2011-07-03 09:09 -------- d-----w- c:\users\Miloš\AppData\Roaming\Mp3tag
2011-07-03 09:06 . 2011-07-03 09:06 -------- d-----w- c:\program files\Mp3tag
2011-06-29 09:57 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 09:57 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 09:57 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 09:57 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 09:57 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 09:57 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 09:57 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 09:57 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 09:57 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 09:57 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-24 19:29 . 2011-06-24 19:30 -------- d-----w- c:\users\Miloš\AppData\Roaming\vlc
2011-06-24 19:29 . 2011-06-24 19:29 -------- d-----w- c:\program files\VideoLAN
2011-06-18 21:11 . 2011-06-18 21:11 -------- d-----w- c:\program files\iPod
2011-06-18 21:11 . 2011-06-18 21:12 -------- d-----w- c:\program files\iTunes
2011-06-15 08:04 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-06-15 08:04 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-15 08:04 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-15 07:50 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 07:50 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 07:50 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 07:50 . 2011-04-25 04:31 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 07:50 . 2011-04-25 02:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 07:50 . 2011-05-03 04:30 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-15 07:50 . 2011-01-17 05:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-15 07:50 . 2011-02-25 05:34 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-15 07:50 . 2011-04-27 02:17 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 07:50 . 2011-04-27 02:17 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 07:50 . 2011-04-27 02:17 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-14 10:17 . 2011-06-14 10:17 54600192 --sha-w- c:\windows\system32\nba2k11.dat
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-12 09:43 . 2011-01-14 17:21 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-07-12 09:43 . 2011-01-28 18:30 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-07-12 09:43 . 2011-01-14 17:21 268952 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-07-12 09:43 . 2011-01-14 17:21 214816 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-08 14:07 . 2011-01-14 17:21 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-06-06 20:42 . 2011-06-06 20:32 83872 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-06-06 20:42 . 2011-06-06 20:32 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-05-28 12:56 . 2011-05-28 12:56 65536 ----a-w- c:\windows\system32\frapsvid.dll
2011-05-24 17:14 . 2010-12-17 17:06 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-21 06:01 . 2011-06-04 21:39 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-05-21 06:01 . 2011-06-04 21:37 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-05-21 06:01 . 2011-06-04 21:37 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-05-21 06:01 . 2011-06-04 21:37 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-21 06:01 . 2011-06-04 21:37 5301352 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-21 06:01 . 2011-06-04 21:37 2804328 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-21 06:01 . 2011-06-04 21:37 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-21 06:01 . 2011-06-04 21:37 16456296 ----a-w- c:\windows\system32\nvoglv32.dll
2011-05-21 06:01 . 2011-06-04 21:37 11992680 ----a-w- c:\windows\system32\nvd3dum.dll
2011-05-21 06:01 . 2011-06-04 21:37 10589800 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-05-21 06:01 . 2011-06-04 21:37 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-21 06:01 . 2011-06-04 21:37 12392 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-05-21 06:01 . 2010-10-16 11:42 615528 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-21 06:01 . 2010-10-16 11:42 301672 ----a-w- c:\windows\system32\nvhotkey.dll
2011-05-21 06:01 . 2010-10-16 11:42 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-21 06:01 . 2010-10-16 11:42 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-21 06:01 . 2010-10-16 11:42 3693672 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-21 06:01 . 2010-10-16 11:42 2557544 ----a-w- c:\windows\system32\nvsvc.dll
2011-05-21 06:01 . 2009-10-03 10:40 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-05-21 06:01 . 2009-10-03 05:02 6555240 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-05-21 06:01 . 2009-10-03 05:02 2335848 ----a-w- c:\windows\system32\nvapi.dll
2011-05-16 10:03 . 2011-05-16 10:03 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 09:41 . 2011-06-04 21:37 26216 ----a-w- c:\windows\system32\nvhdap32.dll
2011-05-10 09:41 . 2011-06-04 21:37 65640 ----a-w- c:\windows\system32\nvapo32v.dll
2011-05-10 09:41 . 2011-06-04 21:37 139368 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2011-05-10 09:41 . 2011-06-04 21:37 865896 ----a-w- c:\windows\system32\nvhdagenco322040.dll
2011-05-10 06:06 . 2011-05-10 06:06 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-05-10 06:06 . 2011-05-10 06:06 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-05-10 04:55 . 2011-05-10 04:55 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-05-10 04:55 . 2010-12-20 19:20 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-05-04 02:52 . 2010-12-19 11:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-22 19:14 . 2011-05-25 09:34 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-21 08:50 . 2011-01-09 09:57 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-21 08:50 . 2011-01-09 09:57 109144 ----a-w- c:\windows\system32\OpenAL32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2011-01-05 133432]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-06-07 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-23 495708]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 321080]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-04-17 842816]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"CorelDRAW Graphics Suite 11b"="c:\program files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe" [2004-06-22 729088]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"CTCheck"="c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-10-25 380928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Miloš\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"ISUSPM Startup"=c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-01 100560]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-17 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-17 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2009-03-26 599344]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys [2008-03-14 280192]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.facemoods.com/?a=ddrnw
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - c:\program files\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
HKLM-Run-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe
AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.7\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-395227406-1693366131-1795795476-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{279C5F83-B773-A17C-F0A4-54A468B8BA1A}*]
"hannabenojedgpad"=hex:6a,61,67,63,68,67,69,61,64,66,61,70,62,6d,62,69,6e,6d,
69,70,00,00
"iadjglkijgjcdfadlf"=hex:6a,61,67,63,68,67,69,61,64,66,61,70,62,6d,62,69,6e,6d,
69,70,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(564)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\conhost.exe
c:\windows\PEV.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2011-07-13 13:29:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-13 11:29
.
Před spuštěním: Volných bajtů: 24 227 397 632
Po spuštění: Volných bajtů: 24 948 367 360
.
- - End Of File - - 463A5436B33292D6B2E06FA79A7FC5F4
Re: Kontrola logu
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: Folder:: c:\program files\uTorrentBar c:\program files\ICQ6Toolbar File:: C:\Program Files\vShare\vshare_toolbar.dll C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-395227406-1693366131-1795795476-1001Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-395227406-1693366131-1795795476-1001UA.job Registry:: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=- [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=- "{043C5167-00BB-4324-AF7E-62013FAEDACF}"=- "{855F3B16-6D32-4FE6-8A56-BBB695989046}"=- [-HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=- "ICQ"=- "uTorrent"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CorelDRAW Graphics Suite 11b"=- "AdobeCS4ServiceManager"=- "QuickTime Task"=- "AppleSyncNotifier"=- Driver:: ICQ Service DDS:: uStart Page = hxxp://start.facemoods.com/?a=ddrnw RegLockDel:: [HKEY_USERS\S-1-5-21-395227406-1693366131-1795795476-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{279C5F83-B773-A17C-F0A4-54A468B8BA1A}*] RegLock:: [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] Reboot::- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Zde je výpis z logu po aplikaci skriptu
ComboFix 11-07-12.09 - Miloš 13.07.2011 17:24:50.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3069.1957 [GMT 2:00]
Spuštěný z: c:\users\MiloÜ\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\MiloÜ\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-13 do 2011-07-13 )))))))))))))))))))))))))))))))
.
.
2011-07-13 15:34 . 2011-07-13 15:34 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-07-13 15:34 . 2011-07-13 15:34 -------- d-----w- c:\users\Miloa\AppData\Local\temp
2011-07-13 15:34 . 2011-07-13 15:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-13 11:24 . 2011-07-13 11:24 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2011-07-13 11:24 . 2011-07-13 11:24 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2011-07-13 11:24 . 2011-07-13 11:24 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2011-07-13 11:24 . 2011-07-13 11:24 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2011-07-13 11:24 . 2011-07-13 11:24 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2011-07-13 11:24 . 2011-07-13 11:24 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2011-07-13 11:24 . 2011-07-13 11:24 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2011-07-13 11:24 . 2011-07-13 11:24 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2011-07-13 11:24 . 2011-07-13 11:24 18541 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2011-07-13 11:24 . 2011-07-13 11:24 1651 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2011-07-13 11:23 . 2011-07-13 11:23 8288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2011-07-13 11:23 . 2011-07-13 11:23 6208 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2011-07-13 11:23 . 2011-07-13 11:23 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2011-07-13 11:23 . 2011-07-13 11:23 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2011-07-13 11:23 . 2011-07-13 11:23 51852 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2011-07-13 11:23 . 2011-07-13 11:23 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2011-07-13 11:23 . 2011-07-13 11:23 20719 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2011-07-13 11:22 . 2011-07-13 15:34 -------- d-----w- c:\users\Miloš\AppData\Local\temp
2011-07-13 10:36 . 2011-07-13 10:41 -------- d-----w- c:\program files\trend micro
2011-07-13 07:45 . 2011-07-13 11:29 -------- d-----w- c:\users\Guest
2011-07-12 08:04 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{18ADF3A6-9DD6-4537-99B0-1915974F0E0A}\mpengine.dll
2011-07-08 12:53 . 2011-07-08 12:53 -------- d-----w- c:\program files\Elaborate Bytes
2011-07-08 12:51 . 2011-07-08 12:51 -------- d-----w- c:\program files\CDisplay
2011-07-07 21:49 . 2011-07-07 21:49 -------- d-----w- c:\users\Miloš\AppData\Roaming\VitySoft
2011-07-04 14:27 . 2011-07-04 14:27 -------- d-----w- c:\program files\Common Files\SWF Studio
2011-07-04 14:23 . 2011-07-04 14:23 -------- d-----w- c:\program files\LucasArts
2011-07-04 14:22 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-07-04 14:22 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2011-07-04 14:22 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-07-04 14:22 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-07-03 09:06 . 2011-07-03 09:09 -------- d-----w- c:\users\Miloš\AppData\Roaming\Mp3tag
2011-07-03 09:06 . 2011-07-03 09:06 -------- d-----w- c:\program files\Mp3tag
2011-06-29 09:57 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 09:57 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 09:57 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 09:57 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 09:57 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 09:57 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 09:57 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 09:57 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 09:57 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 09:57 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-24 19:29 . 2011-06-24 19:30 -------- d-----w- c:\users\Miloš\AppData\Roaming\vlc
2011-06-24 19:29 . 2011-06-24 19:29 -------- d-----w- c:\program files\VideoLAN
2011-06-18 21:11 . 2011-06-18 21:11 -------- d-----w- c:\program files\iPod
2011-06-18 21:11 . 2011-06-18 21:12 -------- d-----w- c:\program files\iTunes
2011-06-15 08:04 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-06-15 08:04 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-15 08:04 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-15 07:50 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 07:50 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 07:50 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 07:50 . 2011-04-25 04:31 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 07:50 . 2011-04-25 02:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 07:50 . 2011-05-03 04:30 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-15 07:50 . 2011-01-17 05:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-15 07:50 . 2011-02-25 05:34 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-15 07:50 . 2011-04-27 02:17 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 07:50 . 2011-04-27 02:17 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 07:50 . 2011-04-27 02:17 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-14 10:17 . 2011-06-14 10:17 54600192 --sha-w- c:\windows\system32\nba2k11.dat
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-12 09:43 . 2011-01-14 17:21 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-07-12 09:43 . 2011-01-28 18:30 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-07-12 09:43 . 2011-01-14 17:21 268952 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-07-12 09:43 . 2011-01-14 17:21 214816 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-08 14:07 . 2011-01-14 17:21 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-06-06 20:42 . 2011-06-06 20:32 83872 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-06-06 20:42 . 2011-06-06 20:32 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-05-28 12:56 . 2011-05-28 12:56 65536 ----a-w- c:\windows\system32\frapsvid.dll
2011-05-24 17:14 . 2010-12-17 17:06 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-21 06:01 . 2011-06-04 21:39 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-05-21 06:01 . 2011-06-04 21:37 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-05-21 06:01 . 2011-06-04 21:37 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-05-21 06:01 . 2011-06-04 21:37 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-21 06:01 . 2011-06-04 21:37 5301352 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-21 06:01 . 2011-06-04 21:37 2804328 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-21 06:01 . 2011-06-04 21:37 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-21 06:01 . 2011-06-04 21:37 16456296 ----a-w- c:\windows\system32\nvoglv32.dll
2011-05-21 06:01 . 2011-06-04 21:37 11992680 ----a-w- c:\windows\system32\nvd3dum.dll
2011-05-21 06:01 . 2011-06-04 21:37 10589800 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-05-21 06:01 . 2011-06-04 21:37 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-21 06:01 . 2011-06-04 21:37 12392 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-05-21 06:01 . 2010-10-16 11:42 615528 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-21 06:01 . 2010-10-16 11:42 301672 ----a-w- c:\windows\system32\nvhotkey.dll
2011-05-21 06:01 . 2010-10-16 11:42 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-21 06:01 . 2010-10-16 11:42 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-21 06:01 . 2010-10-16 11:42 3693672 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-21 06:01 . 2010-10-16 11:42 2557544 ----a-w- c:\windows\system32\nvsvc.dll
2011-05-21 06:01 . 2009-10-03 10:40 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-05-21 06:01 . 2009-10-03 05:02 6555240 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-05-21 06:01 . 2009-10-03 05:02 2335848 ----a-w- c:\windows\system32\nvapi.dll
2011-05-16 10:03 . 2011-05-16 10:03 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 09:41 . 2011-06-04 21:37 26216 ----a-w- c:\windows\system32\nvhdap32.dll
2011-05-10 09:41 . 2011-06-04 21:37 65640 ----a-w- c:\windows\system32\nvapo32v.dll
2011-05-10 09:41 . 2011-06-04 21:37 139368 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2011-05-10 09:41 . 2011-06-04 21:37 865896 ----a-w- c:\windows\system32\nvhdagenco322040.dll
2011-05-10 06:06 . 2011-05-10 06:06 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-05-10 06:06 . 2011-05-10 06:06 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-05-10 04:55 . 2011-05-10 04:55 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-05-10 04:55 . 2010-12-20 19:20 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-05-04 02:52 . 2010-12-19 11:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-22 19:14 . 2011-05-25 09:34 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-21 08:50 . 2011-01-09 09:57 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-21 08:50 . 2011-01-09 09:57 109144 ----a-w- c:\windows\system32\OpenAL32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2011-01-05 133432]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-06-07 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-23 495708]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 321080]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-04-17 842816]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"CorelDRAW Graphics Suite 11b"="c:\program files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe" [2004-06-22 729088]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"CTCheck"="c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-10-25 380928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Miloš\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"ISUSPM Startup"=c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-01 100560]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-17 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-17 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2009-03-26 599344]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys [2008-03-14 280192]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.facemoods.com/?a=ddrnw
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-395227406-1693366131-1795795476-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{279C5F83-B773-A17C-F0A4-54A468B8BA1A}*]
"hannabenojedgpad"=hex:6a,61,67,63,68,67,69,61,64,66,61,70,62,6d,62,69,6e,6d,
69,70,00,00
"iadjglkijgjcdfadlf"=hex:6a,61,67,63,68,67,69,61,64,66,61,70,62,6d,62,69,6e,6d,
69,70,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(564)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2011-07-13 17:42:52
ComboFix-quarantined-files.txt 2011-07-13 15:42
ComboFix2.txt 2011-07-13 11:29
.
Před spuštěním: Volných bajtů: 25 048 006 656
Po spuštění: Volných bajtů: 24 984 260 608
.
- - End Of File - - 62382D2777B60427AEC9287701E42D2A
ComboFix 11-07-12.09 - Miloš 13.07.2011 17:24:50.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3069.1957 [GMT 2:00]
Spuštěný z: c:\users\MiloÜ\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\MiloÜ\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Disabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-13 do 2011-07-13 )))))))))))))))))))))))))))))))
.
.
2011-07-13 15:34 . 2011-07-13 15:34 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-07-13 15:34 . 2011-07-13 15:34 -------- d-----w- c:\users\Miloa\AppData\Local\temp
2011-07-13 15:34 . 2011-07-13 15:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-13 11:24 . 2011-07-13 11:24 8646 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS
2011-07-13 11:24 . 2011-07-13 11:24 6429 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS
2011-07-13 11:24 . 2011-07-13 11:24 63115 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS
2011-07-13 11:24 . 2011-07-13 11:24 4599 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS
2011-07-13 11:24 . 2011-07-13 11:24 9310 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS
2011-07-13 11:24 . 2011-07-13 11:24 8613 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS
2011-07-13 11:24 . 2011-07-13 11:24 5927 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS
2011-07-13 11:24 . 2011-07-13 11:24 6910 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS
2011-07-13 11:24 . 2011-07-13 11:24 18541 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS
2011-07-13 11:24 . 2011-07-13 11:24 1651 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS
2011-07-13 11:23 . 2011-07-13 11:23 8288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS
2011-07-13 11:23 . 2011-07-13 11:23 6208 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS
2011-07-13 11:23 . 2011-07-13 11:23 8782 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS
2011-07-13 11:23 . 2011-07-13 11:23 7271 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS
2011-07-13 11:23 . 2011-07-13 11:23 51852 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS
2011-07-13 11:23 . 2011-07-13 11:23 23327 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS
2011-07-13 11:23 . 2011-07-13 11:23 20719 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS
2011-07-13 11:22 . 2011-07-13 15:34 -------- d-----w- c:\users\Miloš\AppData\Local\temp
2011-07-13 10:36 . 2011-07-13 10:41 -------- d-----w- c:\program files\trend micro
2011-07-13 07:45 . 2011-07-13 11:29 -------- d-----w- c:\users\Guest
2011-07-12 08:04 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{18ADF3A6-9DD6-4537-99B0-1915974F0E0A}\mpengine.dll
2011-07-08 12:53 . 2011-07-08 12:53 -------- d-----w- c:\program files\Elaborate Bytes
2011-07-08 12:51 . 2011-07-08 12:51 -------- d-----w- c:\program files\CDisplay
2011-07-07 21:49 . 2011-07-07 21:49 -------- d-----w- c:\users\Miloš\AppData\Roaming\VitySoft
2011-07-04 14:27 . 2011-07-04 14:27 -------- d-----w- c:\program files\Common Files\SWF Studio
2011-07-04 14:23 . 2011-07-04 14:23 -------- d-----w- c:\program files\LucasArts
2011-07-04 14:22 . 2001-09-05 02:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-07-04 14:22 . 2001-09-05 02:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll
2011-07-04 14:22 . 2001-09-05 02:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-07-04 14:22 . 2001-09-05 02:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-07-03 09:06 . 2011-07-03 09:09 -------- d-----w- c:\users\Miloš\AppData\Roaming\Mp3tag
2011-07-03 09:06 . 2011-07-03 09:06 -------- d-----w- c:\program files\Mp3tag
2011-06-29 09:57 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 09:57 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 09:57 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 09:57 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 09:57 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 09:57 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 09:57 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 09:57 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 09:57 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 09:57 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-24 19:29 . 2011-06-24 19:30 -------- d-----w- c:\users\Miloš\AppData\Roaming\vlc
2011-06-24 19:29 . 2011-06-24 19:29 -------- d-----w- c:\program files\VideoLAN
2011-06-18 21:11 . 2011-06-18 21:11 -------- d-----w- c:\program files\iPod
2011-06-18 21:11 . 2011-06-18 21:12 -------- d-----w- c:\program files\iTunes
2011-06-15 08:04 . 2011-04-25 15:29 141104 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2011-06-15 08:04 . 2011-04-22 23:25 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-15 08:04 . 2011-04-22 23:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-15 07:50 . 2011-04-29 02:46 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-15 07:50 . 2011-04-29 02:46 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-15 07:50 . 2011-04-29 02:46 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-15 07:50 . 2011-04-25 04:31 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 07:50 . 2011-04-25 02:18 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-15 07:50 . 2011-05-03 04:30 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-15 07:50 . 2011-01-17 05:47 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-06-15 07:50 . 2011-02-25 05:34 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-15 07:50 . 2011-04-27 02:17 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 07:50 . 2011-04-27 02:17 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 07:50 . 2011-04-27 02:17 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-14 10:17 . 2011-06-14 10:17 54600192 --sha-w- c:\windows\system32\nba2k11.dat
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-12 09:43 . 2011-01-14 17:21 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-07-12 09:43 . 2011-01-28 18:30 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-07-12 09:43 . 2011-01-14 17:21 268952 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-07-12 09:43 . 2011-01-14 17:21 214816 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-08 14:07 . 2011-01-14 17:21 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-06-06 20:42 . 2011-06-06 20:32 83872 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-06-06 20:42 . 2011-06-06 20:32 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-05-28 12:56 . 2011-05-28 12:56 65536 ----a-w- c:\windows\system32\frapsvid.dll
2011-05-24 17:14 . 2010-12-17 17:06 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-21 06:01 . 2011-06-04 21:39 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-05-21 06:01 . 2011-06-04 21:37 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-05-21 06:01 . 2011-06-04 21:37 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-05-21 06:01 . 2011-06-04 21:37 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-21 06:01 . 2011-06-04 21:37 5301352 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-21 06:01 . 2011-06-04 21:37 2804328 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-21 06:01 . 2011-06-04 21:37 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-21 06:01 . 2011-06-04 21:37 16456296 ----a-w- c:\windows\system32\nvoglv32.dll
2011-05-21 06:01 . 2011-06-04 21:37 11992680 ----a-w- c:\windows\system32\nvd3dum.dll
2011-05-21 06:01 . 2011-06-04 21:37 10589800 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2011-05-21 06:01 . 2011-06-04 21:37 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-21 06:01 . 2011-06-04 21:37 12392 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2011-05-21 06:01 . 2010-10-16 11:42 615528 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-21 06:01 . 2010-10-16 11:42 301672 ----a-w- c:\windows\system32\nvhotkey.dll
2011-05-21 06:01 . 2010-10-16 11:42 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-21 06:01 . 2010-10-16 11:42 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-21 06:01 . 2010-10-16 11:42 3693672 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-21 06:01 . 2010-10-16 11:42 2557544 ----a-w- c:\windows\system32\nvsvc.dll
2011-05-21 06:01 . 2009-10-03 10:40 66664 ----a-w- c:\windows\system32\nvshext.dll
2011-05-21 06:01 . 2009-10-03 05:02 6555240 ----a-w- c:\windows\system32\nvwgf2um.dll
2011-05-21 06:01 . 2009-10-03 05:02 2335848 ----a-w- c:\windows\system32\nvapi.dll
2011-05-16 10:03 . 2011-05-16 10:03 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 09:41 . 2011-06-04 21:37 26216 ----a-w- c:\windows\system32\nvhdap32.dll
2011-05-10 09:41 . 2011-06-04 21:37 65640 ----a-w- c:\windows\system32\nvapo32v.dll
2011-05-10 09:41 . 2011-06-04 21:37 139368 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2011-05-10 09:41 . 2011-06-04 21:37 865896 ----a-w- c:\windows\system32\nvhdagenco322040.dll
2011-05-10 06:06 . 2011-05-10 06:06 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-05-10 06:06 . 2011-05-10 06:06 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-05-10 04:55 . 2011-05-10 04:55 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-05-10 04:55 . 2010-12-20 19:20 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-05-04 02:52 . 2010-12-19 11:48 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-22 19:14 . 2011-05-25 09:34 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-21 08:50 . 2011-01-09 09:57 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-21 08:50 . 2011-01-09 09:57 109144 ----a-w- c:\windows\system32\OpenAL32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\uTorrentBar\tbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2011-01-05 133432]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-06-07 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 1721640]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-23 495708]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-07-27 321080]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-04-17 842816]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"CorelDRAW Graphics Suite 11b"="c:\program files\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe" [2004-06-22 729088]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"CTCheck"="c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-10-25 380928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Miloš\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"ISUSPM Startup"=c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-01 100560]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-17 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-17 691696]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2009-03-26 599344]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys [2008-03-14 280192]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.facemoods.com/?a=ddrnw
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-395227406-1693366131-1795795476-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{279C5F83-B773-A17C-F0A4-54A468B8BA1A}*]
"hannabenojedgpad"=hex:6a,61,67,63,68,67,69,61,64,66,61,70,62,6d,62,69,6e,6d,
69,70,00,00
"iadjglkijgjcdfadlf"=hex:6a,61,67,63,68,67,69,61,64,66,61,70,62,6d,62,69,6e,6d,
69,70,00,00
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(564)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2011-07-13 17:42:52
ComboFix-quarantined-files.txt 2011-07-13 15:42
ComboFix2.txt 2011-07-13 11:29
.
Před spuštěním: Volných bajtů: 25 048 006 656
Po spuštění: Volných bajtů: 24 984 260 608
.
- - End Of File - - 62382D2777B60427AEC9287701E42D2A
Re: Kontrola logu
Nejak nam nic nesmazal 
Pujdem na to jinak 
Stahnete OTM (viz muj podpis)
Pujdem na to jinak Stahnete OTM (viz muj podpis)
- Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
- Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize
Kód: Vybrat vše
:reg [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=- [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=- "{043C5167-00BB-4324-AF7E-62013FAEDACF}"=- "{855F3B16-6D32-4FE6-8A56-BBB695989046}"=- [-HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"=- "ICQ"=- "uTorrent"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CorelDRAW Graphics Suite 11b"=- "AdobeCS4ServiceManager"=- "QuickTime Task"=- "AppleSyncNotifier"=- :services ICQ Service :files c:\program files\uTorrentBar c:\program files\ICQ6Toolbar C:\Program Files\vShare\vshare_toolbar.dll C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-395227406-1693366131-1795795476-1001Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-395227406-1693366131-1795795476-1001UA.job %windir%\system32\*.tmp.dll /s %windir%\system32\SET*.tmp /s %windir%\*.tmp :commands [RESETHOSTS] [EMPTYTEMP] [EMPTYFLASH]- Kliknete na cervene tlacitko MoveIt!
- Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Tady je log z OTM
All processes killed
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{043C5167-00BB-4324-AF7E-62013FAEDACF} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ deleted successfully.
Registry key HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\CorelDRAW Graphics Suite 11b deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AdobeCS4ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AppleSyncNotifier deleted successfully.
========== SERVICES/DRIVERS ==========
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
========== FILES ==========
c:\program files\uTorrentBar folder moved successfully.
c:\program files\ICQ6Toolbar folder moved successfully.
C:\Program Files\vShare\vshare_toolbar.dll moved successfully.
File/Folder C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-395227406-1693366131-1795795476-1001Core.job not found.
File/Folder C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-395227406-1693366131-1795795476-1001UA.job not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
C:\Windows\system32\SET569B.tmp moved successfully.
C:\Windows\system32\SETA35C.tmp moved successfully.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
User: Miloa
->Temp folder emptied: 0 bytes
User: Miloš
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 20372527 bytes
->Java cache emptied: 10914351 bytes
->Google Chrome cache emptied: 301476965 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 60271 bytes
User: Public
->Temp folder emptied: 0 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1619120 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 319,00 mb
OTM by OldTimer - Version 3.1.18.0 log created on 07132011_184521
Files moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{043C5167-00BB-4324-AF7E-62013FAEDACF} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{043C5167-00BB-4324-AF7E-62013FAEDACF}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4FE6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}\ deleted successfully.
Registry key HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\CorelDRAW Graphics Suite 11b deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AdobeCS4ServiceManager deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AppleSyncNotifier deleted successfully.
========== SERVICES/DRIVERS ==========
Service ICQ Service stopped successfully!
Service ICQ Service deleted successfully!
========== FILES ==========
c:\program files\uTorrentBar folder moved successfully.
c:\program files\ICQ6Toolbar folder moved successfully.
C:\Program Files\vShare\vshare_toolbar.dll moved successfully.
File/Folder C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-395227406-1693366131-1795795476-1001Core.job not found.
File/Folder C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-395227406-1693366131-1795795476-1001UA.job not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
C:\Windows\system32\SET569B.tmp moved successfully.
C:\Windows\system32\SETA35C.tmp moved successfully.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
User: Miloa
->Temp folder emptied: 0 bytes
User: Miloš
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 20372527 bytes
->Java cache emptied: 10914351 bytes
->Google Chrome cache emptied: 301476965 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 60271 bytes
User: Public
->Temp folder emptied: 0 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 1619120 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 319,00 mb
OTM by OldTimer - Version 3.1.18.0 log created on 07132011_184521
Files moved on Reboot...
Registry entries deleted on Reboot...
Re: Kontrola logu
Jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Zatím to vypadá že pc pracuje normálně, žádné neobvyklé situace nenastaly. Chcete ještě nový RSIT log? Nebo už je všechno v pořádku. Děkuji.
Re: Kontrola logu
Tak jeste uklidime
Odinstalujte Combofix
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner (viz muj podpis)
Panel čistič
Poprosim o novy log z RSIT
Odinstalujte Combofix
- Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
- Napiste ComboFix /UninstallA
- Stisknete Enter
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Poprosim o novy log z RSIT"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Provedl jsem všechny vámi uvedené body až na první, kde mi windows vyhodil hlášku, že nemůže nalézt položku ComboFix. Zde přikládám nový RSIT log.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Miloš at 2011-07-13 22:01:22
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 25 GB (8%) free of 297 GB
Total RAM: 3069 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:01:34, on 13.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Miloš\Downloads\RSIT.exe
C:\Program Files\trend micro\Miloš.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\Windows\system32\Hpservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - c:\Windows\system32\vfsFPService.exe
--
End of file - 6873 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-04-17 1256512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 1721640]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-23 495708]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-27 321080]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2009-04-17 842816]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2021400]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"CTCheck"=C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe [2007-10-25 380928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTSyncU.exe"=C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe [2007-07-17 868352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-13 203776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2011-07-13 22:01:22 ----D---- C:\rsit
2011-07-13 21:51:25 ----D---- C:\Program Files\CCleaner
2011-07-13 18:47:15 ----D---- C:\Windows\temp
2011-07-13 17:42:10 ----SHD---- C:\$RECYCLE.BIN
2011-07-13 13:07:08 ----D---- C:\Qoobox
2011-07-13 12:36:02 ----D---- C:\Program Files\trend micro
2011-07-12 23:00:23 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-12 23:00:17 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-07-12 23:00:17 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-07-12 23:00:13 ----A---- C:\Windows\system32\kernel32.dll
2011-07-12 23:00:12 ----A---- C:\Windows\system32\winsrv.dll
2011-07-12 23:00:12 ----A---- C:\Windows\system32\conhost.exe
2011-07-12 23:00:07 ----A---- C:\Windows\system32\win32k.sys
2011-07-08 14:53:31 ----D---- C:\Program Files\Elaborate Bytes
2011-07-08 14:51:58 ----D---- C:\Program Files\CDisplay
2011-07-07 23:49:41 ----D---- C:\Users\Miloš\AppData\Roaming\VitySoft
2011-07-04 16:27:17 ----D---- C:\Program Files\Common Files\SWF Studio
2011-07-04 16:23:07 ----D---- C:\Program Files\LucasArts
2011-07-03 11:06:58 ----D---- C:\Users\Miloš\AppData\Roaming\Mp3tag
2011-07-03 11:06:42 ----D---- C:\Program Files\Mp3tag
2011-06-29 11:57:19 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-29 11:57:14 ----A---- C:\Windows\system32\tquery.dll
2011-06-29 11:57:14 ----A---- C:\Windows\system32\mssrch.dll
2011-06-29 11:57:12 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-29 11:57:12 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-29 11:57:12 ----A---- C:\Windows\system32\mssph.dll
2011-06-29 11:57:11 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-29 11:57:11 ----A---- C:\Windows\system32\mssvp.dll
2011-06-29 11:57:10 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-29 11:57:10 ----A---- C:\Windows\system32\msscntrs.dll
2011-06-27 11:51:35 ----A---- C:\Windows\system32\javaws.exe
2011-06-27 11:51:35 ----A---- C:\Windows\system32\javaw.exe
2011-06-27 11:51:35 ----A---- C:\Windows\system32\java.exe
2011-06-24 21:29:56 ----D---- C:\Users\Miloš\AppData\Roaming\vlc
2011-06-24 21:29:07 ----D---- C:\Program Files\VideoLAN
2011-06-18 23:11:19 ----D---- C:\Program Files\iPod
2011-06-18 23:11:18 ----D---- C:\Program Files\iTunes
2011-06-15 10:04:40 ----A---- C:\Windows\system32\mshtmled.dll
2011-06-15 10:04:39 ----A---- C:\Windows\system32\jscript9.dll
2011-06-15 10:04:39 ----A---- C:\Windows\system32\jscript.dll
2011-06-15 10:04:39 ----A---- C:\Windows\system32\ieui.dll
2011-06-15 10:04:39 ----A---- C:\Windows\system32\iertutil.dll
2011-06-15 10:04:37 ----A---- C:\Windows\system32\urlmon.dll
2011-06-15 10:04:37 ----A---- C:\Windows\system32\mshtml.dll
2011-06-15 10:04:37 ----A---- C:\Windows\system32\ieframe.dll
2011-06-15 09:50:48 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-15 09:50:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-15 09:50:48 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-15 09:50:43 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-06-15 09:50:42 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-15 09:50:38 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-15 09:50:36 ----A---- C:\Windows\system32\d3d10_1.dll
2011-06-15 09:50:19 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-15 09:50:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-15 09:50:04 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-15 09:50:04 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
======List of files/folders modified in the last 1 months======
2011-07-13 22:01:33 ----D---- C:\Windows\Prefetch
2011-07-13 22:00:31 ----D---- C:\Windows
2011-07-13 21:59:09 ----D---- C:\Windows\System32
2011-07-13 21:56:27 ----SHD---- C:\Windows\Installer
2011-07-13 21:56:16 ----SHD---- C:\System Volume Information
2011-07-13 21:56:09 ----RD---- C:\Program Files
2011-07-13 21:51:56 ----D---- C:\Users\Miloš\AppData\Roaming\Media Player Classic
2011-07-13 21:51:52 ----D---- C:\Windows\debug
2011-07-13 21:49:53 ----D---- C:\Windows\inf
2011-07-13 21:49:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-13 21:46:19 ----D---- C:\Windows\system32\config
2011-07-13 18:45:36 ----D---- C:\Windows\system32\drivers\etc
2011-07-13 18:45:33 ----D---- C:\Program Files\vShare
2011-07-13 17:35:14 ----A---- C:\Windows\system.ini
2011-07-13 17:29:47 ----D---- C:\Windows\system32\drivers
2011-07-13 17:29:47 ----D---- C:\Windows\AppPatch
2011-07-13 17:29:46 ----D---- C:\Program Files\Common Files
2011-07-13 13:28:07 ----D---- C:\Windows\system32\Tasks
2011-07-13 13:28:03 ----D---- C:\Windows\Tasks
2011-07-13 12:32:14 ----D---- C:\Users\Miloš\AppData\Roaming\uTorrent
2011-07-13 09:45:32 ----RD---- C:\Users
2011-07-12 23:09:02 ----D---- C:\Windows\winsxs
2011-07-12 23:06:58 ----D---- C:\Windows\system32\DriverStore
2011-07-12 23:01:45 ----A---- C:\Windows\system32\MRT.exe
2011-07-12 23:01:36 ----D---- C:\ProgramData\Microsoft Help
2011-07-12 23:00:00 ----D---- C:\Windows\system32\catroot
2011-07-12 22:59:49 ----D---- C:\Windows\system32\catroot2
2011-07-12 14:08:56 ----D---- C:\Temp
2011-07-12 11:43:40 ----A---- C:\Windows\system32\PnkBstrB.exe
2011-07-08 16:07:47 ----A---- C:\Windows\system32\PnkBstrA.exe
2011-07-08 14:53:51 ----D---- C:\ProgramData
2011-07-04 16:23:20 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-04 16:22:49 ----D---- C:\Program Files\Common Files\InstallShield
2011-07-02 18:42:53 ----D---- C:\Users\Miloš\AppData\Roaming\ICQ
2011-07-02 18:42:53 ----D---- C:\Program Files\ICQ7.2
2011-06-30 11:58:14 ----RSD---- C:\Windows\assembly
2011-06-30 11:52:06 ----D---- C:\Program Files\SEGA
2011-06-29 11:59:00 ----RSD---- C:\Windows\Fonts
2011-06-29 11:58:25 ----D---- C:\Program Files\Microsoft Office
2011-06-27 11:51:33 ----D---- C:\Program Files\Java
2011-06-26 15:17:30 ----D---- C:\Program Files\JDownloader
2011-06-18 23:11:18 ----D---- C:\Program Files\Common Files\Apple
2011-06-15 11:03:00 ----D---- C:\Windows\Microsoft.NET
2011-06-15 10:13:07 ----D---- C:\Program Files\Microsoft Silverlight
2011-06-15 10:11:45 ----D---- C:\Program Files\Internet Explorer
2011-06-15 09:52:07 ----D---- C:\Windows\Minidump
2011-06-14 11:46:54 ----D---- C:\Program Files\2K Sports
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-17 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-06-06 83872]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-06-06 25888]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2008-03-14 280192]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-08 2506232]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2010-03-23 423424]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aavaug8b;aavaug8b; C:\Windows\system32\drivers\aavaug8b.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-01 100560]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-04-17 322624]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 26168]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-21 615528]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-07-08 75136]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [2010-03-23 229458]
R2 vfsFPService;Validity Fingerprint Service; c:\Windows\system32\vfsFPService.exe [2009-03-26 599344]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-17 655624]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 820520]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-17 1343400]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by Miloš at 2011-07-13 22:01:22
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 25 GB (8%) free of 297 GB
Total RAM: 3069 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:01:34, on 13.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Miloš\Downloads\RSIT.exe
C:\Program Files\trend micro\Miloš.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\Windows\system32\Hpservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - c:\Windows\system32\vfsFPService.exe
--
End of file - 6873 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-04-17 1256512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 1721640]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-23 495708]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-07-27 321080]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2009-04-17 842816]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2021400]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"CTCheck"=C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe [2007-10-25 380928]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTSyncU.exe"=C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe [2007-07-17 868352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-13 203776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=95
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2011-07-13 22:01:22 ----D---- C:\rsit
2011-07-13 21:51:25 ----D---- C:\Program Files\CCleaner
2011-07-13 18:47:15 ----D---- C:\Windows\temp
2011-07-13 17:42:10 ----SHD---- C:\$RECYCLE.BIN
2011-07-13 13:07:08 ----D---- C:\Qoobox
2011-07-13 12:36:02 ----D---- C:\Program Files\trend micro
2011-07-12 23:00:23 ----A---- C:\Windows\system32\KernelBase.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-12 23:00:22 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-12 23:00:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-12 23:00:20 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-12 23:00:17 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2011-07-12 23:00:17 ----A---- C:\Windows\system32\drivers\bthport.sys
2011-07-12 23:00:13 ----A---- C:\Windows\system32\kernel32.dll
2011-07-12 23:00:12 ----A---- C:\Windows\system32\winsrv.dll
2011-07-12 23:00:12 ----A---- C:\Windows\system32\conhost.exe
2011-07-12 23:00:07 ----A---- C:\Windows\system32\win32k.sys
2011-07-08 14:53:31 ----D---- C:\Program Files\Elaborate Bytes
2011-07-08 14:51:58 ----D---- C:\Program Files\CDisplay
2011-07-07 23:49:41 ----D---- C:\Users\Miloš\AppData\Roaming\VitySoft
2011-07-04 16:27:17 ----D---- C:\Program Files\Common Files\SWF Studio
2011-07-04 16:23:07 ----D---- C:\Program Files\LucasArts
2011-07-03 11:06:58 ----D---- C:\Users\Miloš\AppData\Roaming\Mp3tag
2011-07-03 11:06:42 ----D---- C:\Program Files\Mp3tag
2011-06-29 11:57:19 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-29 11:57:14 ----A---- C:\Windows\system32\tquery.dll
2011-06-29 11:57:14 ----A---- C:\Windows\system32\mssrch.dll
2011-06-29 11:57:12 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-29 11:57:12 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-29 11:57:12 ----A---- C:\Windows\system32\mssph.dll
2011-06-29 11:57:11 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-29 11:57:11 ----A---- C:\Windows\system32\mssvp.dll
2011-06-29 11:57:10 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-29 11:57:10 ----A---- C:\Windows\system32\msscntrs.dll
2011-06-27 11:51:35 ----A---- C:\Windows\system32\javaws.exe
2011-06-27 11:51:35 ----A---- C:\Windows\system32\javaw.exe
2011-06-27 11:51:35 ----A---- C:\Windows\system32\java.exe
2011-06-24 21:29:56 ----D---- C:\Users\Miloš\AppData\Roaming\vlc
2011-06-24 21:29:07 ----D---- C:\Program Files\VideoLAN
2011-06-18 23:11:19 ----D---- C:\Program Files\iPod
2011-06-18 23:11:18 ----D---- C:\Program Files\iTunes
2011-06-15 10:04:40 ----A---- C:\Windows\system32\mshtmled.dll
2011-06-15 10:04:39 ----A---- C:\Windows\system32\jscript9.dll
2011-06-15 10:04:39 ----A---- C:\Windows\system32\jscript.dll
2011-06-15 10:04:39 ----A---- C:\Windows\system32\ieui.dll
2011-06-15 10:04:39 ----A---- C:\Windows\system32\iertutil.dll
2011-06-15 10:04:37 ----A---- C:\Windows\system32\urlmon.dll
2011-06-15 10:04:37 ----A---- C:\Windows\system32\mshtml.dll
2011-06-15 10:04:37 ----A---- C:\Windows\system32\ieframe.dll
2011-06-15 09:50:48 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-15 09:50:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-15 09:50:48 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-15 09:50:43 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-06-15 09:50:42 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-15 09:50:38 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-15 09:50:36 ----A---- C:\Windows\system32\d3d10_1.dll
2011-06-15 09:50:19 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-15 09:50:04 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-15 09:50:04 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-15 09:50:04 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
======List of files/folders modified in the last 1 months======
2011-07-13 22:01:33 ----D---- C:\Windows\Prefetch
2011-07-13 22:00:31 ----D---- C:\Windows
2011-07-13 21:59:09 ----D---- C:\Windows\System32
2011-07-13 21:56:27 ----SHD---- C:\Windows\Installer
2011-07-13 21:56:16 ----SHD---- C:\System Volume Information
2011-07-13 21:56:09 ----RD---- C:\Program Files
2011-07-13 21:51:56 ----D---- C:\Users\Miloš\AppData\Roaming\Media Player Classic
2011-07-13 21:51:52 ----D---- C:\Windows\debug
2011-07-13 21:49:53 ----D---- C:\Windows\inf
2011-07-13 21:49:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-13 21:46:19 ----D---- C:\Windows\system32\config
2011-07-13 18:45:36 ----D---- C:\Windows\system32\drivers\etc
2011-07-13 18:45:33 ----D---- C:\Program Files\vShare
2011-07-13 17:35:14 ----A---- C:\Windows\system.ini
2011-07-13 17:29:47 ----D---- C:\Windows\system32\drivers
2011-07-13 17:29:47 ----D---- C:\Windows\AppPatch
2011-07-13 17:29:46 ----D---- C:\Program Files\Common Files
2011-07-13 13:28:07 ----D---- C:\Windows\system32\Tasks
2011-07-13 13:28:03 ----D---- C:\Windows\Tasks
2011-07-13 12:32:14 ----D---- C:\Users\Miloš\AppData\Roaming\uTorrent
2011-07-13 09:45:32 ----RD---- C:\Users
2011-07-12 23:09:02 ----D---- C:\Windows\winsxs
2011-07-12 23:06:58 ----D---- C:\Windows\system32\DriverStore
2011-07-12 23:01:45 ----A---- C:\Windows\system32\MRT.exe
2011-07-12 23:01:36 ----D---- C:\ProgramData\Microsoft Help
2011-07-12 23:00:00 ----D---- C:\Windows\system32\catroot
2011-07-12 22:59:49 ----D---- C:\Windows\system32\catroot2
2011-07-12 14:08:56 ----D---- C:\Temp
2011-07-12 11:43:40 ----A---- C:\Windows\system32\PnkBstrB.exe
2011-07-08 16:07:47 ----A---- C:\Windows\system32\PnkBstrA.exe
2011-07-08 14:53:51 ----D---- C:\ProgramData
2011-07-04 16:23:20 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-04 16:22:49 ----D---- C:\Program Files\Common Files\InstallShield
2011-07-02 18:42:53 ----D---- C:\Users\Miloš\AppData\Roaming\ICQ
2011-07-02 18:42:53 ----D---- C:\Program Files\ICQ7.2
2011-06-30 11:58:14 ----RSD---- C:\Windows\assembly
2011-06-30 11:52:06 ----D---- C:\Program Files\SEGA
2011-06-29 11:59:00 ----RSD---- C:\Windows\Fonts
2011-06-29 11:58:25 ----D---- C:\Program Files\Microsoft Office
2011-06-27 11:51:33 ----D---- C:\Program Files\Java
2011-06-26 15:17:30 ----D---- C:\Program Files\JDownloader
2011-06-18 23:11:18 ----D---- C:\Program Files\Common Files\Apple
2011-06-15 11:03:00 ----D---- C:\Windows\Microsoft.NET
2011-06-15 10:13:07 ----D---- C:\Program Files\Microsoft Silverlight
2011-06-15 10:11:45 ----D---- C:\Program Files\Internet Explorer
2011-06-15 09:52:07 ----D---- C:\Windows\Minidump
2011-06-14 11:46:54 ----D---- C:\Program Files\2K Sports
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-17 691696]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-06-06 83872]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-06-06 25888]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2008-03-14 280192]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-08 2506232]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-09-04 54784]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 15872]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2011-05-10 139368]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-02 139776]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2010-03-23 423424]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 245936]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aavaug8b;aavaug8b; C:\Windows\system32\drivers\aavaug8b.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-01 100560]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-04-17 322624]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 26168]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-21 615528]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-07-08 75136]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [2010-03-23 229458]
R2 vfsFPService;Validity Fingerprint Service; c:\Windows\system32\vfsFPService.exe [2009-03-26 599344]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-17 655624]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 820520]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-17 1343400]
-----------------EOF-----------------
Re: Kontrola logu
Spustte HJT a provedeme fixnuti polozek
- HJT najdete zde C:\Program Files\trend micro\Miloš.exe
- Otevre se Vam okno, kliknete na Do a system scan only
- V dalsim okne najdete radky které jsem Vam vypsal nize, vedle nich je ctverecek, do ktereho udelate zatrzitko
- R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddrnw
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) - Kliknete na Fix checked (vlevo dole)
- HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo
Jinak log vypada v poradku 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Kontrola logu
Tak jsem fixnul vámi uvedené položky a je hotovo. Děkuji Vám za pomoc.
Re: Kontrola logu
Nemate zac, rad jsem pomohl Zase nekdy 
Zase nekdy "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?