Dobrý den,prosím o kontrolu logu z RSIT.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Elmo at 2011-09-26 15:35:26
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 2 GB (12%) free of 13 GB
Total RAM: 3327 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:35:28, on 26.9.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\AVAST Software\Avast\AvastSvc.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\AVAST Software\Avast\avastUI.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\PnkBstrB.exe
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\New Folder\pes2011.exe
D:\Documents and Settings\Elmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Elmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Elmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Elmo\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\Elmo\Plocha\RSIT.exe
D:\Program Files\trend micro\Elmo.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = astroburn-search.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - D:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - D:\Program Files\uTorrentBar\prxtbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - D:\Program Files\uTorrentBar\prxtbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - D:\Program Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Astroburn Toolbar - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - D:\Program Files\Astroburn Toolbar\ABToolbar.dll
O4 - HKLM\..\Run: [avast] "D:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\Elmo\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: GameRanger.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6247161906
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - D:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - D:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 5381 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\GlaryInitialize.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-329068152-725345543-1003Core.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-220523388-329068152-725345543-1003UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - D:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-03-28 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - D:\Program Files\uTorrentBar\prxtbuTor.dll [2011-03-28 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-20 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-20 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - D:\Program Files\uTorrentBar\prxtbuTor.dll [2011-03-28 176936]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - D:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-03-28 176936]
{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - Astroburn Toolbar - D:\Program Files\Astroburn Toolbar\ABToolbar.dll [2011-05-23 1000768]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=D:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2011-05-26 20053608]
"LogMeIn Hamachi Ui"=D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-15 1955208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Google Update"=D:\Documents and Settings\Elmo\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-05-16 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
D:\Documents and Settings\Elmo\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-05-16 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
D:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-15 1955208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
F:\Elmo\GTA4\Rockstar Games Social Club\RGSCLauncher.exe /silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files\Steam\steam.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
D:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamersFirst LIVE!.lnk]
D:\PROGRA~1\GAMERS~1\LIVE!\Live.exe [2011-06-07 2586736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wlidsvc"=2
"JavaQuickStarterService"=2
"IDriverT"=3
"Hamachi2Svc"=2
D:\Documents and Settings\Elmo\Nabídka Start\Programy\Po spuštění
GameRanger.lnk - D:\Documents and Settings\Elmo\Data aplikací\GameRanger\GameRanger\GameRanger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2010-10-27 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\WINDOWS\system32\dpvsetup.exe"="D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"D:\WINDOWS\system32\rundll32.exe"="D:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"F:\Elmo\Call of Duty 5-World at War\CoDWaW.exe"="F:\Elmo\Call of Duty 5-World at War\CoDWaW.exe:*:Enabled:Call of Duty(R): World at War Campaign/Coop"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Counter Strike 1.6\hl.exe"="C:\Counter Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\GTA4\Call of Duty Modern Warfare 2\iw4sp.exe"="F:\GTA4\Call of Duty Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"F:\GTA4\Call of Duty Modern Warfare 2\iw4mp.exe"="F:\GTA4\Call of Duty Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"D:\WINDOWS\system32\PnkBstrA.exe"="D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\WINDOWS\system32\PnkBstrB.exe"="D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"F:\Elmo\ARMA2\Bohemia Interactive\arma2.exe"="F:\Elmo\ARMA2\Bohemia Interactive\arma2.exe:*:Enabled:ArmA 2"
"F:\Instalačky\Pes10\pes\pes2010.exe"="F:\Instalačky\Pes10\pes\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"F:\Instalačky\GTA4\Rockstar Games Social Club\RGSCLauncher.exe"="F:\Instalačky\GTA4\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"F:\Instalačky\GTA4\Grand Theft Auto IV\LaunchGTAIV.exe"="F:\Instalačky\GTA4\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\Instalačky\GTA4\Grand Theft Auto IV\GTAIV.exe"="F:\Instalačky\GTA4\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"F:\Elmo\pes\pes2010.exe"="F:\Elmo\pes\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"F:\Elmo\GTA4\Grand Theft Auto IV\GTAIV.exe"="F:\Elmo\GTA4\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"F:\Elmo\FIFA11\Game\fifa.exe"="F:\Elmo\FIFA11\Game\fifa.exe:*:Enabled:FIFA 11"
"F:\Elmo\Call of Duty 4\iw3mp.exe"="F:\Elmo\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"F:\Elmo\Age Of Empires II CZ\empires2.exe"="F:\Elmo\Age Of Empires II CZ\empires2.exe:*:Enabled:Age of Empires II"
"F:\Elmo\Age Of Empires II CZ\age2_x1.exe"="F:\Elmo\Age Of Empires II CZ\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"D:\Program Files\Age of Empires II\empires2.exe"="D:\Program Files\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II"
"D:\WINDOWS\system32\dplaysvr.exe"="D:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"F:\Elmo\Age Of Empires II\empires2.EXE"="F:\Elmo\Age Of Empires II\empires2.EXE:*:Enabled:Age of Empires II"
"F:\Elmo\Left 4 Dead\left4dead.exe"="F:\Elmo\Left 4 Dead\left4dead.exe:*:Enabled:left4dead"
"F:\Elmo\Age of Empires III\Age3.exe"="F:\Elmo\Age of Empires III\Age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\fifa11\pes2010.exe"="C:\Program Files\fifa11\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"D:\Program Files\Pando Networks\Media Booster\PMB.exe"="D:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Documents and Settings\Elmo\Data aplikací\GameRanger\GameRanger\GameRanger.exe"="D:\Documents and Settings\Elmo\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"F:\Elmo\GamersFirst\APB Reloaded\Binaries\APB.exe"="F:\Elmo\GamersFirst\APB Reloaded\Binaries\APB.exe:*:Enabled:APB: APB.exe"
"F:\Elmo\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe"="F:\Elmo\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe:*:Enabled:APB: VivoxVoiceService.exe"
"C:\Program Files\PROEVO 10\pes2010.exe"="C:\Program Files\PROEVO 10\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"F:\Elmo\HellGate London\nwn2main.exe"="F:\Elmo\HellGate London\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main"
"F:\Elmo\HellGate London\nwn2main_amdxp.exe"="F:\Elmo\HellGate London\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD"
"F:\Elmo\HellGate London\nwupdate.exe"="F:\Elmo\HellGate London\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater"
"F:\Elmo\HellGate London\nwn2server.exe"="F:\Elmo\HellGate London\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server"
"F:\Elmo\Nová složka\Call of Duty Modern Warfare 2\iw4sp.exe"="F:\Elmo\Nová složka\Call of Duty Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"F:\Elmo\Tennis4\VT4.exe"="F:\Elmo\Tennis4\VT4.exe:*:Enabled:Virtua Tennis 4™"
"D:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="D:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"F:\Elmo\Assassins Creed-Brotherhood\ACBSP.exe"="F:\Elmo\Assassins Creed-Brotherhood\ACBSP.exe:*:Enabled:Assassin's Creed Brotherhood"
"F:\Elmo\Assassins Creed-Brotherhood\ACBMP.exe"="F:\Elmo\Assassins Creed-Brotherhood\ACBMP.exe:*:Enabled:Assassin's Creed Brotherhood Multiplayer"
"F:\Elmo\Assassins Creed-Brotherhood\AssassinsCreedBrotherhood.exe"="F:\Elmo\Assassins Creed-Brotherhood\AssassinsCreedBrotherhood.exe:*:Enabled:Assassin's Creed Brotherhood Update"
"F:\Elmo\Assassins Creed-Brotherhood\UPlayBrowser.exe"="F:\Elmo\Assassins Creed-Brotherhood\UPlayBrowser.exe:*:Enabled:Assassin's Creed Brotherhood Uplay"
"F:\Crysis2\bin32\Crysis2.exe"="F:\Crysis2\bin32\Crysis2.exe:*:Enabled:Crysis2"
"C:\Program Files\Crysis2\bin32\Crysis2.exe"="C:\Program Files\Crysis2\bin32\Crysis2.exe:*:Enabled:Crysis2"
"C:\Program Files\LoL\League of Legends\lol.launcher.exe"="C:\Program Files\LoL\League of Legends\lol.launcher.exe:*:Enabled:Play League of Legends"
"C:\Program Files\GamersFirst\APB Reloaded\Binaries\APB.exe"="C:\Program Files\GamersFirst\APB Reloaded\Binaries\APB.exe:*:Enabled:APB: APB.exe"
"C:\Program Files\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe"="C:\Program Files\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe:*:Enabled:APB: VivoxVoiceService.exe"
"C:\Program Files\New Folder\pes2011.exe"="C:\Program Files\New Folder\pes2011.exe:*:Enabled:Pro Evolution Soccer 2011"
"D:\Program Files\Steam\steamapps\chabadaj\counter-strike\hl.exe"="D:\Program Files\Steam\steamapps\chabadaj\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"F:\Steam\steamapps\chabadaj\team fortress 2\hl2.exe"="F:\Steam\steamapps\chabadaj\team fortress 2\hl2.exe:*:Enabled:hl2"
"F:\Tom Clancys\Tom Clancyˇs\src\system\conviction_game.exe"="F:\Tom Clancys\Tom Clancyˇs\src\system\conviction_game.exe:*:Enabled:conviction_game"
"F:\DDO\DDO Unlimited\dndclient.exe"="F:\DDO\DDO Unlimited\dndclient.exe:*:Enabled:dndclient"
"F:\AoEO\Spartan.exe"="F:\AoEO\Spartan.exe:*:Enabled:Age of Empires Online"
"F:\AoEO\AOEOnline.exe"="F:\AoEO\AOEOnline.exe:*:Enabled:Age of Empires Online"
"F:\AoEO\AOEOnlineReplace.exe"="F:\AoEO\AOEOnlineReplace.exe:*:Enabled:AOEOnlineReplace"
"D:\Program Files\Microsoft Games for Windows - LIVE\Client\GFWLClient.exe"="D:\Program Files\Microsoft Games for Windows - LIVE\Client\GFWLClient.exe:*:Enabled:GFWLClient"
"D:\Program Files\AVAST Software\Avast\AvastUI.exe"="D:\Program Files\AVAST Software\Avast\AvastUI.exe:*:Enabled:avast! Free Antivirus"
"D:\Program Files\Microsoft Games for Windows - LIVE\Client\GFWLive.exe"="D:\Program Files\Microsoft Games for Windows - LIVE\Client\GFWLive.exe:*:Disabled:Games for Windows Marketplace"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Pando Networks\Media Booster\PMB.exe"="D:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"msacm.lhacm"=lhacm.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======List of files/folders created in the last 1 month======
2011-09-26 15:35:26 ----D---- D:\rsit
2011-09-26 15:35:26 ----D---- D:\Program Files\trend micro
2011-09-26 14:27:17 ----D---- D:\WINDOWS\CSC
2011-09-26 14:27:07 ----A---- D:\WINDOWS\ntbtlog.txt
2011-09-17 11:38:33 ----SHD---- D:\Documents and Settings\All Users\Data aplikací\DSS
2011-09-17 11:04:13 ----A---- D:\WINDOWS\system32\pbsvc_moh.exe
2011-09-12 17:02:37 ----D---- D:\WINDOWS\system32\URTTEMP
2011-08-31 12:12:27 ----A---- D:\WINDOWS\system32\kbdkor.dll
2011-08-31 12:12:27 ----A---- D:\WINDOWS\system32\kbdjpn.dll
2011-08-31 12:12:27 ----A---- D:\WINDOWS\system32\kbd103.dll
2011-08-31 12:12:27 ----A---- D:\WINDOWS\system32\kbd101c.dll
2011-08-31 12:12:27 ----A---- D:\WINDOWS\system32\kbd101b.dll
2011-08-31 12:12:26 ----A---- D:\WINDOWS\system32\kbd106.dll
2011-08-27 19:33:57 ----D---- D:\Documents and Settings\All Users\Data aplikací\KONAMI
======List of files/folders modified in the last 1 month======
2011-09-26 15:45:17 ----D---- D:\WINDOWS\Temp
2011-09-26 15:35:26 ----RD---- D:\Program Files
2011-09-26 15:34:57 ----D---- D:\WINDOWS\system32
2011-09-26 15:34:57 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2011-09-26 15:10:30 ----D---- D:\Documents and Settings\Elmo\Data aplikací\Mumble
2011-09-26 15:03:20 ----D---- D:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-09-26 14:27:33 ----D---- D:\WINDOWS
2011-09-26 14:27:27 ----D---- D:\WINDOWS\system32\CatRoot2
2011-09-26 14:26:26 ----A---- D:\WINDOWS\SchedLgU.Txt
2011-09-26 13:23:07 ----D---- D:\Documents and Settings\Elmo\Data aplikací\uTorrent
2011-09-26 13:23:07 ----D---- D:\Documents and Settings\Elmo\Data aplikací\TS3Client
2011-09-26 13:23:05 ----D---- D:\WINDOWS\Minidump
2011-09-26 13:23:05 ----D---- D:\WINDOWS\Logs
2011-09-26 11:02:51 ----D---- D:\Documents and Settings\Elmo\Data aplikací\BSplayer
2011-09-25 18:03:44 ----RSHDC---- D:\WINDOWS\system32\dllcache
2011-09-25 18:02:12 ----SHD---- D:\WINDOWS\Installer
2011-09-24 16:51:12 ----D---- D:\WINDOWS\Microsoft.NET
2011-09-24 13:36:17 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-09-24 13:35:02 ----D---- D:\WINDOWS\system32\XPSViewer
2011-09-24 13:35:01 ----RSD---- D:\WINDOWS\Fonts
2011-09-24 13:34:35 ----HD---- D:\WINDOWS\inf
2011-09-24 13:34:08 ----D---- D:\WINDOWS\system32\CatRoot
2011-09-24 13:33:34 ----D---- D:\WINDOWS\Prefetch
2011-09-24 13:33:31 ----RSD---- D:\WINDOWS\assembly
2011-09-24 13:33:16 ----D---- D:\WINDOWS\WinSxS
2011-09-24 13:26:38 ----D---- D:\WINDOWS\system32\DirectX
2011-09-17 11:05:20 ----A---- D:\WINDOWS\system32\PnkBstrB.exe
2011-09-17 11:04:13 ----A---- D:\WINDOWS\system32\PnkBstrA.exe
2011-09-13 15:29:58 ----D---- D:\Documents and Settings\Elmo\Data aplikací\Skype
2011-09-12 17:04:24 ----D---- D:\WINDOWS\Registration
2011-09-11 16:01:50 ----D---- D:\Documents and Settings\All Users\Data aplikací\Ubisoft
2011-09-11 10:50:00 ----HD---- D:\Program Files\InstallShield Installation Information
2011-09-06 22:45:29 ----A---- D:\WINDOWS\system32\aswBoot.exe
2011-08-31 12:12:38 ----D---- D:\WINDOWS\Help
2011-08-27 14:33:06 ----D---- D:\Program Files\WinRAR
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; D:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; D:\WINDOWS\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; D:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-05-23 218688]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2011-09-06 110552]
R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-10-27 5524480]
R3 hamachi;Hamachi Network Interface; D:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-05-26 6404712]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-10-30 176768]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 wceusbsh;Windows CE USB Serial Host Driver; D:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S3 Ambfilt;Ambfilt; D:\WINDOWS\system32\drivers\Ambfilt.sys [2011-05-26 1691480]
S3 DualCoreCenter;DualCoreCenter; \??\D:\Program Files\MSI\OverclockingCenter\NTGLM7X.sys []
S3 EagleXNt;EagleXNt; \??\D:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 Monfilt;Monfilt; D:\WINDOWS\system32\drivers\Monfilt.sys [2011-05-26 1395800]
S3 RushTopDevice_J;RushTopDevice_J; \??\D:\Program Files\MSI\OverclockingCenter\RushJ.sys []
S3 RushTopDevice2;RushTopDevice2; \??\D:\Program Files\MSI\OverclockingCenter\RushTop.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2010-10-27 614400]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2011-09-17 75064]
R2 PnkBstrB;PnkBstrB; D:\WINDOWS\system32\PnkBstrB.exe [2011-09-17 189248]
R2 wlidsvc;Windows Live ID Sign-in Assistant; D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; D:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 1361288]
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Steam Client Service;Steam Client Service; D:\Program Files\Common Files\Steam\SteamService.exe [2011-06-03 403240]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2011-05-20 153376]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
děkuji.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119508
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Kontrola logu
Zdravím!
Odinstalujte přes přidat/ubrat programy vše, co obsahuje slovo "bar", nebo "toolbar". Dále dvouklikem na soubor D:\Program Files\trend micro\Elmo.exe spusťte HijackThis. Klikněte na "Do a system scan only". V okně HJT vlevo ve čtverečku zaškrtněte:
Odinstalujte přes přidat/ubrat programy vše, co obsahuje slovo "bar", nebo "toolbar". Dále dvouklikem na soubor D:\Program Files\trend micro\Elmo.exe spusťte HijackThis. Klikněte na "Do a system scan only". V okně HJT vlevo ve čtverečku zaškrtněte:
a klikněte na >FixChecked<.O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: GameRanger.lnk = ?
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe (file missing)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?