virus cez skype ?

[jany]

Nedavno mi cez skype prisla nejaka odpoved, ze mi niekto pise, tak som na to klikol a bola tam konferencia mozno s 50 ucastnikmi.
Hned prva sprava bola link na nejaky pekny obrazok, tak som na to klikol ale na tej stranke nic nebolo (link naozaj koncil takto ... .jpg) cital som dalej a dalej bola od nejakeho usera sprava, ze na link neklikat, ze je to virus. Cital som dalej a vyjadrovali sa tam o tom, ze co ma teraz robit, ked tam klikol ... a odpovede boli, ze mozes reinstalovat system, lebo mas virus apod. Precital som si mena v tejto konverzacii a nikoho som nepoznal ani ho nemam v kontaktoch, okrem jedneho a ak som sa ho pytal, tak mi neodpovedal.
Tak teraz neviem ci to mala byt nejaka sranda, alebo ...
Presiel som si c:\ NODom a nic nenasiel, len jednu infiltraciu v /temp, tak som ju dal odstranit

[JaRon]

v podstate plati, to co na ostatnych uzivatelov - vloz log RSIT - uvidime, ako na tom si

[jany]

aha, ok
Logfile of random's system information tool 1.09 (written by random/random)
Run by jany at 2012-02-20 10:55:29
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 8 GB (31%) free of 25 GB
Total RAM: 3326 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:55:53, on 20.2.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Common Files\Lingea Shared\luc.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\RSIT.exe
C:\Program Files\trend micro\jany.exe

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - \bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Acronis True Image Monitor] "C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MediaGet2] C:\Documents and Settings\jany\Local Settings\Application Data\MediaGet2\mediaget.exe --minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe

--
End of file - 4024 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\jany\Application Data\Mozilla\Firefox\Profiles\rodlonhx.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://192.168.1.3:7777"
prefs.js - "extensions.enabledItems" - "{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.9.3, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, toolbar@ask.com:3.7.0.100005, {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:0.2, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6, {338B4DFE-2E2C-4338-9E41-E176D497299E}:1.0.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.6"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=IEFM1&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.3.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\jany\Application Data\Mozilla\Firefox\Profiles\rodlonhx.default\extensions\
toolbar@ask.com
{20a82645-c095-46ed-80e3-08825760534b}
{338B4DFE-2E2C-4338-9E41-E176D497299E}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}

C:\Documents and Settings\jany\Application Data\Mozilla\Firefox\Profiles\rodlonhx.default\searchplugins\
bing.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - \bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-01-13 18084864]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"Acronis True Image Monitor"=C:\Program Files\Acronis\TrueImage\TrueImageMonitor.exe [2011-08-17 417439]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2011-08-17 61440]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2219184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"MediaGet2"=C:\Documents and Settings\jany\Local Settings\Application Data\MediaGet2\mediaget.exe --minimized []

C:\Documents and Settings\jany\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-04-29 155648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Agilent\IO Libraries Suite\LxiMdnsResponder.exe"="C:\Program Files\Agilent\IO Libraries Suite\LxiMdnsResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Agilent\IO Libraries Suite\bin\siclland.exe"="C:\Program Files\Agilent\IO Libraries Suite\bin\siclland.exe:*:Enabled:Siclland"
"C:\Program Files\Agilent\IO Libraries Suite\AgilentConnectionExpert.exe"="C:\Program Files\Agilent\IO Libraries Suite\AgilentConnectionExpert.exe:*:Enabled:AgilentConnectionExpert"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Agilent\IO Libraries Suite\LxiMdnsResponder.exe"="C:\Program Files\Agilent\IO Libraries Suite\LxiMdnsResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Agilent\IO Libraries Suite\bin\siclland.exe"="C:\Program Files\Agilent\IO Libraries Suite\bin\siclland.exe:*:Enabled:Siclland"
"C:\Program Files\Agilent\IO Libraries Suite\AgilentConnectionExpert.exe"="C:\Program Files\Agilent\IO Libraries Suite\AgilentConnectionExpert.exe:*:Enabled:AgilentConnectionExpert"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"msacm.ac3filter"=ac3filter.acm

======List of files/folders created in the last 1 month======

2012-02-20 10:55:32 ----D---- C:\Program Files\trend micro
2012-02-20 10:55:29 ----D---- C:\rsit
2012-02-20 10:53:56 ----A---- C:\RSIT.exe
2012-02-19 10:26:57 ----D---- C:\WINDOWS\system32\appmgmt
2012-02-19 10:17:27 ----SHD---- C:\Config.Msi
2012-02-19 09:55:31 ----D---- C:\Documents and Settings\jany\Application Data\Oracle
2012-02-19 09:55:04 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2012-02-19 09:54:37 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2012-02-19 09:54:37 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-02-19 09:53:36 ----D---- C:\Documents and Settings\jany\Application Data\Sun
2012-02-16 19:30:45 ----D---- C:\Program Files\TNod User & Password Finder
2012-02-16 19:28:56 ----D---- C:\Program Files\ESET
2012-02-16 19:28:56 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2012-01-28 09:45:10 ----AD---- C:\Virtual Dub Mod

======List of files/folders modified in the last 1 month======

2012-02-20 10:55:35 ----D---- C:\WINDOWS\Temp
2012-02-20 10:55:35 ----D---- C:\WINDOWS\Prefetch
2012-02-20 10:55:32 ----RD---- C:\Program Files
2012-02-20 10:48:59 ----D---- C:\Documents and Settings\jany\Application Data\Skype
2012-02-20 08:42:24 ----A---- C:\WINDOWS\wincmd.ini
2012-02-20 08:06:51 ----A---- C:\WINDOWS\wcx_ftp.ini
2012-02-19 22:57:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-02-19 10:28:42 ----SHD---- C:\WINDOWS\Installer
2012-02-19 10:26:59 ----D---- C:\Program Files\Common Files
2012-02-19 10:26:57 ----D---- C:\WINDOWS\system32
2012-02-19 10:24:16 ----RSD---- C:\WINDOWS\assembly
2012-02-19 10:22:35 ----D---- C:\Program Files\Agilent
2012-02-19 10:22:24 ----D---- C:\Program Files\Common Files\Agilent
2012-02-19 10:18:30 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-19 10:18:11 ----D---- C:\WINDOWS\system32\drivers
2012-02-19 10:17:24 ----HD---- C:\WINDOWS\inf
2012-02-19 10:17:24 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-02-19 10:17:17 ----D---- C:\WINDOWS\system32\CatRoot2
2012-02-18 20:29:45 ----A---- C:\WINDOWS\NeroDigital.ini
2012-02-18 17:58:09 ----D---- C:\Program Files\DreamBoxEdit
2012-02-17 17:25:11 ----D---- C:\Program Files\Mozilla Firefox
2012-02-17 03:45:09 ----D---- C:\WINDOWS
2012-02-16 10:15:20 ----D---- C:\Documents and Settings\jany\Application Data\VideoReDo-TVSuite4
2012-02-16 10:05:17 ----AD---- C:\Documents and Settings\All Users\Application Data\Temp
2012-02-15 21:07:11 ----D---- C:\Program Files\Trillian
2012-02-06 15:44:03 ----D---- C:\DreamBoxEdit
2012-01-28 09:49:28 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2012-01-25 07:17:33 ----SD---- C:\Documents and Settings\jany\Application Data\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2011-08-17 81088]
R0 timounter;Acronis TrueImage Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2011-08-17 207456]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-12-15 274432]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-03 36096]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-12-15 81920]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R2 tifsfilter;Acronis TrueImage FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2011-08-17 28096]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-04-29 3643904]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-04-01 93184]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-01-20 5027840]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 MTSBDA;TechniSat SkyStar HD2; C:\WINDOWS\System32\Drivers\MtsBda.sys [2009-07-13 265744]
R3 MtsHID;TechniSat Mantis BDA HID Driver; C:\WINDOWS\system32\drivers\MtsHID.sys [2009-07-13 23568]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2004-08-03 15360]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2011-08-17 122880]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-04-29 602112]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 KPF4;Sunbelt Kerio Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe [2005-12-19 1368064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-10 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-10 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[JaRon]

nuz ma pre Teba dve rady:
1. doinstaluj ServicePack3
2. doinstaluj legalny antivir
koncime - vid pravidla fora

[jany]

SP3 neznasam, zbytocne zatazuje cely system
A ako vies, ze antivir je nelegalny ?

[JaRon]

SP3 - stara a nepotvrdena povera
legalnost - no mame tu chlapcov z ESET-u - ak chces mozes s nimi prekonzultovat svoju licenciu

[jany]

SP3 je potvrdene, lebo som to skusal
A mozem si dat zajtra avast, aby chlapci nenamietali
Len problem som mal na zaciatku trocha iny

[Rudy]

SP3 je potvrdene, lebo som to skusal

Servicepacky patří mezi základní bezpečnostní prvky. Další věc je, že bez SP3 na XP nenainstalujete některé poslední verze programů. Zpomalování systému je nesmysl v případě, že při instalaci postupujete tak, že ihned po instalaci systému instalujete SP.

A mozem si dat zajtra avast, aby chlapci nenamietali

Nikoli proto, ale z toho důvodu, že je proti pravidlům fóra, řešit kompy, která jsou prolezlé nelegálním softem, což je další bezpečnostní slabina.

Len problem som mal na zaciatku trocha iny

Ten by byl řešen v případě, že byste neměl námitky typu: "jak jste to poznali" apod. Poznali jsme to jednoduše na základě logu. Ten nám odhalí nejen šmejdy, ale i většinu nelegálního softu.

[Pavuk29]

SP3 neznasam, zbytocne zatazuje cely system
A ako vies, ze antivir je nelegalny ?

Ber to tak, ze ked ziadas o pomoc, tak rob, co ti mod povie. Ak s tym mas problem, nemusis sem pisat

[jany]

dobre pani

[Pavuk29]

koncime - vid pravidla fora

Uz tu bolo rozhodnute a treba to respektovat.
Podme este doriesit ten MozBackup do tvojho druheho topicu, kym som tu. Tu sme, myslim, uz skoncili.