Preventivka

[zacatecnik1951]

Dobrý den, prosím o kontrolu logu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by uzivatel at 2012-03-03 17:14:17
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 9 GB (48%) free of 18 GB
Total RAM: 1015 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:14:42, on 3.3.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\uzivatel\Plocha\RSIT.exe
C:\Program Files\trend micro\uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [KeePass 2 PreLoad] "C:\Program Files\KeePass Password Safe 2\KeePass.exe" --preload
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7809283500
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7809348578
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 4738 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-15 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-15 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-02-15 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-10-14 1388544]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"KeePass 2 PreLoad"=C:\Program Files\KeePass Password Safe 2\KeePass.exe [2012-01-05 1823744]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-10-11 258512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-10-11 258512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
C:\Program Files\KeePass Password Safe 2\KeePass.exe [2012-01-05 1823744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Secunia PSI Tray.lnk]
C:\PROGRA~1\Secunia\PSI\psi_tray.exe [2011-10-14 291896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Disabled:Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.MPG4"=Mpg4c32.dll
"vidc.MP42"=Mpg4c32.dll
"vidc.MP43"=Mpg4c32.dll
"MSACM.CEGSM"=mobilev.acm

======List of files/folders created in the last 1 month======

2012-02-20 17:41:07 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Media Player Classic
2012-02-20 17:38:27 ----D---- C:\Program Files\K-Lite Codec Pack
2012-02-17 14:53:50 ----D---- C:\WINDOWS\ShellNew
2012-02-17 14:46:50 ----D---- C:\Program Files\LibreOffice 3.5
2012-02-16 16:04:27 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2012-02-15 20:38:51 ----D---- C:\Program Files\Common Files\Java
2012-02-15 20:37:49 ----A---- C:\WINDOWS\system32\javaws.exe
2012-02-15 20:37:49 ----A---- C:\WINDOWS\system32\javaw.exe
2012-02-15 20:37:49 ----A---- C:\WINDOWS\system32\java.exe
2012-02-15 20:36:47 ----D---- C:\Program Files\Java
2012-02-15 13:19:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2012-02-15 13:17:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-02-15 13:12:13 ----N---- C:\WINDOWS\system32\iacenc.dll
2012-02-14 14:17:36 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2012-03-03 17:14:26 ----D---- C:\WINDOWS\Prefetch
2012-03-03 17:14:22 ----D---- C:\Program Files\trend micro
2012-03-03 17:14:21 ----D---- C:\WINDOWS\Temp
2012-03-03 17:13:09 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\KeePass
2012-03-03 17:01:38 ----D---- C:\WINDOWS
2012-03-03 16:41:55 ----D---- C:\WINDOWS\system32\CatRoot2
2012-03-03 16:15:38 ----D---- C:\WINDOWS\pss
2012-03-03 11:35:37 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-03-01 15:49:57 ----A---- C:\WINDOWS\NeroDigital.ini
2012-02-26 09:49:10 ----D---- C:\WINDOWS\Help
2012-02-25 15:25:38 ----SHD---- C:\System Volume Information
2012-02-25 15:23:56 ----D---- C:\WINDOWS\system32\NtmsData
2012-02-25 14:50:38 ----D---- C:\WINDOWS\Registration
2012-02-25 09:37:09 ----A---- C:\WINDOWS\win.ini
2012-02-23 18:16:13 ----RHD---- C:\Program Files
2012-02-20 17:22:59 ----D---- C:\WINDOWS\system32
2012-02-17 15:06:09 ----SHD---- C:\WINDOWS\Installer
2012-02-17 15:06:03 ----D---- C:\Config.Msi
2012-02-17 14:58:47 ----RSD---- C:\WINDOWS\assembly
2012-02-17 14:53:53 ----D---- C:\WINDOWS\WinSxS
2012-02-17 14:49:53 ----RSD---- C:\WINDOWS\Fonts
2012-02-16 17:26:32 ----D---- C:\WINDOWS\system32\CatRoot
2012-02-16 17:24:52 ----HD---- C:\WINDOWS\inf
2012-02-16 17:24:50 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-02-16 16:05:56 ----D---- C:\WINDOWS\system32\mui
2012-02-16 15:17:19 ----D---- C:\WINDOWS\system32\Adobe
2012-02-16 15:17:19 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Adobe
2012-02-16 15:07:32 ----D---- C:\Program Files\LibreOffice 3.4
2012-02-15 20:38:51 ----D---- C:\Program Files\Common Files
2012-02-15 20:37:07 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-02-15 19:10:14 ----D---- C:\WINDOWS\SoftwareDistribution
2012-02-15 18:59:06 ----D---- C:\Program Files\OpenOffice.org 3
2012-02-15 16:21:01 ----D---- C:\WINDOWS\Debug
2012-02-15 13:58:23 ----D---- C:\WINDOWS\Microsoft.NET
2012-02-15 13:32:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-02-15 13:20:38 ----A---- C:\WINDOWS\system32\MRT.exe
2012-02-15 13:18:55 ----D---- C:\Program Files\Internet Explorer
2012-02-15 13:18:03 ----D---- C:\WINDOWS\ie8updates
2012-02-15 13:17:55 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-02-15 137416]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-10-11 74640]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2005-03-05 127872]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2002-09-23 12160]
R3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2005-03-02 392704]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-28 220992]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-04-01 230272]
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2004-09-15 88960]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-23 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-10-11 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-02-15 153376]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [2011-10-14 994360]
R2 Secunia Update Agent;Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [2011-10-14 399416]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Mc_Murphy]

Zdravím.

Dej mi minutku, hnedle se na to mrknu.

[Mc_Murphy]

Hlídej si volné místo na systémovém disku C:\ => 9 GB už je tak na hranici. Doporučuji udržovat volné místo +/- 10 GB, jinak se může systém zpomalovat.


Fixni v HJT níže uvedené položky.

• Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
• Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
• Položky, které v seznamu nenajdeš, prostě přeskoč.
• HJT najdeš zde: C:\Program Files\trend micro\uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ::1 localhost


Dále stáhni utilitu OTM z jednoho z těchto odkazů:

• http://oldtimer.geekstogo.com/OTM.exe
• http://oldtimer.geekstogo.com/OTM.com
• http://oldtimer.geekstogo.com/OTM.scr

Ulož ji na Plochu a dvojklikem spusť.

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

:Commands
[ClearAllRestorePoints]
[ResetHosts]
[Purity]
[EmptyTemp]
[EmptyFlash]

:Services
JavaQuickStarterService

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:Reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Secunia PSI Tray.lnk]

Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\

[zacatecnik1951]

All processes killed
========== COMMANDS ==========

Restore points cleared and new OTM Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Google Chrome cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes

User: uzivatel
->Temp folder emptied: 31094374 bytes
->Java cache emptied: 136714 bytes
->Google Chrome cache emptied: 35009043 bytes
->Flash cache emptied: 41038824 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 54771 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 102,00 mb


[EMPTYFLASH]

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: Guest

User: LocalService

User: NetworkService

User: uzivatel
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Secunia PSI Tray.lnk\ deleted successfully.

OTM by OldTimer - Version 3.1.19.0 log created on 03042012_073019

A Avira Free Antivirus hlásila u fixnutí poplach. Ten byl asi falešný.
Tak jsem pozastavil rezidentní štít.

[Mc_Murphy]

Ano, ten byl stoprocentně falešný. Na tyto scany je vůbec lepší rezidenty vypínat, ať zbytečně neplaší.
Takže OTM provedlo, co mělo a můžeme dočistit.


Spusť znovu OTM a klikni na tlačítko [CleanUp!], čímž po sobě program uklidí.

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stáhni a spusť.
• Klikni na Start a potvrď OK.
• Program uklidí a může (nemusí) restartovat PC.
• Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

• Panel čistič
• Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

• Panel registry
• Klikni na Hledej problémy.
• Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
• Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

• Panel nástroje
• Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

[zacatecnik1951]

Mám dotaz – jak často by se měla provádět kontrola PC (Avira Free Antivirus)?

[Mc_Murphy]

Mám dotaz – jak často by se měla provádět kontrola PC (Avira Free Antivirus)?

Určitě bych to prováděl podle potřeby, čili jak často se PC zapíná, na jak dlouho, jaká je šance, že by se případně mohl zaneřádit a podobně. Někteří to scanují každý týden, někdo jednou za rok. Osobně bych doporučil tak jednou za měsíc spustit kompletní kontrolu všech disků - to si myslím, že je zcela dostačující.

[zacatecnik1951]

Děkuji.
A ještě mám jeden dotaz – na ostatních discích (D:\ a E:\) se má také hlídat místo?

[Mc_Murphy]

Děkuji.
A ještě mám jeden dotaz – na ostatních discích (D:\ a E:\) se má také hlídat místo?

Není zač.

Nene, na discích, kde není přímo systém to nemusíš sledovat tak pečlivě. Nějaké operační místo pro práci sice opravdu potřebují, ale ne tolik, jako je tomu u systémového disku, tam si to opravdu hlídej. Ono to bude fungovat třeba i s 500 MB volného místa, ale systém bude hodně pomalý a nepůjdou Ti třeba aktualizace nebo vytváření bodů obnovy atd. To číslo 10 GB je trošku nadsazené, ale jsem spíše pro nějakou tu rezervu než tlačit disk až do krajních mezí.

[zacatecnik1951]

PC je po čištění rychlejší.
Mockrát děkuji .

[Mc_Murphy]

PC je po čištění rychlejší.
Mockrát děkuji .

Tak to moc rád slyším.

Jinak není tedy vůbec zač a rádo se stalo. Přeji pěkný den.