Dobry den a predem dekuji.
prosim o kontrolu logu.
mizeji mi ikony v systray a zpomaluje se mi pc
dekuji.
Logfile of random's system information tool 1.09 (written by random/random)
Run by bobik at 2013-11-28 18:28:43
Microsoft Windows XP Home Edition Service Pack 3
System drive H: has 93 GB (75%) free of 125 GB
Total RAM: 3327 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:28:47, on 28.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\AVAST Software\Avast\AvastSvc.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\RTHDCPL.EXE
H:\Program Files\AVAST Software\Avast\avastUI.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
I:\veci\CoreTemp32\Core Temp.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\taskmgr.exe
H:\Program Files\IncrediMail\Bin\IncMail.exe
H:\Program Files\Google\Chrome\Application\chrome.exe
H:\Program Files\Google\Chrome\Application\chrome.exe
H:\Program Files\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\bobik\Plocha\RSIT.exe
H:\Program Files\trend micro\bobik.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "H:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [20131121] H:\Program Files\AVAST Software\Avast\setup\emupdate\1b6f0d82-5f03-4426-afca-c16dad86c7c4.exe /check
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Core Temp] "I:\veci\CoreTemp32\Core Temp.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] H:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - H:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - H:\Program Files\Skype\Updater\Updater.exe
--
End of file - 5008 bytes
======Scheduled tasks folder======
H:\WINDOWS\tasks\Adobe Flash Player Updater.job
H:\WINDOWS\tasks\avast! Emergency Update.job
H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - H:\Documents and Settings\bobik\Data aplikací\Mozilla\Firefox\Profiles\h9aok6by.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"wrc@avast.com"=H:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=H:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=H:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=H:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=H:\WINDOWS\RTHDCPL.EXE [2009-08-14 18702336]
"StartCCC"=H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 98304]
"avast"=H:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"20131121"=H:\Program Files\AVAST Software\Avast\setup\emupdate\1b6f0d82-5f03-4426-afca-c16dad86c7c4.exe [2013-11-23 180184]
"QuickTime Task"=H:\Program Files\QuickTime\qttask.exe [2013-05-01 421888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Core Temp"=I:\veci\CoreTemp32\Core Temp.exe [2013-03-01 763856]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=H:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe [2013-10-09 829832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
H:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-10-22 3684488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ST2012_Svc"=2
"Bonjour Service"=2
"Apple Mobile Device"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
H:\WINDOWS\system32\Ati2evxx.dll [2010-02-10 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - H:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Program Files\IncrediMail\bin\IncMail.exe"="H:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"H:\Program Files\IncrediMail\bin\ImApp.exe"="H:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"H:\Program Files\IncrediMail\bin\ImpCnt.exe"="H:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"H:\Program Files\Maxthon\Bin\Maxthon.exe"="H:\Program Files\Maxthon\Bin\Maxthon.exe:*:Enabled:Maxthon"
"H:\Program Files\Maxthon\Bin\MxUp.exe"="H:\Program Files\Maxthon\Bin\MxUp.exe:*:Enabled:MxUp"
"H:\Documents and Settings\bobik\Data aplikací\BitTorrent\BitTorrent.exe"="H:\Documents and Settings\bobik\Data aplikací\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"H:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="H:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"H:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="H:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"H:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="H:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"H:\Program Files\Skype\Phone\Skype.exe"="H:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"H:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="H:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"H:\Program Files\Bonjour\mDNSResponder.exe"="H:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"H:\Program Files\iTunes\iTunes.exe"="H:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"H:\Program Files\Spyware Terminator\SpywareTerminator.exe"="H:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=H:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=H:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======List of files/folders created in the last 1 month======
2013-11-28 18:28:43 ----D---- H:\rsit
2013-11-28 18:28:43 ----D---- H:\Program Files\trend micro
2013-11-28 13:56:42 ----A---- H:\WINDOWS\system32\d3d9caps.dat
2013-11-28 12:27:58 ----D---- H:\Documents and Settings\All Users\Data aplikací\MagicHoldem
2013-11-22 09:36:07 ----D---- H:\Documents and Settings\bobik\Data aplikací\Spyware Terminator
2013-11-22 09:36:03 ----D---- H:\Program Files\Universal Extractor
2013-11-21 20:15:35 ----A---- H:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2013-11-21 20:15:33 ----D---- H:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2013-11-21 20:14:27 ----D---- H:\Program Files\Spyware Terminator
2013-11-19 08:41:19 ----D---- H:\Program Files\Pracovní kalendář
2013-11-16 14:09:42 ----D---- H:\Program Files\Mozilla Firefox
2013-11-14 09:23:37 ----HDC---- H:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 09:23:32 ----HDC---- H:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 09:23:27 ----HDC---- H:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 09:23:22 ----HDC---- H:\WINDOWS\$NtUninstallKB2876331$
2013-11-10 19:34:31 ----D---- H:\WINDOWS\pss
2013-11-10 18:55:09 ----D---- H:\Program Files\iPod
2013-11-10 18:55:07 ----D---- H:\Documents and Settings\All Users\Data aplikací\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-10 18:54:40 ----A---- H:\WINDOWS\system32\usbaaplrc.dll
2013-11-10 18:54:40 ----A---- H:\WINDOWS\system32\drivers\usbaapl.sys
2013-11-10 18:24:41 ----D---- H:\Documents and Settings\bobik\Data aplikací\Syncios
2013-11-10 18:24:32 ----D---- H:\Program Files\Syncios
2013-11-06 13:07:08 ----D---- H:\Program Files\iExplorer
2013-11-06 12:35:55 ----D---- H:\Documents and Settings\bobik\Data aplikací\WindSolutions
2013-11-06 12:33:03 ----D---- H:\Documents and Settings\All Users\Data aplikací\WindSolutions
2013-11-06 11:13:50 ----D---- H:\Program Files\iTunes
2013-11-05 16:43:32 ----D---- H:\Program Files\CPUID
2013-10-31 14:52:52 ----D---- H:\Program Files\TextureMind
======List of files/folders modified in the last 1 month======
2013-11-28 18:28:43 ----RD---- H:\Program Files
2013-11-28 18:28:35 ----D---- H:\WINDOWS\Prefetch
2013-11-28 18:26:36 ----D---- H:\Program Files\PokerStars
2013-11-28 18:25:34 ----AD---- H:\Documents and Settings\All Users\Data aplikací\TEMP
2013-11-28 14:42:43 ----D---- H:\WINDOWS\Temp
2013-11-28 13:56:42 ----D---- H:\WINDOWS\system32
2013-11-28 13:33:50 ----D---- H:\Documents and Settings\bobik\Data aplikací\Skype
2013-11-28 12:27:40 ----SHD---- H:\WINDOWS\Installer
2013-11-27 18:03:56 ----RSD---- H:\WINDOWS\Fonts
2013-11-27 10:51:00 ----A---- H:\WINDOWS\SchedLgU.Txt
2013-11-25 11:37:23 ----A---- H:\WINDOWS\system32\PerfStringBackup.INI
2013-11-25 11:37:11 ----D---- H:\WINDOWS\system32\CatRoot2
2013-11-25 11:25:40 ----D---- H:\WINDOWS
2013-11-25 11:10:17 ----A---- H:\WINDOWS\imsins.BAK
2013-11-25 09:35:52 ----A---- H:\WINDOWS\NeroDigital.ini
2013-11-24 19:52:29 ----D---- H:\Program Files\Full Tilt Poker
2013-11-24 15:21:16 ----D---- H:\Documents and Settings
2013-11-24 15:16:02 ----A---- H:\WINDOWS\OEWABLog.txt
2013-11-22 09:55:40 ----A---- H:\WINDOWS\win.ini
2013-11-22 09:55:40 ----A---- H:\WINDOWS\system.ini
2013-11-22 09:36:07 ----D---- H:\WINDOWS\system32\drivers
2013-11-22 09:36:03 ----RSHDC---- H:\WINDOWS\system32\dllcache
2013-11-22 09:35:52 ----D---- H:\Program Files\Mozilla Maintenance Service
2013-11-22 09:33:53 ----D---- H:\WINDOWS\system32\Restore
2013-11-14 10:21:47 ----HD---- H:\WINDOWS\inf
2013-11-14 09:23:16 ----D---- H:\Program Files\Internet Explorer
2013-11-14 09:23:08 ----D---- H:\WINDOWS\ie8updates
2013-11-14 09:22:49 ----D---- H:\WINDOWS\system32\MRT
2013-11-14 09:21:41 ----A---- H:\WINDOWS\system32\MRT.exe
2013-11-10 18:55:08 ----D---- H:\Program Files\Common Files\Apple
2013-11-10 18:54:46 ----D---- H:\Program Files\Apple Software Update
2013-11-10 18:54:41 ----DC---- H:\WINDOWS\system32\DRVSTORE
2013-11-10 18:54:23 ----D---- H:\Program Files\Bonjour
2013-11-10 18:51:07 ----D---- H:\WINDOWS\SxsCaPendDel
2013-11-07 15:15:11 ----RSD---- H:\WINDOWS\assembly
2013-11-07 15:15:11 ----D---- H:\WINDOWS\Microsoft.NET
2013-11-07 15:03:39 ----D---- H:\WINDOWS\WinSxS
2013-11-06 14:18:30 ----D---- H:\Documents and Settings\bobik\Data aplikací\BitTorrent
2013-11-06 11:11:53 ----D---- H:\WINDOWS\system32\ReinstallBackups
2013-11-06 09:22:17 ----D---- H:\Documents and Settings\All Users\Data aplikací\Apple
2013-11-05 16:38:39 ----SD---- H:\WINDOWS\Downloaded Program Files
2013-11-04 15:07:02 ----D---- H:\Documents and Settings\bobik\Data aplikací\Zoner
2013-11-03 21:13:21 ----D---- H:\Documents and Settings\All Users\Data aplikací\Skype
2013-11-03 21:13:18 ----RD---- H:\Program Files\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdide;amdide; H:\WINDOWS\system32\drivers\amdide.sys [2013-08-27 11832]
R0 aswRvrt;aswRvrt; H:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; H:\WINDOWS\system32\drivers\aswVmm.sys [2013-08-31 175176]
R0 mv61xxmm;mv61xxmm; H:\WINDOWS\system32\drivers\mv61xxmm.sys [2013-08-27 14184]
R0 mv64xxmm;mv64xxmm; H:\WINDOWS\system32\drivers\mv64xxmm.sys [2013-08-27 5632]
R0 mvxxmm;mvxxmm; H:\WINDOWS\system32\drivers\mvxxmm.sys [2013-08-27 14184]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI NEC FireWarden; H:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 AmdPPM;Ovladač procesoru HwPState AMD; H:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 AswRdr;aswRdr; H:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; H:\WINDOWS\system32\drivers\aswSnx.sys [2013-08-31 770344]
R1 aswSP;aswSP; H:\WINDOWS\system32\drivers\aswSP.sys [2013-08-31 369584]
R1 aswTdi;avast! Network Shield Support; H:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\H:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; H:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; H:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\H:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 ALSysIO;ALSysIO; \??\H:\DOCUME~1\bobik\LOCALS~1\Temp\ALSysIO.sys []
R3 Arp1394;Protokol 1394 ARP Client; H:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; H:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-10 4614144]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; H:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; H:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); H:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-18 5884416]
R3 MarvinBus;Pinnacle Marvin Bus; H:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NIC1394;1394 Net Driver; H:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; H:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Ambfilt;Ambfilt; H:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 AsrCDDrv;AsrCDDrv; \??\H:\WINDOWS\system32\Drivers\AsrCDDrv.sys []
S3 Monfilt;Monfilt; H:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 USBAAPL;Apple Mobile USB Driver; H:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;Ovladač skeneru USB; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; H:\WINDOWS\system32\Ati2evxx.exe [2010-02-10 602112]
R2 avast! Antivirus;avast! Antivirus; H:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; H:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); H:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-31 116648]
S2 SkypeUpdate;Skype Updater; H:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 aspnet_state;ASP.NET State Service; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); H:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-31 116648]
S3 IDriverT;InstallDriver Table Manager; H:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; H:\Program Files\iPod\bin\iPodService.exe [2013-05-15 553288]
S3 MozillaMaintenance;Mozilla Maintenance Service; H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-16 119408]
S3 NBService;NBService; H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 Apple Mobile Device;Apple Mobile Device; H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
S4 Bonjour Service;Bonjour Service; H:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; H:\Program Files\Spyware Terminator\st_rsser.exe [2013-10-22 587912]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Zdravím!
Spusťte najprve tuto utilitu:
Spusťte najprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
# AdwCleaner v3.013 - Report created 29/11/2013 at 19:13:10
# Updated 24/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : bobik - MILOSLAV
# Running from : H:\Documents and Settings\bobik\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : H:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : H:\Documents and Settings\bobik\Data aplikací\Babylon
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\lucky leap
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\Software\lucky leap
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v25.0.1 (cs)
[ File : H:\Documents and Settings\bobik\Data aplikací\Mozilla\Firefox\Profiles\h9aok6by.default\prefs.js ]
-\\ Google Chrome v31.0.1650.57
[ File : H:\Documents and Settings\bobik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2219 octets] - [29/11/2013 19:11:19]
AdwCleaner[S0].txt - [2086 octets] - [29/11/2013 19:13:10]
########## EOF - H:\AdwCleaner\AdwCleaner[S0].txt - [2146 octets] ##########
# Updated 24/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : bobik - MILOSLAV
# Running from : H:\Documents and Settings\bobik\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : H:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : H:\Documents and Settings\bobik\Data aplikací\Babylon
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\lucky leap
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\Software\lucky leap
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v25.0.1 (cs)
[ File : H:\Documents and Settings\bobik\Data aplikací\Mozilla\Firefox\Profiles\h9aok6by.default\prefs.js ]
-\\ Google Chrome v31.0.1650.57
[ File : H:\Documents and Settings\bobik\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2219 octets] - [29/11/2013 19:11:19]
AdwCleaner[S0].txt - [2086 octets] - [29/11/2013 19:13:10]
########## EOF - H:\AdwCleaner\AdwCleaner[S0].txt - [2146 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
novy log.
omlouvam se ze mi to tak trva ale prace je prace.
Logfile of random's system information tool 1.09 (written by random/random)
Run by bobik at 2013-11-30 18:53:55
Microsoft Windows XP Home Edition Service Pack 3
System drive H: has 93 GB (74%) free of 125 GB
Total RAM: 3327 MB (82% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:53:59, on 30.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\AVAST Software\Avast\AvastSvc.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\RTHDCPL.EXE
H:\Program Files\AVAST Software\Avast\avastUI.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
I:\veci\CoreTemp32\Core Temp.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
H:\Program Files\IncrediMail\Bin\ImApp.exe
H:\Program Files\Skype\Phone\Skype.exe
H:\Program Files\IncrediMail\Bin\IncMail.exe
H:\Documents and Settings\bobik\Plocha\RSIT.exe
H:\Program Files\trend micro\bobik.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "H:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [20131121] H:\Program Files\AVAST Software\Avast\setup\emupdate\1b6f0d82-5f03-4426-afca-c16dad86c7c4.exe /check
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Core Temp] "I:\veci\CoreTemp32\Core Temp.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - H:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - H:\Program Files\Skype\Updater\Updater.exe
--
End of file - 4763 bytes
======Scheduled tasks folder======
H:\WINDOWS\tasks\Adobe Flash Player Updater.job
H:\WINDOWS\tasks\avast! Emergency Update.job
H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - H:\Documents and Settings\bobik\Data aplikací\Mozilla\Firefox\Profiles\h9aok6by.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"wrc@avast.com"=H:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=H:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=H:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=H:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=H:\WINDOWS\RTHDCPL.EXE [2009-08-14 18702336]
"StartCCC"=H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 98304]
"avast"=H:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"20131121"=H:\Program Files\AVAST Software\Avast\setup\emupdate\1b6f0d82-5f03-4426-afca-c16dad86c7c4.exe [2013-11-23 180184]
"QuickTime Task"=H:\Program Files\QuickTime\qttask.exe [2013-05-01 421888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Core Temp"=I:\veci\CoreTemp32\Core Temp.exe [2013-03-01 763856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
H:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-10-22 3684488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ST2012_Svc"=2
"Bonjour Service"=2
"Apple Mobile Device"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
H:\WINDOWS\system32\Ati2evxx.dll [2010-02-10 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - H:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Program Files\IncrediMail\bin\IncMail.exe"="H:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"H:\Program Files\IncrediMail\bin\ImApp.exe"="H:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"H:\Program Files\IncrediMail\bin\ImpCnt.exe"="H:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"H:\Program Files\Maxthon\Bin\Maxthon.exe"="H:\Program Files\Maxthon\Bin\Maxthon.exe:*:Enabled:Maxthon"
"H:\Program Files\Maxthon\Bin\MxUp.exe"="H:\Program Files\Maxthon\Bin\MxUp.exe:*:Enabled:MxUp"
"H:\Documents and Settings\bobik\Data aplikací\BitTorrent\BitTorrent.exe"="H:\Documents and Settings\bobik\Data aplikací\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"H:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="H:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"H:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="H:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"H:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="H:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"H:\Program Files\Skype\Phone\Skype.exe"="H:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"H:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="H:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"H:\Program Files\Bonjour\mDNSResponder.exe"="H:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"H:\Program Files\iTunes\iTunes.exe"="H:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"H:\Program Files\Spyware Terminator\SpywareTerminator.exe"="H:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=H:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=H:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======List of files/folders created in the last 1 month======
2013-11-29 19:11:17 ----D---- H:\AdwCleaner
2013-11-28 18:28:43 ----D---- H:\rsit
2013-11-28 18:28:43 ----D---- H:\Program Files\trend micro
2013-11-28 13:56:42 ----A---- H:\WINDOWS\system32\d3d9caps.dat
2013-11-28 12:27:58 ----D---- H:\Documents and Settings\All Users\Data aplikací\MagicHoldem
2013-11-22 09:36:07 ----D---- H:\Documents and Settings\bobik\Data aplikací\Spyware Terminator
2013-11-22 09:36:03 ----D---- H:\Program Files\Universal Extractor
2013-11-21 20:15:35 ----A---- H:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2013-11-21 20:15:33 ----D---- H:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2013-11-21 20:14:27 ----D---- H:\Program Files\Spyware Terminator
2013-11-19 08:41:19 ----D---- H:\Program Files\Pracovní kalendář
2013-11-16 14:09:42 ----D---- H:\Program Files\Mozilla Firefox
2013-11-14 09:23:37 ----HDC---- H:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 09:23:32 ----HDC---- H:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 09:23:27 ----HDC---- H:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 09:23:22 ----HDC---- H:\WINDOWS\$NtUninstallKB2876331$
2013-11-10 19:34:31 ----D---- H:\WINDOWS\pss
2013-11-10 18:55:09 ----D---- H:\Program Files\iPod
2013-11-10 18:55:07 ----D---- H:\Documents and Settings\All Users\Data aplikací\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-10 18:54:40 ----A---- H:\WINDOWS\system32\usbaaplrc.dll
2013-11-10 18:54:40 ----A---- H:\WINDOWS\system32\drivers\usbaapl.sys
2013-11-10 18:24:41 ----D---- H:\Documents and Settings\bobik\Data aplikací\Syncios
2013-11-10 18:24:32 ----D---- H:\Program Files\Syncios
2013-11-06 13:07:08 ----D---- H:\Program Files\iExplorer
2013-11-06 12:35:55 ----D---- H:\Documents and Settings\bobik\Data aplikací\WindSolutions
2013-11-06 12:33:03 ----D---- H:\Documents and Settings\All Users\Data aplikací\WindSolutions
2013-11-06 11:13:50 ----D---- H:\Program Files\iTunes
2013-11-05 16:43:32 ----D---- H:\Program Files\CPUID
2013-10-31 14:52:52 ----D---- H:\Program Files\TextureMind
======List of files/folders modified in the last 1 month======
2013-11-30 18:40:25 ----D---- H:\WINDOWS\Prefetch
2013-11-30 18:35:07 ----D---- H:\Documents and Settings\bobik\Data aplikací\Skype
2013-11-30 16:20:58 ----D---- H:\WINDOWS\Temp
2013-11-29 19:19:46 ----A---- H:\WINDOWS\system32\FlashPlayerApp.exe
2013-11-29 19:19:37 ----D---- H:\WINDOWS\system32
2013-11-29 19:19:37 ----A---- H:\WINDOWS\system32\PerfStringBackup.INI
2013-11-29 19:13:55 ----A---- H:\WINDOWS\SchedLgU.Txt
2013-11-29 19:13:53 ----D---- H:\WINDOWS\system32\CatRoot2
2013-11-28 18:55:51 ----AD---- H:\Documents and Settings\All Users\Data aplikací\TEMP
2013-11-28 18:55:50 ----D---- H:\Program Files\Cheat Engine 6.3
2013-11-28 18:28:43 ----RD---- H:\Program Files
2013-11-28 18:28:11 ----D---- H:\Program Files\PokerStars
2013-11-28 12:27:40 ----SHD---- H:\WINDOWS\Installer
2013-11-27 18:03:56 ----RSD---- H:\WINDOWS\Fonts
2013-11-25 11:25:40 ----D---- H:\WINDOWS
2013-11-25 11:10:17 ----A---- H:\WINDOWS\imsins.BAK
2013-11-25 09:35:52 ----A---- H:\WINDOWS\NeroDigital.ini
2013-11-24 19:52:29 ----D---- H:\Program Files\Full Tilt Poker
2013-11-24 15:21:16 ----D---- H:\Documents and Settings
2013-11-24 15:16:02 ----A---- H:\WINDOWS\OEWABLog.txt
2013-11-22 09:55:40 ----A---- H:\WINDOWS\win.ini
2013-11-22 09:55:40 ----A---- H:\WINDOWS\system.ini
2013-11-22 09:36:07 ----D---- H:\WINDOWS\system32\drivers
2013-11-22 09:36:03 ----RSHDC---- H:\WINDOWS\system32\dllcache
2013-11-22 09:35:52 ----D---- H:\Program Files\Mozilla Maintenance Service
2013-11-22 09:33:53 ----D---- H:\WINDOWS\system32\Restore
2013-11-14 10:21:47 ----HD---- H:\WINDOWS\inf
2013-11-14 09:23:16 ----D---- H:\Program Files\Internet Explorer
2013-11-14 09:23:08 ----D---- H:\WINDOWS\ie8updates
2013-11-14 09:22:49 ----D---- H:\WINDOWS\system32\MRT
2013-11-14 09:21:41 ----A---- H:\WINDOWS\system32\MRT.exe
2013-11-10 18:55:08 ----D---- H:\Program Files\Common Files\Apple
2013-11-10 18:54:46 ----D---- H:\Program Files\Apple Software Update
2013-11-10 18:54:41 ----DC---- H:\WINDOWS\system32\DRVSTORE
2013-11-10 18:54:23 ----D---- H:\Program Files\Bonjour
2013-11-10 18:51:07 ----D---- H:\WINDOWS\SxsCaPendDel
2013-11-07 15:15:11 ----RSD---- H:\WINDOWS\assembly
2013-11-07 15:15:11 ----D---- H:\WINDOWS\Microsoft.NET
2013-11-07 15:03:39 ----D---- H:\WINDOWS\WinSxS
2013-11-06 14:18:30 ----D---- H:\Documents and Settings\bobik\Data aplikací\BitTorrent
2013-11-06 11:11:53 ----D---- H:\WINDOWS\system32\ReinstallBackups
2013-11-06 09:22:17 ----D---- H:\Documents and Settings\All Users\Data aplikací\Apple
2013-11-05 16:38:39 ----SD---- H:\WINDOWS\Downloaded Program Files
2013-11-04 15:07:02 ----D---- H:\Documents and Settings\bobik\Data aplikací\Zoner
2013-11-03 21:13:21 ----D---- H:\Documents and Settings\All Users\Data aplikací\Skype
2013-11-03 21:13:18 ----RD---- H:\Program Files\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdide;amdide; H:\WINDOWS\system32\drivers\amdide.sys [2013-08-27 11832]
R0 aswRvrt;aswRvrt; H:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; H:\WINDOWS\system32\drivers\aswVmm.sys [2013-08-31 175176]
R0 mv61xxmm;mv61xxmm; H:\WINDOWS\system32\drivers\mv61xxmm.sys [2013-08-27 14184]
R0 mv64xxmm;mv64xxmm; H:\WINDOWS\system32\drivers\mv64xxmm.sys [2013-08-27 5632]
R0 mvxxmm;mvxxmm; H:\WINDOWS\system32\drivers\mvxxmm.sys [2013-08-27 14184]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI NEC FireWarden; H:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 AmdPPM;Ovladač procesoru HwPState AMD; H:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 AswRdr;aswRdr; H:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; H:\WINDOWS\system32\drivers\aswSnx.sys [2013-08-31 770344]
R1 aswSP;aswSP; H:\WINDOWS\system32\drivers\aswSP.sys [2013-08-31 369584]
R1 aswTdi;avast! Network Shield Support; H:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\H:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; H:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; H:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\H:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 ALSysIO;ALSysIO; \??\H:\DOCUME~1\bobik\LOCALS~1\Temp\ALSysIO.sys []
R3 Arp1394;Protokol 1394 ARP Client; H:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; H:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-10 4614144]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; H:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; H:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); H:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-18 5884416]
R3 MarvinBus;Pinnacle Marvin Bus; H:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NIC1394;1394 Net Driver; H:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; H:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Ambfilt;Ambfilt; H:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 AsrCDDrv;AsrCDDrv; \??\H:\WINDOWS\system32\Drivers\AsrCDDrv.sys []
S3 Monfilt;Monfilt; H:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 USBAAPL;Apple Mobile USB Driver; H:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;Ovladač skeneru USB; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; H:\WINDOWS\system32\Ati2evxx.exe [2010-02-10 602112]
R2 avast! Antivirus;avast! Antivirus; H:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); H:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-31 116648]
S2 SkypeUpdate;Skype Updater; H:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-29 257416]
S3 aspnet_state;ASP.NET State Service; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; H:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); H:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-31 116648]
S3 IDriverT;InstallDriver Table Manager; H:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; H:\Program Files\iPod\bin\iPodService.exe [2013-05-15 553288]
S3 MozillaMaintenance;Mozilla Maintenance Service; H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-16 119408]
S3 NBService;NBService; H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 Apple Mobile Device;Apple Mobile Device; H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
S4 Bonjour Service;Bonjour Service; H:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; H:\Program Files\Spyware Terminator\st_rsser.exe [2013-10-22 587912]
-----------------EOF-----------------
omlouvam se ze mi to tak trva ale prace je prace.
Logfile of random's system information tool 1.09 (written by random/random)
Run by bobik at 2013-11-30 18:53:55
Microsoft Windows XP Home Edition Service Pack 3
System drive H: has 93 GB (74%) free of 125 GB
Total RAM: 3327 MB (82% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:53:59, on 30.11.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\AVAST Software\Avast\AvastSvc.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\RTHDCPL.EXE
H:\Program Files\AVAST Software\Avast\avastUI.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
I:\veci\CoreTemp32\Core Temp.exe
H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
H:\Program Files\IncrediMail\Bin\ImApp.exe
H:\Program Files\Skype\Phone\Skype.exe
H:\Program Files\IncrediMail\Bin\IncMail.exe
H:\Documents and Settings\bobik\Plocha\RSIT.exe
H:\Program Files\trend micro\bobik.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "H:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [20131121] H:\Program Files\AVAST Software\Avast\setup\emupdate\1b6f0d82-5f03-4426-afca-c16dad86c7c4.exe /check
O4 - HKLM\..\Run: [QuickTime Task] "H:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Core Temp] "I:\veci\CoreTemp32\Core Temp.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - H:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - H:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - H:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - H:\Program Files\Skype\Updater\Updater.exe
--
End of file - 4763 bytes
======Scheduled tasks folder======
H:\WINDOWS\tasks\Adobe Flash Player Updater.job
H:\WINDOWS\tasks\avast! Emergency Update.job
H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - H:\Documents and Settings\bobik\Data aplikací\Mozilla\Firefox\Profiles\h9aok6by.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"wrc@avast.com"=H:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=H:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=H:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=H:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=H:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=H:\WINDOWS\RTHDCPL.EXE [2009-08-14 18702336]
"StartCCC"=H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 98304]
"avast"=H:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"20131121"=H:\Program Files\AVAST Software\Avast\setup\emupdate\1b6f0d82-5f03-4426-afca-c16dad86c7c4.exe [2013-11-23 180184]
"QuickTime Task"=H:\Program Files\QuickTime\qttask.exe [2013-05-01 421888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Core Temp"=I:\veci\CoreTemp32\Core Temp.exe [2013-03-01 763856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
H:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2013-10-22 2777736]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2013-10-22 3684488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ST2012_Svc"=2
"Bonjour Service"=2
"Apple Mobile Device"=2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
H:\WINDOWS\system32\Ati2evxx.dll [2010-02-10 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - H:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"H:\Program Files\IncrediMail\bin\IncMail.exe"="H:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"H:\Program Files\IncrediMail\bin\ImApp.exe"="H:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"H:\Program Files\IncrediMail\bin\ImpCnt.exe"="H:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"H:\Program Files\Maxthon\Bin\Maxthon.exe"="H:\Program Files\Maxthon\Bin\Maxthon.exe:*:Enabled:Maxthon"
"H:\Program Files\Maxthon\Bin\MxUp.exe"="H:\Program Files\Maxthon\Bin\MxUp.exe:*:Enabled:MxUp"
"H:\Documents and Settings\bobik\Data aplikací\BitTorrent\BitTorrent.exe"="H:\Documents and Settings\bobik\Data aplikací\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"H:\Program Files\Pinnacle\Studio 14\Programs\RM.exe"="H:\Program Files\Pinnacle\Studio 14\Programs\RM.exe:*:Enabled:Render Manager"
"H:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe"="H:\Program Files\Pinnacle\Studio 14\Programs\Studio.exe:*:Enabled:Studio"
"H:\Program Files\Pinnacle\Studio 14\Programs\umi.exe"="H:\Program Files\Pinnacle\Studio 14\Programs\umi.exe:*:Enabled:umi"
"H:\Program Files\Skype\Phone\Skype.exe"="H:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"H:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="H:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"H:\Program Files\Bonjour\mDNSResponder.exe"="H:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"H:\Program Files\iTunes\iTunes.exe"="H:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"H:\Program Files\Spyware Terminator\SpywareTerminator.exe"="H:\Program Files\Spyware Terminator\SpywareTerminator.exe:*:Enabled:Spyware Terminator 2012"
"H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="H:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Spyware Terminator 2012"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=H:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=H:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======List of files/folders created in the last 1 month======
2013-11-29 19:11:17 ----D---- H:\AdwCleaner
2013-11-28 18:28:43 ----D---- H:\rsit
2013-11-28 18:28:43 ----D---- H:\Program Files\trend micro
2013-11-28 13:56:42 ----A---- H:\WINDOWS\system32\d3d9caps.dat
2013-11-28 12:27:58 ----D---- H:\Documents and Settings\All Users\Data aplikací\MagicHoldem
2013-11-22 09:36:07 ----D---- H:\Documents and Settings\bobik\Data aplikací\Spyware Terminator
2013-11-22 09:36:03 ----D---- H:\Program Files\Universal Extractor
2013-11-21 20:15:35 ----A---- H:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2013-11-21 20:15:33 ----D---- H:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2013-11-21 20:14:27 ----D---- H:\Program Files\Spyware Terminator
2013-11-19 08:41:19 ----D---- H:\Program Files\Pracovní kalendář
2013-11-16 14:09:42 ----D---- H:\Program Files\Mozilla Firefox
2013-11-14 09:23:37 ----HDC---- H:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 09:23:32 ----HDC---- H:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 09:23:27 ----HDC---- H:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 09:23:22 ----HDC---- H:\WINDOWS\$NtUninstallKB2876331$
2013-11-10 19:34:31 ----D---- H:\WINDOWS\pss
2013-11-10 18:55:09 ----D---- H:\Program Files\iPod
2013-11-10 18:55:07 ----D---- H:\Documents and Settings\All Users\Data aplikací\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-10 18:54:40 ----A---- H:\WINDOWS\system32\usbaaplrc.dll
2013-11-10 18:54:40 ----A---- H:\WINDOWS\system32\drivers\usbaapl.sys
2013-11-10 18:24:41 ----D---- H:\Documents and Settings\bobik\Data aplikací\Syncios
2013-11-10 18:24:32 ----D---- H:\Program Files\Syncios
2013-11-06 13:07:08 ----D---- H:\Program Files\iExplorer
2013-11-06 12:35:55 ----D---- H:\Documents and Settings\bobik\Data aplikací\WindSolutions
2013-11-06 12:33:03 ----D---- H:\Documents and Settings\All Users\Data aplikací\WindSolutions
2013-11-06 11:13:50 ----D---- H:\Program Files\iTunes
2013-11-05 16:43:32 ----D---- H:\Program Files\CPUID
2013-10-31 14:52:52 ----D---- H:\Program Files\TextureMind
======List of files/folders modified in the last 1 month======
2013-11-30 18:40:25 ----D---- H:\WINDOWS\Prefetch
2013-11-30 18:35:07 ----D---- H:\Documents and Settings\bobik\Data aplikací\Skype
2013-11-30 16:20:58 ----D---- H:\WINDOWS\Temp
2013-11-29 19:19:46 ----A---- H:\WINDOWS\system32\FlashPlayerApp.exe
2013-11-29 19:19:37 ----D---- H:\WINDOWS\system32
2013-11-29 19:19:37 ----A---- H:\WINDOWS\system32\PerfStringBackup.INI
2013-11-29 19:13:55 ----A---- H:\WINDOWS\SchedLgU.Txt
2013-11-29 19:13:53 ----D---- H:\WINDOWS\system32\CatRoot2
2013-11-28 18:55:51 ----AD---- H:\Documents and Settings\All Users\Data aplikací\TEMP
2013-11-28 18:55:50 ----D---- H:\Program Files\Cheat Engine 6.3
2013-11-28 18:28:43 ----RD---- H:\Program Files
2013-11-28 18:28:11 ----D---- H:\Program Files\PokerStars
2013-11-28 12:27:40 ----SHD---- H:\WINDOWS\Installer
2013-11-27 18:03:56 ----RSD---- H:\WINDOWS\Fonts
2013-11-25 11:25:40 ----D---- H:\WINDOWS
2013-11-25 11:10:17 ----A---- H:\WINDOWS\imsins.BAK
2013-11-25 09:35:52 ----A---- H:\WINDOWS\NeroDigital.ini
2013-11-24 19:52:29 ----D---- H:\Program Files\Full Tilt Poker
2013-11-24 15:21:16 ----D---- H:\Documents and Settings
2013-11-24 15:16:02 ----A---- H:\WINDOWS\OEWABLog.txt
2013-11-22 09:55:40 ----A---- H:\WINDOWS\win.ini
2013-11-22 09:55:40 ----A---- H:\WINDOWS\system.ini
2013-11-22 09:36:07 ----D---- H:\WINDOWS\system32\drivers
2013-11-22 09:36:03 ----RSHDC---- H:\WINDOWS\system32\dllcache
2013-11-22 09:35:52 ----D---- H:\Program Files\Mozilla Maintenance Service
2013-11-22 09:33:53 ----D---- H:\WINDOWS\system32\Restore
2013-11-14 10:21:47 ----HD---- H:\WINDOWS\inf
2013-11-14 09:23:16 ----D---- H:\Program Files\Internet Explorer
2013-11-14 09:23:08 ----D---- H:\WINDOWS\ie8updates
2013-11-14 09:22:49 ----D---- H:\WINDOWS\system32\MRT
2013-11-14 09:21:41 ----A---- H:\WINDOWS\system32\MRT.exe
2013-11-10 18:55:08 ----D---- H:\Program Files\Common Files\Apple
2013-11-10 18:54:46 ----D---- H:\Program Files\Apple Software Update
2013-11-10 18:54:41 ----DC---- H:\WINDOWS\system32\DRVSTORE
2013-11-10 18:54:23 ----D---- H:\Program Files\Bonjour
2013-11-10 18:51:07 ----D---- H:\WINDOWS\SxsCaPendDel
2013-11-07 15:15:11 ----RSD---- H:\WINDOWS\assembly
2013-11-07 15:15:11 ----D---- H:\WINDOWS\Microsoft.NET
2013-11-07 15:03:39 ----D---- H:\WINDOWS\WinSxS
2013-11-06 14:18:30 ----D---- H:\Documents and Settings\bobik\Data aplikací\BitTorrent
2013-11-06 11:11:53 ----D---- H:\WINDOWS\system32\ReinstallBackups
2013-11-06 09:22:17 ----D---- H:\Documents and Settings\All Users\Data aplikací\Apple
2013-11-05 16:38:39 ----SD---- H:\WINDOWS\Downloaded Program Files
2013-11-04 15:07:02 ----D---- H:\Documents and Settings\bobik\Data aplikací\Zoner
2013-11-03 21:13:21 ----D---- H:\Documents and Settings\All Users\Data aplikací\Skype
2013-11-03 21:13:18 ----RD---- H:\Program Files\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdide;amdide; H:\WINDOWS\system32\drivers\amdide.sys [2013-08-27 11832]
R0 aswRvrt;aswRvrt; H:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; H:\WINDOWS\system32\drivers\aswVmm.sys [2013-08-31 175176]
R0 mv61xxmm;mv61xxmm; H:\WINDOWS\system32\drivers\mv61xxmm.sys [2013-08-27 14184]
R0 mv64xxmm;mv64xxmm; H:\WINDOWS\system32\drivers\mv64xxmm.sys [2013-08-27 5632]
R0 mvxxmm;mvxxmm; H:\WINDOWS\system32\drivers\mvxxmm.sys [2013-08-27 14184]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI NEC FireWarden; H:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 AmdPPM;Ovladač procesoru HwPState AMD; H:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 AswRdr;aswRdr; H:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; H:\WINDOWS\system32\drivers\aswSnx.sys [2013-08-31 770344]
R1 aswSP;aswSP; H:\WINDOWS\system32\drivers\aswSP.sys [2013-08-31 369584]
R1 aswTdi;avast! Network Shield Support; H:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\H:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; H:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; H:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\H:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 ALSysIO;ALSysIO; \??\H:\DOCUME~1\bobik\LOCALS~1\Temp\ALSysIO.sys []
R3 Arp1394;Protokol 1394 ARP Client; H:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; H:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-10 4614144]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; H:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; H:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); H:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-08-18 5884416]
R3 MarvinBus;Pinnacle Marvin Bus; H:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 NIC1394;1394 Net Driver; H:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; H:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Ambfilt;Ambfilt; H:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 AsrCDDrv;AsrCDDrv; \??\H:\WINDOWS\system32\Drivers\AsrCDDrv.sys []
S3 Monfilt;Monfilt; H:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 USBAAPL;Apple Mobile USB Driver; H:\WINDOWS\System32\Drivers\usbaapl.sys [2012-12-13 45056]
S3 usbscan;Ovladač skeneru USB; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; H:\WINDOWS\system32\Ati2evxx.exe [2010-02-10 602112]
R2 avast! Antivirus;avast! Antivirus; H:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); H:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-31 116648]
S2 SkypeUpdate;Skype Updater; H:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-29 257416]
S3 aspnet_state;ASP.NET State Service; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; H:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); H:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-31 116648]
S3 IDriverT;InstallDriver Table Manager; H:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Služba Windows CardSpace; H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; H:\Program Files\iPod\bin\iPodService.exe [2013-05-15 553288]
S3 MozillaMaintenance;Mozilla Maintenance Service; H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-11-16 119408]
S3 NBService;NBService; H:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 Apple Mobile Device;Apple Mobile Device; H:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
S4 Bonjour Service;Bonjour Service; H:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; H:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; H:\Program Files\Spyware Terminator\st_rsser.exe [2013-10-22 587912]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Dvouklikem na soubor spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
nemam tam ty 2 polozky co mam zaskrtnout 
co dal prosim ?
co dal prosim ?
-
Rudy
- Site Admin
- Příspěvky: 119532
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Nic nebudete zaškrtávat, nýbrž spustíte OTM a skript zkopírujete do levého okna. Pak vypnete Avast a kliknete ne >MoveIt!<. Proběhne sken, po něm restartujete PC a dáte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?