Prosim o preventivnu kontrolu

Zpráva

ajkal · #1 Příspěvek od **ajkal** » 15 bře 2014 19:16

Dobrý večer. Poprosím o preventivnu kontrolu. Ďakujem.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lubomir Opatovsky at 2014-03-15 19:16:40
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 38 GB (34%) free of 114 GB
Total RAM: 1022 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:16:49, on 15.3.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Documents and Settings\Lubomir Opatovsky\Desktop\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Lubomir Opatovsky.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 2461316484
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

--
End of file - 4361 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
C:\WINDOWS\tasks\GlaryInitialize 4.job
C:\WINDOWS\tasks\GlaryUpdate 4.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Lubomir Opatovsky\Application Data\Mozilla\Firefox\Profiles\m7ywjni7.default-1393606504375

prefs.js - "browser.startup.homepage" - "http://www.zoznam.sk/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.77 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Documents and Settings\Lubomir Opatovsky\Application Data\Mozilla\Firefox\Profiles\m7ywjni7.default-1393606504375\extensions\
donottrackplus@abine.com
{3d7eb24f-2740-49df-8937-200b1cc08f8a}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-15 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-15 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-02-15 3767096]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-01 1576152]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-03 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-03 86016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite 4.49.1.0356]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-05-28 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-03-15 19:16:40 ----D---- C:\rsit
2014-03-15 13:19:52 ----D---- C:\Program Files\DAEMON Tools Lite
2014-03-08 19:15:47 ----D---- C:\WINDOWS\system32\NtmsData
2014-03-05 19:37:45 ----N---- C:\WINDOWS\system32\xp_eos.exe
2014-03-02 20:03:00 ----D---- C:\Documents and Settings\Lubomir Opatovsky\Application Data\Help
2014-03-02 19:40:04 ----D---- C:\Program Files\DOSBox-0.74
2014-02-28 18:35:00 ----D---- C:\Program Files\Realtek
2014-02-28 17:50:30 ----A---- C:\WINDOWS\system32\drivers\BootDefragDriver.sys
2014-02-28 17:50:30 ----A---- C:\WINDOWS\system32\BootDefrag.exe
2014-02-28 17:46:31 ----N---- C:\WINDOWS\SchedLgU.Txt
2014-02-28 17:46:24 ----ASH---- C:\hiberfil.sys
2014-02-24 19:26:34 ----A---- C:\Documents and Settings\Lubomir Opatovsky\Application Data\GDIPFONTCACHEV1.DAT
2014-02-24 16:46:00 ----D---- C:\Documents and Settings\Lubomir Opatovsky\Application Data\ScummVM
2014-02-23 16:36:17 ----D---- C:\Program Files\Glary Utilities 4
2014-02-23 16:03:21 ----D---- C:\Documents and Settings\Lubomir Opatovsky\Application Data\Apple Computer
2014-02-22 02:38:16 ----D---- C:\Program Files\Trend Micro
2014-02-22 02:19:34 ----A---- C:\WINDOWS\system32\gdiplus.dll
2014-02-22 02:11:45 ----A---- C:\WINDOWS\system32\drivers\fvstore.dat
2014-02-22 02:11:43 ----HD---- C:\VTRoot
2014-02-22 00:50:14 ----D---- C:\WINDOWS\Minidump
2014-02-22 00:48:15 ----D---- C:\Documents and Settings\Lubomir Opatovsky\Application Data\GHISLER
2014-02-21 22:16:20 ----D---- C:\Program Files\Realtek AC97
2014-02-21 20:56:51 ----D---- C:\Program Files\ReflexiveArcade
2014-02-21 20:43:50 ----A---- C:\WINDOWS\acpimof.dll
2014-02-21 19:24:51 ----D---- C:\Program Files\NVIDIA Corporation
2014-02-21 17:41:38 ----A---- C:\WINDOWS\system32\vIdeInst.dll
2014-02-21 17:41:38 ----A---- C:\WINDOWS\system32\drivers\ViPrt.sys
2014-02-21 17:41:38 ----A---- C:\WINDOWS\system32\drivers\ViBus.sys
2014-02-21 17:12:19 ----D---- C:\Documents and Settings\Lubomir Opatovsky\Application Data\CrystalIdea Software
2014-02-21 15:39:52 ----A---- C:\WINDOWS\UC.PIF
2014-02-21 15:39:52 ----A---- C:\WINDOWS\RAR.PIF
2014-02-21 15:39:52 ----A---- C:\WINDOWS\PKZIP.PIF
2014-02-21 15:39:52 ----A---- C:\WINDOWS\PKUNZIP.PIF
2014-02-21 15:39:52 ----A---- C:\WINDOWS\LHA.PIF
2014-02-21 15:39:52 ----A---- C:\WINDOWS\ARJ.PIF
2014-02-21 15:39:51 ----D---- C:\totalcmd
2014-02-21 14:24:20 ----D---- C:\Program Files\MSECache
2014-02-21 00:32:14 ----D---- C:\Program Files\Western Digital Corporation
2014-02-20 23:54:39 ----D---- C:\Documents and Settings\Lubomir Opatovsky\Application Data\HD Tune Pro
2014-02-20 23:15:01 ----ASH---- C:\pagefile.sys
2014-02-19 17:59:31 ----D---- C:\WINDOWS\nview
2014-02-16 21:42:38 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2014-02-16 21:42:26 ----D---- C:\Program Files\MSXML 4.0
2014-02-16 21:22:14 ----A---- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
2014-02-16 21:06:15 ----D---- C:\Program Files\Overland
2014-02-16 20:31:58 ----D---- C:\Program Files\Hewlett-Packard
2014-02-16 20:31:57 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2014-02-16 20:31:45 ----RA---- C:\WINDOWS\system32\MSXML4r.dll
2014-02-16 20:31:45 ----RA---- C:\WINDOWS\system32\MSXML4a.dll
2014-02-16 20:31:45 ----RA---- C:\WINDOWS\system32\hpvcr70.dll
2014-02-16 20:31:45 ----RA---- C:\WINDOWS\system32\hpvcp70.dll
2014-02-16 20:31:45 ----RA---- C:\WINDOWS\system32\hpvaut32.dll
2014-02-16 20:29:53 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2014-02-16 20:27:23 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2014-02-16 20:27:10 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2014-02-16 20:25:26 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2014-02-16 20:25:26 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2014-02-16 20:25:26 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2014-02-16 20:25:26 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2014-02-16 20:25:26 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2014-02-16 20:25:25 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2014-02-16 20:25:22 ----A---- C:\WINDOWS\IsUninst.exe
2014-02-16 20:23:47 ----D---- C:\Program Files\HP
2014-02-16 20:22:53 ----HD---- C:\Config.Msi
2014-02-16 20:21:55 ----N---- C:\WINDOWS\hpomdl04.dat
2014-02-16 20:21:55 ----A---- C:\WINDOWS\hpoins04.dat
2014-02-16 20:12:57 ----N---- C:\WINDOWS\system32\spmsg.dll
2014-02-16 20:12:13 ----D---- C:\Program Files\Windows Media Connect 2
2014-02-16 20:09:54 ----D---- C:\WINDOWS\system32\LogFiles
2014-02-16 20:09:54 ----D---- C:\WINDOWS\system32\drivers\UMDF
2014-02-16 19:36:09 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
2014-02-16 17:14:09 ----A---- C:\WINDOWS\system32\drivers\HWiNFO32.SYS
2014-02-16 17:13:34 ----D---- C:\Program Files\HWiNFO32
2014-02-16 13:00:04 ----D---- C:\Program Files\Full Tilt Poker

======List of files/folders modified in the last 1 month======

2014-03-15 19:16:08 ----D---- C:\WINDOWS\Temp
2014-03-15 19:14:43 ----SD---- C:\WINDOWS\Tasks
2014-03-15 19:10:13 ----D---- C:\WINDOWS\system32
2014-03-15 19:10:13 ----D---- C:\WINDOWS
2014-03-15 19:08:32 ----D---- C:\WINDOWS\system32\CatRoot2
2014-03-15 18:58:28 ----D---- C:\WINDOWS\system32\drivers
2014-03-15 18:23:30 ----D---- C:\WINDOWS\twain_32
2014-03-15 13:19:52 ----RD---- C:\Program Files
2014-03-14 23:04:25 ----D---- C:\WINDOWS\Debug
2014-03-14 22:59:07 ----D---- C:\WINDOWS\system32\MRT
2014-03-14 22:58:42 ----A---- C:\WINDOWS\system32\MRT.exe
2014-03-14 19:54:09 ----D---- C:\Program Files\Combined Community Codec Pack
2014-03-14 15:55:33 ----D---- C:\Program Files\Microsoft Silverlight
2014-03-13 04:13:54 ----HD---- C:\WINDOWS\inf
2014-03-13 04:13:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-03-13 04:13:47 ----D---- C:\Program Files\Internet Explorer
2014-03-13 04:13:25 ----D---- C:\WINDOWS\ie8updates
2014-03-13 04:12:11 ----SHD---- C:\WINDOWS\Installer
2014-03-11 19:24:46 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-11 00:05:00 ----D---- C:\WINDOWS\Prefetch
2014-03-08 19:13:51 ----D---- C:\WINDOWS\Registration
2014-03-07 21:19:31 ----D---- C:\Documents and Settings\Lubomir Opatovsky\Application Data\MPC-HC
2014-03-05 19:40:59 ----D---- C:\WINDOWS\system32\CatRoot
2014-03-01 18:26:42 ----D---- C:\WINDOWS\Config
2014-02-28 18:35:15 ----D---- C:\WINDOWS\system32\ReinstallBackups
2014-02-28 18:34:58 ----HD---- C:\Program Files\InstallShield Installation Information
2014-02-28 18:13:29 ----D---- C:\WINDOWS\Help
2014-02-28 17:47:31 ----D---- C:\WINDOWS\SoftwareDistribution
2014-02-28 17:31:53 ----SHD---- C:\RECYCLER
2014-02-28 17:29:57 ----D---- C:\Documents and Settings
2014-02-28 15:35:08 ----D---- C:\Program Files\CCleaner
2014-02-26 19:42:19 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2014-02-24 21:54:07 ----HD---- C:\WINDOWS\$hf_mig$
2014-02-24 16:55:58 ----D---- C:\WINDOWS\WinSxS
2014-02-24 16:55:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-02-24 16:48:18 ----D---- C:\WINDOWS\system32\config
2014-02-24 16:47:54 ----D---- C:\WINDOWS\system32\wbem
2014-02-24 16:39:21 ----D---- C:\Documents and Settings\Lubomir Opatovsky\Application Data\GlarySoft
2014-02-24 16:24:24 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2014-02-24 12:46:36 ----A---- C:\WINDOWS\system32\wininet.dll
2014-02-24 12:46:25 ----A---- C:\WINDOWS\system32\urlmon.dll
2014-02-24 12:46:19 ----A---- C:\WINDOWS\system32\url.dll
2014-02-24 12:46:18 ----N---- C:\WINDOWS\system32\occache.dll
2014-02-24 12:46:16 ----N---- C:\WINDOWS\system32\mstime.dll
2014-02-24 12:46:11 ----A---- C:\WINDOWS\system32\mshtmled.dll
2014-02-24 12:46:11 ----A---- C:\WINDOWS\system32\mshtml.dll
2014-02-24 12:45:58 ----N---- C:\WINDOWS\system32\licmgr10.dll
2014-02-24 12:45:58 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2014-02-24 12:45:58 ----A---- C:\WINDOWS\system32\msfeeds.dll
2014-02-24 12:45:57 ----N---- C:\WINDOWS\system32\jsproxy.dll
2014-02-24 12:45:57 ----A---- C:\WINDOWS\system32\iertutil.dll
2014-02-24 12:45:56 ----A---- C:\WINDOWS\system32\iepeers.dll
2014-02-24 12:45:55 ----A---- C:\WINDOWS\system32\ieframe.dll
2014-02-24 12:45:43 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2014-02-24 12:45:42 ----A---- C:\WINDOWS\system32\corpol.dll
2014-02-23 19:09:28 ----D---- C:\WINDOWS\pss
2014-02-23 18:44:04 ----D---- C:\Documents and Settings\Lubomir Opatovsky\Application Data\DAEMON Tools Lite
2014-02-23 17:50:03 ----SD---- C:\Documents and Settings\Lubomir Opatovsky\Application Data\Microsoft
2014-02-22 14:02:57 ----D---- C:\Program Files\Mozilla Firefox
2014-02-22 13:57:42 ----D---- C:\Program Files\Wise
2014-02-22 02:21:28 ----D---- C:\Program Files\COMODO
2014-02-21 22:24:04 ----D---- C:\WINDOWS\system32\Restore
2014-02-21 14:24:57 ----RSD---- C:\WINDOWS\Fonts
2014-02-21 14:24:47 ----D---- C:\Program Files\Microsoft Office
2014-02-20 18:32:19 ----D---- C:\Documents and Settings\All Users\Application Data\Comodo
2014-02-16 21:51:43 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-02-16 20:33:28 ----A---- C:\WINDOWS\win.ini
2014-02-16 20:29:53 ----D---- C:\Program Files\Common Files
2014-02-16 20:12:13 ----D---- C:\Program Files\Windows Media Player
2014-02-16 12:43:11 ----D---- C:\WINDOWS\Microsoft.NET
2014-02-16 12:43:08 ----RSD---- C:\WINDOWS\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2014-02-15 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2014-02-15 180248]
R0 BootDefragDriver;BootDefragDriver; C:\WINDOWS\System32\drivers\BootDefragDriver.sys [2014-02-26 13504]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2013-09-24 96216]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2014-03-15 320120]
R0 uagp35;Microsoft AGPv3.5 Filter; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R0 ViBus;ViBus; C:\WINDOWS\system32\DRIVERS\ViBus.sys [2007-12-07 16896]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2007-09-21 9216]
R0 ViPrt;VIA SATA IDE Device Driver; C:\WINDOWS\system32\DRIVERS\ViPrt.sys [2007-12-07 52736]
R1 aswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 cmderd;COMODO Internet Security Eradication Driver; C:\WINDOWS\System32\DRIVERS\cmderd.sys [2013-09-24 15704]
R1 cmdGuard;COMODO Internet Security Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2013-11-14 587864]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2013-09-24 30552]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO32.SYS []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2003-08-07 6528]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-03 6554496]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-15 50344]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-10-20 4832192]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-03 159812]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-02-21 73728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 131288]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Roli** » 15 bře 2014 19:27

Zdravím, tyhle zbytečnosti fixni v HJT :

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

HJT najdeš zde :

C:\Program Files\trend micro\Lubomir Opatovsky.exe

Fix znamená že spustíš HJT Obrázek

jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

V Naplánovaných úloháh zakaž :

Glary Initialize

Glary Update

Microsoft Windows XP End of Service Notification Logon

Microsoft Windows XP End of Service Notification Monthly

Jinak tam nic špatného nevidím.

ajkal · #3 Příspěvek od **ajkal** » 15 bře 2014 19:42

Dakujem velmi pekne.

#4 Příspěvek od **Roli** » 16 bře 2014 21:17

Není zač a

VIRY.CZ

Prosim o preventivnu kontrolu

Prosim o preventivnu kontrolu

Re: Prosim o preventivnu kontrolu

Re: Prosim o preventivnu kontrolu

Re: Prosim o preventivnu kontrolu