Nejde nainstalovat nod32 (byl tam ale choval se divně) nešla aktualizace odinstaloval jsem 3.667 a chtel nainstalovat novou verzi a padne to po zahajeni instalace.DIky
Logfile of random's system information tool 1.07 (written by random/random)
Run by Karel at 2010-06-30 22:55:03
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 23 GB (15%) free of 151 GB
Total RAM: 1023 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:08, on 30.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PowerQuest\PartitionMagic 8.0\PMAGIC.EXE
C:\Program Files\PowerQuest\PartitionMagic 8.0\PMAGICnt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Karel\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Karel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x092f -f video -m logitech -d 11.5.0.1145 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x092f -f video -m logitech -d 11.5.0.1145 (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} (WebWatch Class) - http://172.16.30.5:81/WinWebPush.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A25BBE2-49A3-4B71-99C0-55D0565B5ABE}: NameServer = 212.80.88.2,212.80.88.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 5686 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-24 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-24 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2004-10-27 61952]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-03-16 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-03-16 110696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2006-09-10 218032]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Server4PC.lnk - C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Documents and Settings\Karel\Nabídka Start\Programy\Po spuštění
SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe"="C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe:*:Enabled:Transformers(TM) - Revenge of the Fallen(TM)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\u\utorrent.exe"="C:\u\utorrent.exe:*:Enabled:µTorrent"
"E:\game\02.PES.2010.Full.Rip.Skullptura.El_DocToR.FoNeKat.Net\pes2010.exe"="E:\game\02.PES.2010.Full.Rip.Skullptura.El_DocToR.FoNeKat.Net\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboardingGame.exe"="C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboardingGame.exe:*:Enabled:Shaun White Snowboarding Game"
"C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboarding.exe"="C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboarding.exe:*:Enabled:Shaun White Snowboarding Update"
"C:\Program Files\Codemasters\FUEL\FUEL.exe"="C:\Program Files\Codemasters\FUEL\FUEL.exe:*:Enabled:FUEL"
"C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe"="C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:*:Enabled:Battlefield 2"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-06-30 22:21:18 ----D---- C:\rsit
2010-06-30 22:21:18 ----D---- C:\Program Files\trend micro
2010-06-12 19:11:25 ----A---- C:\WINDOWS\PSEXESVC.EXE
2010-06-12 19:00:56 ----D---- C:\Program Files\psexec
2010-06-12 18:52:27 ----D---- C:\Program Files\ESET
2010-06-12 17:34:17 ----D---- C:\Program Files\CCleaner
2010-06-11 00:35:40 ----D---- C:\Documents and Settings\Karel\Data aplikací\runic games
2010-06-11 00:10:18 ----D---- C:\Program Files\Runic Games
2010-06-10 23:21:51 ----D---- C:\Documents and Settings\Karel\Data aplikací\FUEL
2010-06-03 07:00:29 ----A---- C:\WINDOWS\graphedit.INI
======List of files/folders modified in the last 1 months======
2010-06-30 22:43:59 ----SH---- C:\boot.ini
2010-06-30 22:43:10 ----D---- C:\WINDOWS\Temp
2010-06-30 22:42:43 ----A---- C:\WINDOWS\wincmd.ini
2010-06-30 22:40:04 ----D---- C:\Program Files\SpeedFan
2010-06-30 22:36:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-30 22:31:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-30 22:31:05 ----D---- C:\WINDOWS
2010-06-30 22:21:18 ----RD---- C:\Program Files
2010-06-30 07:20:33 ----D---- C:\Documents and Settings\Karel\Data aplikací\vlc
2010-06-27 12:56:53 ----SHD---- C:\WINDOWS\CSC
2010-06-26 16:39:22 ----D---- C:\WINDOWS\system32
2010-06-26 16:39:22 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-24 17:14:52 ----D---- C:\Program Files\Mozilla Firefox
2010-06-24 00:02:07 ----D---- C:\WINDOWS\Prefetch
2010-06-14 06:52:59 ----D---- C:\Program Files\Mozilla Thunderbird
2010-06-12 18:53:34 ----D---- C:\WINDOWS\Minidump
2010-06-12 18:53:34 ----D---- C:\WINDOWS\Debug
2010-06-12 17:51:43 ----D---- C:\Documents and Settings\Karel\Data aplikací\dvdcss
2010-06-12 17:42:41 ----D---- C:\Program Files\Registry Clean Expert
2010-06-11 00:10:17 ----SHD---- C:\WINDOWS\Installer
2010-06-11 00:10:17 ----HD---- C:\Config.Msi
2010-06-11 00:10:17 ----D---- C:\WINDOWS\WinSxS
2010-06-11 00:10:11 ----HD---- C:\WINDOWS\inf
2010-06-10 23:48:19 ----D---- C:\WINDOWS\system32\DirectX
2010-06-10 23:48:18 ----RSD---- C:\WINDOWS\assembly
2010-06-10 23:45:43 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-10 23:45:43 ----D---- C:\Program Files\Electronic Arts
2010-06-10 23:14:22 ----D---- C:\Program Files\Codemasters
2010-06-10 23:14:08 ----D---- C:\Documents and Settings\Karel\Data aplikací\InstallShield
2010-06-04 21:31:27 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-06-02 19:05:05 ----D---- C:\dvbdream
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-19 12664]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 Ext2fs;Ext2fs; C:\WINDOWS\system32\DRIVERS\ext2fs.sys [2008-09-25 181120]
R1 IfsMount;IfsMount; C:\WINDOWS\system32\DRIVERS\ifsmount.sys [2008-08-28 51072]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 mbmiodrvr;mbmiodrvr; \??\C:\WINDOWS\system32\mbmiodrvr.sys []
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-04-04 278728]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-04-04 25416]
R2 SBKUPNT;SBKUPNT; \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-27 145920]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-03-16 10232352]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-03-23 130688]
R3 SKYNET;TechniSat DVB-PC TV Star PCI; C:\WINDOWS\system32\DRIVERS\SkyNET.SYS [2008-06-09 418832]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-03-02 29184]
R3 xnacc;Microsoft Common Controller For Windows Driver Service; C:\WINDOWS\system32\DRIVERS\xnacc.sys [2006-06-01 509440]
S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys []
S3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys []
S3 ajz69hlg;ajz69hlg; C:\WINDOWS\system32\drivers\ajz69hlg.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2009-03-18 1512960]
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\DScaler\DSDrv4.sys []
S3 esihdrv;esihdrv; \??\C:\DOCUME~1\Karel\LOCALS~1\Temp\esihdrv.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-28 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-28 21568]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
S3 Maplom;Maplom; C:\WINDOWS\system32\drivers\Maplom.sys []
S3 MaplomL;MaplomL; C:\WINDOWS\system32\drivers\MaplomL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776]
S3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-24 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-03-16 154216]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
pouzi ESET odinstalator http://kb.eset.com/esetkb/index?page=co ... d=SOLN2116 + vycisti s CCleanerom
+ restart a skus instalaciu - ak padne vloz hlasku
+ restart a skus instalaciu - ak padne vloz hlasku
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu
Predem se omlouvam , byl jsem na dovolene.
Udelal jsem to co jste rikal.Prohledal i registry , cccleaner vycistil a nic.
Padne to po vyberu typu instalace (typicka nebo uzivatelska) bez hlasky.
Diky za Vas cas.
novy log RSIT
Logfile of random's system information tool 1.08 (written by random/random)
Run by Karel at 2010-07-13 18:55:15
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (11%) free of 151 GB
Total RAM: 1023 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:55:19, on 13.7.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Karel\Dokumenty\Stažené soubory\RSIT(2).exe
C:\Program Files\trend micro\Karel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x092f -f video -m logitech -d 11.5.0.1145 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x092f -f video -m logitech -d 11.5.0.1145 (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} (WebWatch Class) - http://172.16.30.5:81/WinWebPush.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A25BBE2-49A3-4B71-99C0-55D0565B5ABE}: NameServer = 212.80.88.2,212.80.88.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 5727 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-24 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-24 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2004-10-27 61952]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-06-03 1753192]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-06-07 13902440]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-06-07 110696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2006-09-10 218032]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Server4PC.lnk - C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Documents and Settings\Karel\Nabídka Start\Programy\Po spuštění
SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe"="C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe:*:Enabled:Transformers(TM) - Revenge of the Fallen(TM)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\u\utorrent.exe"="C:\u\utorrent.exe:*:Enabled:µTorrent"
"E:\game\02.PES.2010.Full.Rip.Skullptura.El_DocToR.FoNeKat.Net\pes2010.exe"="E:\game\02.PES.2010.Full.Rip.Skullptura.El_DocToR.FoNeKat.Net\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboardingGame.exe"="C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboardingGame.exe:*:Enabled:Shaun White Snowboarding Game"
"C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboarding.exe"="C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboarding.exe:*:Enabled:Shaun White Snowboarding Update"
"C:\Program Files\Codemasters\FUEL\FUEL.exe"="C:\Program Files\Codemasters\FUEL\FUEL.exe:*:Enabled:FUEL"
"C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe"="C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:*:Enabled:Battlefield 2"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-07-12 18:55:54 ----D---- C:\Documents and Settings\Karel\Data aplikací\WB Games
2010-07-12 18:52:05 ----D---- C:\Program Files\WB Games
2010-06-30 22:21:18 ----D---- C:\rsit
2010-06-30 22:21:18 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 months======
2010-07-13 18:54:40 ----D---- C:\Program Files\Mozilla Firefox
2010-07-13 18:53:37 ----A---- C:\WINDOWS\wincmd.ini
2010-07-13 18:52:43 ----D---- C:\WINDOWS\system32
2010-07-13 18:52:43 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-13 18:52:38 ----D---- C:\WINDOWS
2010-07-13 18:52:31 ----D---- C:\Program Files\SpeedFan
2010-07-13 18:51:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-13 18:47:17 ----HD---- C:\Config.Msi
2010-07-13 18:47:09 ----D---- C:\WINDOWS\Help
2010-07-13 18:47:06 ----SHD---- C:\WINDOWS\Installer
2010-07-13 18:46:23 ----D---- C:\Program Files\NVIDIA Corporation
2010-07-13 18:45:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-13 18:45:50 ----D---- C:\WINDOWS\system32\drivers
2010-07-13 18:45:47 ----HD---- C:\WINDOWS\inf
2010-07-13 18:44:20 ----RD---- C:\Program Files
2010-07-13 18:42:37 ----D---- C:\WINDOWS\Temp
2010-07-13 18:31:44 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-12 20:33:09 ----D---- C:\Documents and Settings\Karel\Data aplikací\vlc
2010-07-12 18:55:54 ----D---- C:\WINDOWS\Prefetch
2010-07-12 18:54:53 ----D---- C:\WINDOWS\system32\DirectX
2010-07-12 18:54:50 ----D---- C:\WINDOWS\WinSxS
2010-07-11 22:13:32 ----D---- C:\Program Files\Zoom Player
2010-06-30 23:20:28 ----SH---- C:\boot.ini
2010-06-27 12:56:53 ----SHD---- C:\WINDOWS\CSC
2010-06-14 06:52:59 ----D---- C:\Program Files\Mozilla Thunderbird
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 m5288;m5288; C:\WINDOWS\system32\DRIVERS\m5288.sys [2005-10-19 102528]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-06-07 721904]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-19 12664]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 Ext2fs;Ext2fs; C:\WINDOWS\system32\DRIVERS\ext2fs.sys [2008-09-25 181120]
R1 IfsMount;IfsMount; C:\WINDOWS\system32\DRIVERS\ifsmount.sys [2008-08-28 51072]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 mbmiodrvr;mbmiodrvr; \??\C:\WINDOWS\system32\mbmiodrvr.sys []
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-04-04 278728]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-04-04 25416]
R2 SBKUPNT;SBKUPNT; \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-27 145920]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-06-08 10531200]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-03-23 130688]
R3 SKYNET;TechniSat DVB-PC TV Star PCI; C:\WINDOWS\system32\DRIVERS\SkyNET.SYS [2008-06-09 418832]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-03-02 29184]
R3 xnacc;Microsoft Common Controller For Windows Driver Service; C:\WINDOWS\system32\DRIVERS\xnacc.sys [2006-06-01 509440]
S3 a2m7yphn;a2m7yphn; C:\WINDOWS\system32\drivers\a2m7yphn.sys []
S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys []
S3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2009-03-18 1512960]
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\DScaler\DSDrv4.sys []
S3 esihdrv;esihdrv; \??\C:\DOCUME~1\Karel\LOCALS~1\Temp\esihdrv.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-28 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-28 21568]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
S3 Maplom;Maplom; C:\WINDOWS\system32\drivers\Maplom.sys []
S3 MaplomL;MaplomL; C:\WINDOWS\system32\drivers\MaplomL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776]
S3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-24 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Udelal jsem to co jste rikal.Prohledal i registry , cccleaner vycistil a nic.
Padne to po vyberu typu instalace (typicka nebo uzivatelska) bez hlasky.
Diky za Vas cas.
novy log RSIT
Logfile of random's system information tool 1.08 (written by random/random)
Run by Karel at 2010-07-13 18:55:15
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (11%) free of 151 GB
Total RAM: 1023 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:55:19, on 13.7.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Karel\Dokumenty\Stažené soubory\RSIT(2).exe
C:\Program Files\trend micro\Karel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x092f -f video -m logitech -d 11.5.0.1145 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x092f -f video -m logitech -d 11.5.0.1145 (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} (WebWatch Class) - http://172.16.30.5:81/WinWebPush.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7A25BBE2-49A3-4B71-99C0-55D0565B5ABE}: NameServer = 212.80.88.2,212.80.88.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
--
End of file - 5727 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-24 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-24 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2004-10-27 61952]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-06-03 1753192]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-06-07 13902440]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-06-07 110696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2006-09-10 218032]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Server4PC.lnk - C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Documents and Settings\Karel\Nabídka Start\Programy\Po spuštění
SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe"="C:\Program Files\Activision\Transformers - Revenge of the Fallen\Transformers2.exe:*:Enabled:Transformers(TM) - Revenge of the Fallen(TM)"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\u\utorrent.exe"="C:\u\utorrent.exe:*:Enabled:µTorrent"
"E:\game\02.PES.2010.Full.Rip.Skullptura.El_DocToR.FoNeKat.Net\pes2010.exe"="E:\game\02.PES.2010.Full.Rip.Skullptura.El_DocToR.FoNeKat.Net\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboardingGame.exe"="C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboardingGame.exe:*:Enabled:Shaun White Snowboarding Game"
"C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboarding.exe"="C:\Program Files\Ubisoft\Shaun White Snowboarding\ShaunWhiteSnowboarding.exe:*:Enabled:Shaun White Snowboarding Update"
"C:\Program Files\Codemasters\FUEL\FUEL.exe"="C:\Program Files\Codemasters\FUEL\FUEL.exe:*:Enabled:FUEL"
"C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe"="C:\Program Files\Electronic Arts\Battlefield 2142\BF2142.exe:*:Enabled:Battlefield 2"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-07-12 18:55:54 ----D---- C:\Documents and Settings\Karel\Data aplikací\WB Games
2010-07-12 18:52:05 ----D---- C:\Program Files\WB Games
2010-06-30 22:21:18 ----D---- C:\rsit
2010-06-30 22:21:18 ----D---- C:\Program Files\trend micro
======List of files/folders modified in the last 1 months======
2010-07-13 18:54:40 ----D---- C:\Program Files\Mozilla Firefox
2010-07-13 18:53:37 ----A---- C:\WINDOWS\wincmd.ini
2010-07-13 18:52:43 ----D---- C:\WINDOWS\system32
2010-07-13 18:52:43 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-13 18:52:38 ----D---- C:\WINDOWS
2010-07-13 18:52:31 ----D---- C:\Program Files\SpeedFan
2010-07-13 18:51:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-13 18:47:17 ----HD---- C:\Config.Msi
2010-07-13 18:47:09 ----D---- C:\WINDOWS\Help
2010-07-13 18:47:06 ----SHD---- C:\WINDOWS\Installer
2010-07-13 18:46:23 ----D---- C:\Program Files\NVIDIA Corporation
2010-07-13 18:45:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-13 18:45:50 ----D---- C:\WINDOWS\system32\drivers
2010-07-13 18:45:47 ----HD---- C:\WINDOWS\inf
2010-07-13 18:44:20 ----RD---- C:\Program Files
2010-07-13 18:42:37 ----D---- C:\WINDOWS\Temp
2010-07-13 18:31:44 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-12 20:33:09 ----D---- C:\Documents and Settings\Karel\Data aplikací\vlc
2010-07-12 18:55:54 ----D---- C:\WINDOWS\Prefetch
2010-07-12 18:54:53 ----D---- C:\WINDOWS\system32\DirectX
2010-07-12 18:54:50 ----D---- C:\WINDOWS\WinSxS
2010-07-11 22:13:32 ----D---- C:\Program Files\Zoom Player
2010-06-30 23:20:28 ----SH---- C:\boot.ini
2010-06-27 12:56:53 ----SHD---- C:\WINDOWS\CSC
2010-06-14 06:52:59 ----D---- C:\Program Files\Mozilla Thunderbird
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 m5288;m5288; C:\WINDOWS\system32\DRIVERS\m5288.sys [2005-10-19 102528]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-06-07 721904]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-19 12664]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 Ext2fs;Ext2fs; C:\WINDOWS\system32\DRIVERS\ext2fs.sys [2008-09-25 181120]
R1 IfsMount;IfsMount; C:\WINDOWS\system32\DRIVERS\ifsmount.sys [2008-08-28 51072]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 mbmiodrvr;mbmiodrvr; \??\C:\WINDOWS\system32\mbmiodrvr.sys []
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-04-04 278728]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-04-04 25416]
R2 SBKUPNT;SBKUPNT; \??\C:\WINDOWS\system32\Drivers\SBKUPNT.SYS []
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-10-27 145920]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-06-08 10531200]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-03-23 130688]
R3 SKYNET;TechniSat DVB-PC TV Star PCI; C:\WINDOWS\system32\DRIVERS\SkyNET.SYS [2008-06-09 418832]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-03-02 29184]
R3 xnacc;Microsoft Common Controller For Windows Driver Service; C:\WINDOWS\system32\DRIVERS\xnacc.sys [2006-06-01 509440]
S3 a2m7yphn;a2m7yphn; C:\WINDOWS\system32\drivers\a2m7yphn.sys []
S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys []
S3 AEAudioService;AEAudio Service; C:\WINDOWS\system32\drivers\AEAudio.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2009-03-18 1512960]
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\DScaler\DSDrv4.sys []
S3 esihdrv;esihdrv; \??\C:\DOCUME~1\Karel\LOCALS~1\Temp\esihdrv.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-28 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-28 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-28 21568]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-10-11 2142488]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-10-12 41752]
S3 Maplom;Maplom; C:\WINDOWS\system32\drivers\Maplom.sys []
S3 MaplomL;MaplomL; C:\WINDOWS\system32\drivers\MaplomL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\WINDOWS\system32\DRIVERS\LV561AV.SYS [2007-10-12 490776]
S3 SenFiltService;SenFilt Service; C:\WINDOWS\system32\drivers\Senfilt.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2008-09-29 133632]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-24 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2005-03-14 69632]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-10-19 141848]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Prosím o kontrolu logu
stiahni a uloz na plochu ComboFix
potom spust pod uctom s administratorskym opravnenim
akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie
Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.
po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)
potom spust pod uctom s administratorskym opravnenim
akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie
Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.
po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu
ComboFix 10-07-13.08 - Karel 14.07.2010 18:51:51.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.769 [GMT 2:00]
Spuštěný z: c:\documents and settings\Karel\Plocha\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
E:\install.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-14 do 2010-07-14 )))))))))))))))))))))))))))))))
.
2010-07-14 16:41 . 2010-07-14 16:41 217180 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-07-14 16:41 . 2010-07-14 16:41 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-07-14 16:41 . 2010-07-14 16:41 217180 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-07-12 16:52 . 2010-07-12 16:52 -------- d-----w- c:\program files\WB Games
2010-06-30 20:21 . 2010-07-13 16:55 -------- d-----w- c:\program files\trend micro
2010-06-30 20:21 . 2010-06-30 20:21 -------- d-----w- C:\rsit
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-14 16:44 . 2008-12-29 21:00 -------- d-----w- c:\program files\SpeedFan
2010-07-14 16:42 . 2010-04-11 16:51 -------- d-----w- c:\program files\NVIDIA Corporation
2010-07-13 16:56 . 2001-10-25 16:00 78052 ----a-w- c:\windows\system32\perfc005.dat
2010-07-13 16:56 . 2001-10-25 16:00 429024 ----a-w- c:\windows\system32\perfh005.dat
2010-07-11 20:13 . 2008-12-29 20:52 -------- d-----w- c:\program files\Zoom Player
2010-06-14 04:52 . 2008-12-29 00:10 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-06-12 17:11 . 2010-06-12 17:11 181064 ----a-w- c:\windows\PSEXESVC.EXE
2010-06-12 17:01 . 2010-06-12 17:00 -------- d-----w- c:\program files\psexec
2010-06-12 15:42 . 2009-03-30 18:00 -------- d-----w- c:\program files\Registry Clean Expert
2010-06-12 15:34 . 2010-06-12 15:34 -------- d-----w- c:\program files\CCleaner
2010-06-10 22:10 . 2010-06-10 22:10 -------- d-----w- c:\program files\Runic Games
2010-06-10 21:45 . 2009-03-13 10:17 -------- d-----w- c:\program files\Electronic Arts
2010-06-10 21:45 . 2008-12-28 23:58 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-10 21:14 . 2010-01-09 18:23 -------- d-----w- c:\program files\Codemasters
2010-06-07 15:35 . 2010-06-07 15:35 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-05-29 06:45 . 2009-01-14 17:34 103090 -c--a-w- c:\windows\hpoins08.dat
2010-05-28 10:58 . 2008-12-29 00:04 600680 -c--a-w- c:\windows\system32\NVUNINST.EXE
2010-05-09 11:45 . 2010-05-09 11:45 0 ----a-w- c:\windows\PowerReg.dat
2010-04-19 05:03 . 2010-04-19 05:03 445440 ----a-w- c:\windows\svńhost.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-09-10 218032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-06-02 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-06-07 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-07 13902440]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-10-12 439568]
c:\documents and settings\Karel\Nabˇdka Start\Programy\Po spuçtŘnˇ\
SpeedFan.lnk - c:\program files\SpeedFan\speedfan.exe [2009-11-25 4009592]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2009-1-18 338448]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's H.A.W.X\\HAWX.exe"=
"c:\\Program Files\\Activision\\Transformers - Revenge of the Fallen\\Transformers2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\u\\utorrent.exe"=
"e:\\game\\02.PES.2010.Full.Rip.Skullptura.El_DocToR.FoNeKat.Net\\pes2010.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboardingGame.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboarding.exe"=
"c:\\Program Files\\Codemasters\\FUEL\\FUEL.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
R0 m5288;m5288;c:\windows\system32\drivers\m5288.sys [29.12.2008 2:02 102528]
R1 Ext2fs;Ext2fs;c:\windows\system32\drivers\ext2fs.sys [15.1.2010 22:52 181120]
R1 IfsMount;IfsMount;c:\windows\system32\drivers\ifsmount.sys [15.1.2010 22:52 51072]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [1.1.2010 2:50 14976]
R3 SKYNET;TechniSat DVB-PC TV Star PCI;c:\windows\system32\drivers\SkyNET.sys [18.1.2009 17:02 418832]
S3 esihdrv;esihdrv;\??\c:\docume~1\Karel\LOCALS~1\Temp\esihdrv.sys --> c:\docume~1\Karel\LOCALS~1\Temp\esihdrv.sys [?]
S3 MaplomL;MaplomL; [x]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [17.8.2004 17:49 14336]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [13.3.2009 11:30 721904]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
TCP: {7A25BBE2-49A3-4B71-99C0-55D0565B5ABE} = 212.80.88.2,212.80.88.3
DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} - hxxp://172.16.30.5:81/WinWebPush.cab
FF - ProfilePath - c:\documents and settings\Karel\Data aplikací\Mozilla\Firefox\Profiles\m16nq7rf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: capability.policy.policynames - allowclipboard
FF - user.js: capability.policy.allowclipboard.sites - hxxp://sport.vksport.cz
FF - user.js: capability.policy.allowclipboard.Clipboard.cutcopy - allAccess
FF - user.js: capability.policy.allowclipboard.Clipboard.paste - allAccessc:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-NVIDIA Display Control Panel - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-14 18:55
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-07-14 18:56:45
ComboFix-quarantined-files.txt 2010-07-14 16:56
Před spuštěním: Volných bajtů: 17 469 771 776
Po spuštění: Volných bajtů: 17 685 192 704
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 0F238FDBBA0B16C5733C18E8F72D1EB0
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.769 [GMT 2:00]
Spuštěný z: c:\documents and settings\Karel\Plocha\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
E:\install.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-14 do 2010-07-14 )))))))))))))))))))))))))))))))
.
2010-07-14 16:41 . 2010-07-14 16:41 217180 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-07-14 16:41 . 2010-07-14 16:41 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-07-14 16:41 . 2010-07-14 16:41 217180 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-07-12 16:52 . 2010-07-12 16:52 -------- d-----w- c:\program files\WB Games
2010-06-30 20:21 . 2010-07-13 16:55 -------- d-----w- c:\program files\trend micro
2010-06-30 20:21 . 2010-06-30 20:21 -------- d-----w- C:\rsit
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-14 16:44 . 2008-12-29 21:00 -------- d-----w- c:\program files\SpeedFan
2010-07-14 16:42 . 2010-04-11 16:51 -------- d-----w- c:\program files\NVIDIA Corporation
2010-07-13 16:56 . 2001-10-25 16:00 78052 ----a-w- c:\windows\system32\perfc005.dat
2010-07-13 16:56 . 2001-10-25 16:00 429024 ----a-w- c:\windows\system32\perfh005.dat
2010-07-11 20:13 . 2008-12-29 20:52 -------- d-----w- c:\program files\Zoom Player
2010-06-14 04:52 . 2008-12-29 00:10 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-06-12 17:11 . 2010-06-12 17:11 181064 ----a-w- c:\windows\PSEXESVC.EXE
2010-06-12 17:01 . 2010-06-12 17:00 -------- d-----w- c:\program files\psexec
2010-06-12 15:42 . 2009-03-30 18:00 -------- d-----w- c:\program files\Registry Clean Expert
2010-06-12 15:34 . 2010-06-12 15:34 -------- d-----w- c:\program files\CCleaner
2010-06-10 22:10 . 2010-06-10 22:10 -------- d-----w- c:\program files\Runic Games
2010-06-10 21:45 . 2009-03-13 10:17 -------- d-----w- c:\program files\Electronic Arts
2010-06-10 21:45 . 2008-12-28 23:58 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-10 21:14 . 2010-01-09 18:23 -------- d-----w- c:\program files\Codemasters
2010-06-07 15:35 . 2010-06-07 15:35 81920 ----a-w- c:\windows\system32\nvwddi.dll
2010-05-29 06:45 . 2009-01-14 17:34 103090 -c--a-w- c:\windows\hpoins08.dat
2010-05-28 10:58 . 2008-12-29 00:04 600680 -c--a-w- c:\windows\system32\NVUNINST.EXE
2010-05-09 11:45 . 2010-05-09 11:45 0 ----a-w- c:\windows\PowerReg.dat
2010-04-19 05:03 . 2010-04-19 05:03 445440 ----a-w- c:\windows\svńhost.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-09-10 218032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-06-02 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-06-07 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-07 13902440]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-10-12 439568]
c:\documents and settings\Karel\Nabˇdka Start\Programy\Po spuçtŘnˇ\
SpeedFan.lnk - c:\program files\SpeedFan\speedfan.exe [2009-11-25 4009592]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2009-1-18 338448]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Ubisoft\\Tom Clancy's H.A.W.X\\HAWX.exe"=
"c:\\Program Files\\Activision\\Transformers - Revenge of the Fallen\\Transformers2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\u\\utorrent.exe"=
"e:\\game\\02.PES.2010.Full.Rip.Skullptura.El_DocToR.FoNeKat.Net\\pes2010.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboardingGame.exe"=
"c:\\Program Files\\Ubisoft\\Shaun White Snowboarding\\ShaunWhiteSnowboarding.exe"=
"c:\\Program Files\\Codemasters\\FUEL\\FUEL.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
R0 m5288;m5288;c:\windows\system32\drivers\m5288.sys [29.12.2008 2:02 102528]
R1 Ext2fs;Ext2fs;c:\windows\system32\drivers\ext2fs.sys [15.1.2010 22:52 181120]
R1 IfsMount;IfsMount;c:\windows\system32\drivers\ifsmount.sys [15.1.2010 22:52 51072]
R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [1.1.2010 2:50 14976]
R3 SKYNET;TechniSat DVB-PC TV Star PCI;c:\windows\system32\drivers\SkyNET.sys [18.1.2009 17:02 418832]
S3 esihdrv;esihdrv;\??\c:\docume~1\Karel\LOCALS~1\Temp\esihdrv.sys --> c:\docume~1\Karel\LOCALS~1\Temp\esihdrv.sys [?]
S3 MaplomL;MaplomL; [x]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [17.8.2004 17:49 14336]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [13.3.2009 11:30 721904]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
TCP: {7A25BBE2-49A3-4B71-99C0-55D0565B5ABE} = 212.80.88.2,212.80.88.3
DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} - hxxp://172.16.30.5:81/WinWebPush.cab
FF - ProfilePath - c:\documents and settings\Karel\Data aplikací\Mozilla\Firefox\Profiles\m16nq7rf.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: capability.policy.policynames - allowclipboard
FF - user.js: capability.policy.allowclipboard.sites - hxxp://sport.vksport.cz
FF - user.js: capability.policy.allowclipboard.Clipboard.cutcopy - allAccess
FF - user.js: capability.policy.allowclipboard.Clipboard.paste - allAccessc:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-NVIDIA Display Control Panel - c:\program files\NVIDIA Corporation\Uninstall\nvuninst.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-14 18:55
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-07-14 18:56:45
ComboFix-quarantined-files.txt 2010-07-14 16:56
Před spuštěním: Volných bajtů: 17 469 771 776
Po spuštění: Volných bajtů: 17 685 192 704
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 0F238FDBBA0B16C5733C18E8F72D1EB0
Re: Prosím o kontrolu logu
skus este odinstalator - vid Carls http://www.viry.cz/forum/viewtopic.php? ... or#p485353
+
otestuj tento subor c:\windows\svńhost.exe na www.virustotal.com
+
otestuj tento subor c:\windows\svńhost.exe na www.virustotal.com
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu
virustotal :
a-squared 5.0.0.31 2010.07.17 Rootkit!IK
AhnLab-V3 2010.07.17.00 2010.07.16 Malware/Win32.Suspicious
AntiVir 8.2.4.12 2010.07.16 HEUR/Crypted
Antiy-AVL 2.0.3.7 2010.07.15 -
Authentium 5.2.0.5 2010.07.17 W32/SysVenFak.A.gen!Eldorado
Avast 4.8.1351.0 2010.07.16 Win32:Rootkit-gen
Avast5 5.0.332.0 2010.07.16 Win32:Rootkit-gen
AVG 9.0.0.836 2010.07.17 -
BitDefender 7.2 2010.07.17 Rootkit.36903
CAT-QuickHeal 11.00 2010.07.16 -
ClamAV 0.96.0.3-git 2010.07.17 -
Comodo 5454 2010.07.17 Backdoor.Win32.Delf.~DD
DrWeb 5.0.2.03300 2010.07.17 -
eSafe 7.0.17.0 2010.07.15 Win32.HEURCrypted
eTrust-Vet None 2010.07.16 -
F-Prot 4.6.1.107 2010.07.17 W32/SysVenFak.A.gen!Eldorado
F-Secure 9.0.15370.0 2010.07.17 Rootkit.36903
Fortinet 4.1.143.0 2010.07.17 -
GData 21 2010.07.17 Rootkit.36903
Ikarus T3.1.1.84.0 2010.07.17 Rootkit
Jiangmin 13.0.900 2010.07.17 -
Kaspersky 7.0.0.125 2010.07.17 -
McAfee 5.400.0.1158 2010.07.17 Suspect-0B!ECD96A76EB1E
McAfee-GW-Edition 2010.1 2010.07.16 Artemis!ECD96A76EB1E
Microsoft 1.6004 2010.07.17 -
NOD32 5285 2010.07.16 -
Norman 6.05.11 2010.07.16 W32/Suspicious.B!genr
nProtect 2010-07-17.02 2010.07.17 -
Panda 10.0.2.7 2010.07.16 Trj/CI.A
PCTools 7.0.3.5 2010.07.17 Spyware.Keylogger
Prevx 3.0 2010.07.17 -
Rising 22.56.04.04 2010.07.16 Trojan.Win32.Generic.51FFE08D
Sophos 4.55.0 2010.07.17 -
Sunbelt 6597 2010.07.17 Trojan.Win32.Generic!BT
SUPERAntiSpyware 4.40.0.1006 2010.07.17 -
Symantec 20101.1.1.7 2010.07.17 Spyware.Keylogger
TheHacker 6.5.2.1.318 2010.07.16 -
TrendMicro 9.120.0.1004 2010.07.17 -
TrendMicro-HouseCall 9.120.0.1004 2010.07.17 -
VBA32 3.12.12.6 2010.07.16 -
ViRobot 2010.7.12.3932 2010.07.17 -
VirusBuster 5.0.27.0 2010.07.16 -
a-squared 5.0.0.31 2010.07.17 Rootkit!IK
AhnLab-V3 2010.07.17.00 2010.07.16 Malware/Win32.Suspicious
AntiVir 8.2.4.12 2010.07.16 HEUR/Crypted
Antiy-AVL 2.0.3.7 2010.07.15 -
Authentium 5.2.0.5 2010.07.17 W32/SysVenFak.A.gen!Eldorado
Avast 4.8.1351.0 2010.07.16 Win32:Rootkit-gen
Avast5 5.0.332.0 2010.07.16 Win32:Rootkit-gen
AVG 9.0.0.836 2010.07.17 -
BitDefender 7.2 2010.07.17 Rootkit.36903
CAT-QuickHeal 11.00 2010.07.16 -
ClamAV 0.96.0.3-git 2010.07.17 -
Comodo 5454 2010.07.17 Backdoor.Win32.Delf.~DD
DrWeb 5.0.2.03300 2010.07.17 -
eSafe 7.0.17.0 2010.07.15 Win32.HEURCrypted
eTrust-Vet None 2010.07.16 -
F-Prot 4.6.1.107 2010.07.17 W32/SysVenFak.A.gen!Eldorado
F-Secure 9.0.15370.0 2010.07.17 Rootkit.36903
Fortinet 4.1.143.0 2010.07.17 -
GData 21 2010.07.17 Rootkit.36903
Ikarus T3.1.1.84.0 2010.07.17 Rootkit
Jiangmin 13.0.900 2010.07.17 -
Kaspersky 7.0.0.125 2010.07.17 -
McAfee 5.400.0.1158 2010.07.17 Suspect-0B!ECD96A76EB1E
McAfee-GW-Edition 2010.1 2010.07.16 Artemis!ECD96A76EB1E
Microsoft 1.6004 2010.07.17 -
NOD32 5285 2010.07.16 -
Norman 6.05.11 2010.07.16 W32/Suspicious.B!genr
nProtect 2010-07-17.02 2010.07.17 -
Panda 10.0.2.7 2010.07.16 Trj/CI.A
PCTools 7.0.3.5 2010.07.17 Spyware.Keylogger
Prevx 3.0 2010.07.17 -
Rising 22.56.04.04 2010.07.16 Trojan.Win32.Generic.51FFE08D
Sophos 4.55.0 2010.07.17 -
Sunbelt 6597 2010.07.17 Trojan.Win32.Generic!BT
SUPERAntiSpyware 4.40.0.1006 2010.07.17 -
Symantec 20101.1.1.7 2010.07.17 Spyware.Keylogger
TheHacker 6.5.2.1.318 2010.07.16 -
TrendMicro 9.120.0.1004 2010.07.17 -
TrendMicro-HouseCall 9.120.0.1004 2010.07.17 -
VBA32 3.12.12.6 2010.07.16 -
ViRobot 2010.7.12.3932 2010.07.17 -
VirusBuster 5.0.27.0 2010.07.16 -
Re: Prosím o kontrolu logu
rozhodne ten subor ZMAZ - ak nepojde normalne, pouzi Avenger alebo killbox
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu
Nainstaloval jsem panda cloud antivirus a ten ho po kontrole c: smazl jeste s nejakym souborem.
Nod ale nejde nainstalovat porad.....
Nod ale nejde nainstalovat porad.....
Re: Prosím o kontrolu logu
prescanuj PC s >> http://www.viry.cz/forum/viewtopic.php?f=29&t=101984
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?