Výpadky Internetu, zpomalení - PC1

Zpráva

CZDaywalker · #1 Příspěvek od **CZDaywalker** » 17 srp 2010 08:59

Prosím o kontrolu 3 PC....chci vyloučit chybu ovladače nebo HW.

Děkuji

CZDaywalker · #2 Příspěvek od **CZDaywalker** » 17 srp 2010 08:59

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jirka at 2010-08-17 09:56:29
Microsoft Windows 7 Ultimate
System drive C: has 10 GB (25%) free of 40 GB
Total RAM: 1534 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:56:50, on 17.8.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\LG Software\On Screen Display\HotKey.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Keyboard Driver\KMProcess.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\QIP\qip.exe
C:\Users\Jirka\Desktop\RSIT.exe
C:\Program Files\trend micro\Jirka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [KeybdUtility] C:\Program Files\LG Software\On Screen Display\HotKey.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Keyboard Driver\StartAutorun.exe KMConfig.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/ ... erCtrl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B83AF0C4-7624-4F01-A779-5CA38E9872C4}: NameServer = 217.77.165.81 217.77.161.131
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Keyboard Driver\KMWDSrv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

--
End of file - 6525 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-703784279-2633260763-2867772772-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-703784279-2633260763-2867772772-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-30 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-20 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-20 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-12-20 81920]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]
"KeybdUtility"=C:\Program Files\LG Software\On Screen Display\HotKey.exe [2007-02-15 2655800]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-28 1557800]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe []
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-11-11 1468256]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-12 2524416]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-11-02 2508104]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]
"KMCONFIG"=C:\Program Files\Keyboard Driver\StartAutorun.exe [2008-05-30 212992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Jirka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-26 136176]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-16 19:11:24 ----D---- C:\Program Files\Keyboard Driver
2010-08-16 11:06:40 ----D---- C:\Users\Jirka\AppData\Roaming\Mumble
2010-08-16 11:06:02 ----D---- C:\Program Files\Mumble
2010-08-14 14:25:31 ----D---- C:\Westwood
2010-08-14 14:24:26 ----A---- C:\Windows\uninst.exe
2010-08-11 19:41:59 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2010-08-11 19:41:19 ----HD---- C:\Program Files\CanonBJ
2010-08-11 19:40:31 ----D---- C:\Program Files\Canon
2010-08-11 12:52:02 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 12:51:59 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 12:51:58 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 12:51:57 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 12:51:57 ----A---- C:\Windows\system32\mstime.dll
2010-08-11 12:51:57 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-11 12:51:57 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 12:51:57 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-11 12:51:56 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-11 12:51:56 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-11 12:51:56 ----A---- C:\Windows\system32\ieui.dll
2010-08-11 12:51:54 ----A---- C:\Windows\system32\schannel.dll
2010-08-11 12:51:53 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 12:51:52 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 12:51:51 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-11 12:51:51 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-11 12:51:51 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-11 12:51:42 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 12:51:42 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-11 12:51:40 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-11 12:51:39 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-11 12:51:39 ----A---- C:\Windows\system32\iccvid.dll
2010-08-11 12:50:02 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 09:35:21 ----A---- C:\Windows\_MSRSTRT.EXE
2010-08-04 11:41:24 ----N---- C:\Windows\UniFISH.exe
2010-08-03 09:29:14 ----A---- C:\Windows\system32\shell32.dll
2010-08-01 12:09:06 ----A---- C:\Windows\WTRDCTM.INI
2010-08-01 12:02:45 ----D---- C:\Program Files\PC Translator
2010-08-01 12:02:31 ----D---- C:\ProgramData\LangSoft
2010-08-01 12:01:46 ----D---- C:\Users\Jirka\AppData\Roaming\LangSoft
2010-07-27 09:34:45 ----D---- C:\Program Files\Web Album Generator
2010-07-24 12:59:51 ----D---- C:\Program Files\rajce
2010-07-23 16:13:27 ----D---- C:\ProgramData\Blizzard Entertainment
2010-07-22 10:53:23 ----D---- C:\Users\Jirka\AppData\Roaming\Download Manager
2010-07-18 08:41:23 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 months======

2010-08-17 09:56:44 ----D---- C:\Windows\Prefetch
2010-08-17 09:56:35 ----D---- C:\Program Files\trend micro
2010-08-17 09:56:04 ----D---- C:\Windows\Temp
2010-08-17 09:27:32 ----D---- C:\Windows\system32\config
2010-08-17 09:27:14 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2010-08-17 09:07:13 ----SHD---- C:\System Volume Information
2010-08-17 08:58:20 ----D---- C:\Users\Jirka\AppData\Roaming\skypePM
2010-08-16 19:11:54 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-16 19:11:31 ----D---- C:\Windows\system32\drivers
2010-08-16 19:11:29 ----SHD---- C:\Windows\Installer
2010-08-16 19:11:24 ----RD---- C:\Program Files
2010-08-16 19:11:24 ----D---- C:\Windows\System32
2010-08-16 19:10:16 ----D---- C:\Windows\system32\catroot
2010-08-16 19:10:16 ----D---- C:\Windows\inf
2010-08-16 19:10:15 ----D---- C:\Windows\system32\DriverStore
2010-08-16 11:06:17 ----D---- C:\Windows\winsxs
2010-08-16 09:44:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-14 14:31:14 ----D---- C:\Windows
2010-08-14 13:09:20 ----D---- C:\Program Files\LG PC Suite II
2010-08-12 13:27:53 ----D---- C:\Users\Jirka\AppData\Roaming\dvdcss
2010-08-11 19:41:59 ----D---- C:\Windows\twain_32
2010-08-11 19:41:57 ----D---- C:\Windows\system32\catroot2
2010-08-11 14:59:41 ----D---- C:\Windows\Microsoft.NET
2010-08-11 14:59:23 ----RSD---- C:\Windows\assembly
2010-08-11 14:36:38 ----D---- C:\Windows\system32\migration
2010-08-11 14:36:38 ----D---- C:\Program Files\Internet Explorer
2010-08-11 12:56:58 ----D---- C:\ProgramData\Microsoft Help
2010-08-11 12:54:50 ----D---- C:\Windows\debug
2010-08-11 09:36:24 ----D---- C:\Program Files\Castle_Age
2010-08-09 19:38:35 ----RD---- C:\Users
2010-08-09 08:52:01 ----D---- C:\Windows\Minidump
2010-08-03 20:09:32 ----A---- C:\Windows\system32\MRT.exe
2010-08-01 12:02:31 ----HD---- C:\ProgramData
2010-07-26 19:08:29 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2010-07-26 10:50:26 ----D---- C:\Users\Jirka\AppData\Roaming\Samsung
2010-07-26 10:50:00 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-25 10:59:38 ----D---- C:\Program Files\Mozilla Firefox
2010-07-22 18:09:26 ----D---- C:\Windows\ModemLogs
2010-07-22 10:53:22 ----D---- C:\Windows\Downloaded Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 55040]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-09-23 294912]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-14 1035776]
R3 AGR1310_60;Agere Systems ET-13xx PCI-E Ethernet Adapter Vista Driver; C:\Windows\system32\DRIVERS\AGR1310_60.sys [2007-01-19 77824]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32k.sys [2009-11-11 30576]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-28 228784]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-05-02 290816]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 165376]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 78336]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 dc3d;MS Hardware Device Detection Driver (HID); C:\Windows\system32\DRIVERS\dc3d.sys [2009-11-10 22384]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
S3 KMWDFilter;KMWDFilter; \??\C:\Windows\System32\Drivers\KMWDFilter.SYS [2008-03-22 17024]
S3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-03-22 17024]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2009-11-11 14736]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcuxd.sys [2009-09-23 12800]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Keyboard Driver\KMWDSrv.exe [2008-06-23 208896]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-12 1488128]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-01-12 185640]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-27 655624]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-26 1343400]

-----------------EOF-----------------

CZDaywalker · #3 Příspěvek od **CZDaywalker** » 17 srp 2010 09:09

Logfile of random's system information tool 1.08 (written by random/random)
Run by Maminka at 2010-08-17 10:04:44
Microsoft Windows 7 Ultimate
System drive C: has 23 GB (56%) free of 40 GB
Total RAM: 3039 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:05:09, on 17.8.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Users\Maminka\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Apoint2K\Apvfb.exe
C:\Windows\system32\SearchFilterHost.exe
D:\Download\RSIT.exe
C:\Program Files\trend micro\Maminka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\Maminka\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Maminka\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

--
End of file - 6119 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1133550122-935949287-4042634899-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1133550122-935949287-4042634899-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-08-09 798771]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Users\Maminka\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll [2010-04-12 45568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-08-09 798771]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-01-30 13605408]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-01-30 92704]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2009-05-05 1466368]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2010-08-06 155648]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-12 2524416]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Maminka\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-06 136176]
"Nektra OEAPI"= []
"OEXPRESS"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-17 10:04:44 ----D---- C:\rsit
2010-08-17 10:04:44 ----D---- C:\Program Files\trend micro
2010-08-16 11:53:52 ----D---- C:\Users\Maminka\AppData\Roaming\Mumble
2010-08-16 11:53:23 ----D---- C:\Program Files\Mumble
2010-08-13 11:27:34 ----A---- C:\LOGFILE.TXT
2010-08-11 09:02:43 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-11 09:02:34 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-11 09:02:34 ----A---- C:\Windows\system32\iccvid.dll
2010-08-11 09:02:32 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 09:02:30 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 09:02:29 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-11 09:02:29 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-11 09:02:29 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-11 09:02:27 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-11 09:02:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 09:02:25 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 09:02:24 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 09:02:23 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 09:02:22 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 09:02:22 ----A---- C:\Windows\system32\mstime.dll
2010-08-11 09:02:22 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-11 09:02:22 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 09:02:22 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-11 09:02:21 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-11 09:02:21 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-11 09:02:21 ----A---- C:\Windows\system32\ieui.dll
2010-08-11 09:02:17 ----A---- C:\Windows\system32\schannel.dll
2010-08-11 09:02:16 ----A---- C:\Windows\system32\win32k.sys
2010-08-09 20:03:23 ----A---- C:\Windows\WTRDCTM.INI
2010-08-09 20:01:15 ----D---- C:\TRANSLAT
2010-08-09 20:01:12 ----D---- C:\ProgramData\LangSoft
2010-08-09 20:00:29 ----D---- C:\Users\Maminka\AppData\Roaming\LangSoft
2010-08-07 16:46:47 ----D---- C:\Windows\system32\oodag
2010-08-06 13:07:56 ----D---- C:\Users\Maminka\AppData\Roaming\vlc
2010-08-06 13:04:07 ----D---- C:\Users\Maminka\AppData\Roaming\dvdcss
2010-08-06 12:51:49 ----D---- C:\Users\Maminka\AppData\Roaming\Ventrilo
2010-08-06 12:49:10 ----D---- C:\Program Files\Ventrilo
2010-08-06 12:28:45 ----D---- C:\Program Files\Microsoft
2010-08-06 12:28:26 ----D---- C:\Program Files\Windows Live SkyDrive
2010-08-06 12:28:17 ----D---- C:\Program Files\Windows Live
2010-08-06 12:27:38 ----D---- C:\Windows\system32\appmgmt
2010-08-06 12:26:37 ----D---- C:\Users\Maminka\AppData\Roaming\Skype
2010-08-06 12:26:07 ----D---- C:\Program Files\Common Files\Skype
2010-08-06 12:26:03 ----RD---- C:\Program Files\Skype
2010-08-06 12:26:00 ----D---- C:\ProgramData\Skype
2010-08-06 12:25:28 ----D---- C:\Program Files\Common Files\Windows Live
2010-08-06 12:21:19 ----D---- C:\ProgramData\CyberLink
2010-08-06 12:19:24 ----A---- C:\Windows\system32\mdimon.dll
2010-08-06 12:17:26 ----D---- C:\Program Files\Microsoft Works
2010-08-06 12:17:02 ----D---- C:\Program Files\Microsoft Visual Studio
2010-08-06 12:17:01 ----D---- C:\Program Files\Common Files\DESIGNER
2010-08-06 12:16:30 ----D---- C:\Windows\PCHEALTH
2010-08-06 12:16:30 ----D---- C:\Program Files\Microsoft.NET
2010-08-06 12:13:34 ----D---- C:\ProgramData\Microsoft Help
2010-08-06 12:13:34 ----D---- C:\Program Files\Microsoft Office
2010-08-06 12:13:08 ----RHD---- C:\MSOCache
2010-08-06 11:31:37 ----N---- C:\Windows\system32\msxml3a.dll
2010-08-06 11:30:33 ----N---- C:\Windows\system32\msvcr71.dll
2010-08-06 11:30:33 ----N---- C:\Windows\system32\msvcp71.dll
2010-08-06 11:30:33 ----D---- C:\Program Files\CyberLink
2010-08-06 11:28:33 ----D---- C:\Program Files\OO Software
2010-08-06 11:25:11 ----D---- C:\Users\Maminka\AppData\Roaming\TeamViewer
2010-08-06 11:25:01 ----D---- C:\Program Files\VideoLAN
2010-08-06 11:24:52 ----D---- C:\ProgramData\Adobe
2010-08-06 11:24:50 ----D---- C:\Program Files\TeamViewer
2010-08-06 11:24:45 ----D---- C:\Program Files\Adobe
2010-08-06 11:24:25 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-06 11:22:17 ----D---- C:\Users\Maminka\AppData\Roaming\GHISLER
2010-08-06 11:22:17 ----D---- C:\Program Files\totalcmd
2010-08-06 11:22:17 ----A---- C:\Windows\UC.PIF
2010-08-06 11:22:17 ----A---- C:\Windows\RAR.PIF
2010-08-06 11:22:17 ----A---- C:\Windows\PKZIP.PIF
2010-08-06 11:22:17 ----A---- C:\Windows\PKUNZIP.PIF
2010-08-06 11:22:17 ----A---- C:\Windows\NOCLOSE.PIF
2010-08-06 11:22:17 ----A---- C:\Windows\LHA.PIF
2010-08-06 11:22:17 ----A---- C:\Windows\ARJ.PIF
2010-08-06 11:21:32 ----D---- C:\Program Files\rajce
2010-08-06 11:20:51 ----D---- C:\Users\Maminka\AppData\Roaming\WinRAR
2010-08-06 11:20:35 ----D---- C:\Program Files\WinRAR
2010-08-06 11:20:18 ----D---- C:\Program Files\PowerISO
2010-08-06 11:19:56 ----D---- C:\Program Files\Apoint2K
2010-08-06 11:18:55 ----D---- C:\Program Files\Microsoft Silverlight
2010-08-06 11:18:52 ----D---- C:\ProgramData\ASUS
2010-08-06 11:18:42 ----D---- C:\Program Files\ASUS
2010-08-06 11:18:11 ----D---- C:\Program Files\Common Files\InstallShield
2010-08-06 11:17:38 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2010-08-06 11:17:38 ----A---- C:\Windows\system32\drivers\sdbus.sys
2010-08-06 11:16:59 ----D---- C:\Program Files\ATKOSD2
2010-08-06 11:16:23 ----D---- C:\Program Files\ATK Hotkey
2010-08-06 11:16:21 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-06 11:16:01 ----D---- C:\Program Files\Motorola
2010-08-06 11:15:39 ----D---- C:\Users\Maminka\AppData\Roaming\InstallShield
2010-08-06 11:03:46 ----D---- C:\Program Files\Microsoft Security Essentials
2010-08-06 11:03:41 ----SHD---- C:\Windows\Installer
2010-08-06 10:56:37 ----D---- C:\Windows\system32\Wat
2010-08-06 10:55:47 ----A---- C:\Windows\system32\msv1_0.dll
2010-08-06 10:54:33 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-08-06 10:54:33 ----A---- C:\Windows\system32\PresentationHost.exe
2010-08-06 10:54:33 ----A---- C:\Windows\system32\netfxperf.dll
2010-08-06 10:54:33 ----A---- C:\Windows\system32\mscoree.dll
2010-08-06 10:54:33 ----A---- C:\Windows\system32\dfshim.dll
2010-08-06 10:52:33 ----A---- C:\Windows\system32\MRT.exe
2010-08-06 10:49:25 ----A---- C:\Windows\system32\browserchoice.exe
2010-08-06 10:45:13 ----D---- C:\Windows\system32\Macromed
2010-08-06 10:42:32 ----D---- C:\ProgramData\NVIDIA
2010-08-06 10:40:36 ----D---- C:\Windows\Panther
2010-08-06 10:35:52 ----A---- C:\Windows\system32\nvcpluir.dll
2010-08-06 10:35:52 ----A---- C:\Windows\system32\nvcplui.exe
2010-08-06 10:34:40 ----A---- C:\Windows\system32\NVUNINST.EXE
2010-08-06 10:34:25 ----D---- C:\NVIDIA
2010-08-06 10:25:22 ----D---- C:\Users\Maminka\AppData\Roaming\Macromedia
2010-08-06 10:25:22 ----D---- C:\Users\Maminka\AppData\Roaming\Adobe
2010-08-06 10:22:25 ----D---- C:\Program Files\Everest
2010-08-06 10:12:35 ----N---- C:\Windows\system32\MpSigStub.exe
2010-08-06 10:11:55 ----D---- C:\Program Files\QIP
2010-08-06 10:02:27 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-08-06 10:02:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-06 10:02:23 ----A---- C:\Windows\system32\wmp.dll
2010-08-06 10:02:22 ----A---- C:\Windows\system32\winresume.exe
2010-08-06 10:02:22 ----A---- C:\Windows\system32\winload.exe
2010-08-06 10:02:22 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-08-06 10:02:22 ----A---- C:\Windows\system32\CertEnroll.dll
2010-08-06 10:02:21 ----A---- C:\Windows\system32\wmploc.DLL
2010-08-06 10:02:17 ----A---- C:\Windows\system32\asycfilt.dll
2010-08-06 10:02:16 ----A---- C:\Windows\system32\drivers\usbhub.sys
2010-08-06 10:02:16 ----A---- C:\Windows\system32\drivers\usbehci.sys
2010-08-06 10:02:15 ----A---- C:\Windows\system32\tzres.dll
2010-08-06 10:02:13 ----A---- C:\Windows\system32\CPFilters.dll
2010-08-06 10:02:12 ----A---- C:\Windows\system32\psisdecd.dll
2010-08-06 10:02:12 ----A---- C:\Windows\system32\msdri.dll
2010-08-06 10:02:11 ----A---- C:\Windows\system32\lsasrv.dll
2010-08-06 10:02:11 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-08-06 10:02:08 ----A---- C:\Windows\system32\jscript.dll
2010-08-06 10:02:07 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-08-06 10:02:07 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-08-06 10:02:07 ----A---- C:\Windows\system32\secproc_isv.dll
2010-08-06 10:02:07 ----A---- C:\Windows\system32\secproc.dll
2010-08-06 10:02:07 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-08-06 10:02:07 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-08-06 10:02:07 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-08-06 10:02:07 ----A---- C:\Windows\system32\RMActivate.exe
2010-08-06 10:02:06 ----A---- C:\Windows\system32\kernel32.dll
2010-08-06 10:02:06 ----A---- C:\Windows\system32\apphelp.dll
2010-08-06 10:02:05 ----A---- C:\Windows\system32\t2embed.dll
2010-08-06 10:02:04 ----A---- C:\Windows\system32\shell32.dll
2010-08-06 10:02:02 ----A---- C:\Windows\system32\ntdll.dll
2010-08-06 10:02:02 ----A---- C:\Windows\system32\inetcomm.dll
2010-08-06 10:02:00 ----A---- C:\Windows\system32\vbscript.dll
2010-08-06 10:01:59 ----A---- C:\Windows\explorer.exe
2010-08-06 10:01:58 ----A---- C:\Windows\system32\winlogon.exe
2010-08-06 10:01:58 ----A---- C:\Windows\system32\msasn1.dll
2010-08-06 10:01:56 ----A---- C:\Windows\system32\tsbyuv.dll
2010-08-06 10:01:56 ----A---- C:\Windows\system32\quartz.dll
2010-08-06 10:01:56 ----A---- C:\Windows\system32\msyuv.dll
2010-08-06 10:01:56 ----A---- C:\Windows\system32\msvidc32.dll
2010-08-06 10:01:56 ----A---- C:\Windows\system32\msrle32.dll
2010-08-06 10:01:56 ----A---- C:\Windows\system32\mciavi32.dll
2010-08-06 10:01:56 ----A---- C:\Windows\system32\iyuv_32.dll
2010-08-06 10:01:56 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-08-06 10:01:56 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-08-06 10:01:56 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-08-06 10:01:56 ----A---- C:\Windows\system32\avifil32.dll
2010-08-06 09:58:48 ----A---- C:\Windows\system32\fontsub.dll
2010-08-06 09:58:48 ----A---- C:\Windows\system32\atmlib.dll
2010-08-06 09:58:48 ----A---- C:\Windows\system32\atmfd.dll
2010-08-06 09:51:14 ----A---- C:\Windows\system32\wintrust.dll
2010-08-06 09:51:07 ----A---- C:\Windows\system32\cabview.dll
2010-08-06 09:50:02 ----D---- C:\Users\Maminka\AppData\Roaming\Identities
2010-08-06 09:49:45 ----SD---- C:\Users\Maminka\AppData\Roaming\Microsoft
2010-08-06 09:49:45 ----D---- C:\Users\Maminka\AppData\Roaming\Media Center Programs
2010-08-06 09:49:21 ----SHD---- C:\Recovery
2010-08-06 09:49:20 ----SHD---- C:\ProgramData\Šablony
2010-08-06 09:49:20 ----SHD---- C:\ProgramData\Nabídka Start
2010-08-06 09:49:19 ----SHD---- C:\ProgramData\Plocha
2010-08-06 09:49:19 ----SHD---- C:\ProgramData\Oblíbené položky
2010-08-06 09:49:19 ----SHD---- C:\ProgramData\Dokumenty
2010-08-06 09:49:19 ----SHD---- C:\ProgramData\Data aplikací
2010-08-06 09:44:47 ----D---- C:\Windows\SoftwareDistribution
2010-08-06 09:42:03 ----D---- C:\Windows\Prefetch
2010-08-06 09:41:42 ----ASH---- C:\pagefile.sys
2010-08-06 09:41:37 ----SHD---- C:\System Volume Information
2010-08-06 09:41:37 ----ASH---- C:\hiberfil.sys

======List of files/folders modified in the last 1 months======

2010-08-17 10:04:44 ----RD---- C:\Program Files
2010-08-17 09:15:34 ----D---- C:\Windows\system32\config
2010-08-17 09:09:49 ----D---- C:\Windows\Temp
2010-08-17 08:58:24 ----D---- C:\Windows\System32
2010-08-17 08:58:24 ----D---- C:\Windows\inf
2010-08-16 19:05:17 ----D---- C:\Windows\system32\drivers
2010-08-16 19:05:15 ----D---- C:\Windows\system32\DriverStore
2010-08-16 19:05:15 ----D---- C:\Windows\system32\catroot
2010-08-16 11:53:36 ----D---- C:\Windows\winsxs
2010-08-13 15:46:57 ----D---- C:\Windows\system32\wdi
2010-08-11 20:08:52 ----D---- C:\Windows\system32\NDF
2010-08-11 19:06:30 ----D---- C:\Windows\Microsoft.NET
2010-08-11 19:06:29 ----RSD---- C:\Windows\assembly
2010-08-11 19:00:16 ----D---- C:\Windows\system32\migration
2010-08-11 19:00:16 ----D---- C:\Program Files\Internet Explorer
2010-08-11 13:53:54 ----D---- C:\Windows\system32\catroot2
2010-08-10 12:44:11 ----SD---- C:\ProgramData\Microsoft
2010-08-09 20:03:23 ----D---- C:\Windows
2010-08-09 20:01:12 ----HD---- C:\ProgramData
2010-08-09 09:30:38 ----D---- C:\Windows\system32\drivers\UMDF
2010-08-06 12:58:10 ----RSD---- C:\Windows\Fonts
2010-08-06 12:58:03 ----D---- C:\Program Files\Common Files\microsoft shared
2010-08-06 12:54:07 ----A---- C:\Windows\win.ini
2010-08-06 12:26:33 ----D---- C:\Windows\system32\Tasks
2010-08-06 12:26:07 ----D---- C:\Program Files\Common Files
2010-08-06 12:14:38 ----D---- C:\Windows\ShellNew
2010-08-06 12:14:26 ----D---- C:\Program Files\Common Files\System
2010-08-06 12:00:19 ----D---- C:\Windows\rescache
2010-08-06 11:55:34 ----D---- C:\Windows\Logs
2010-08-06 11:14:14 ----A---- C:\Windows\system32\WdfCoinstaller01001.dll
2010-08-06 11:14:14 ----A---- C:\Windows\system32\Vxdif.dll
2010-08-06 11:13:36 ----A---- C:\Windows\system32\nvraiins.dll
2010-08-06 11:13:36 ----A---- C:\Windows\system32\nvraidco.dll
2010-08-06 10:56:41 ----D---- C:\Windows\system32\cs-CZ
2010-08-06 10:56:41 ----D---- C:\Program Files\Windows Mail
2010-08-06 10:56:40 ----D---- C:\Windows\system32\Boot
2010-08-06 10:56:40 ----D---- C:\Program Files\Windows Media Player
2010-08-06 10:56:38 ----D---- C:\Windows\ehome
2010-08-06 10:56:37 ----D---- C:\Windows\AppPatch
2010-08-06 10:52:34 ----D---- C:\Windows\debug
2010-08-06 10:45:15 ----D---- C:\Windows\Downloaded Program Files
2010-08-06 10:35:49 ----D---- C:\Windows\Help
2010-08-06 10:24:03 ----D---- C:\Windows\Tasks
2010-08-06 10:04:24 ----D---- C:\Windows\system32\CodeIntegrity
2010-08-06 10:00:16 ----D---- C:\Windows\system32\wbem
2010-08-06 09:52:10 ----D---- C:\Windows\twain_32
2010-08-06 09:51:16 ----D---- C:\Windows\system32\restore
2010-08-06 09:49:59 ----SHD---- C:\$Recycle.Bin
2010-08-06 09:49:42 ----RD---- C:\Users
2010-08-06 09:49:20 ----D---- C:\Program Files\Windows NT
2010-08-06 09:45:34 ----D---- C:\Windows\system32\sysprep
2010-08-06 09:42:35 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2007-08-09 110624]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2010-08-06 18688]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-08-06 140800]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2009-07-14 18432]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2007-07-31 7680]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-11-18 1040544]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-05-05 1095808]
R3 SynMini;USB2.0 1.3M Web Cam; C:\Windows\System32\Drivers\SynMini.sys [2006-04-19 899712]
R3 SynScan;USB2.0 1.3M Web Cam Still Image; C:\Windows\System32\Drivers\SynScan.sys [2006-04-19 9216]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-05 94208]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-01-30 203296]
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-12 1488128]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2006-12-28 123248]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-01-12 185640]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-08-06 1343400]

-----------------EOF-----------------

CZDaywalker · #4 Příspěvek od **CZDaywalker** » 17 srp 2010 10:12

Logfile of random's system information tool 1.08 (written by random/random)
Run by Jakub at 2010-08-17 11:07:38
Microsoft Windows 7 Ultimate
System drive C: has 73 GB (73%) free of 100 GB
Total RAM: 3068 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:07:56, on 17.8.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\QIP\qip.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
D:\Nová složka\RSIT.exe
C:\Program Files\trend micro\Jakub.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP 2010\qip.exe" /autorun
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files\WebcamMax\WebcamMax.exe" -a
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 6894 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-54245323-3427487984-2244985606-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-54245323-3427487984-2244985606-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-10-27 1196936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-10-27 1196936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-20 7625248]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-23 13797920]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-12 2524416]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2009-03-15 180224]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2010-07-15 136176]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Infium"=C:\Program Files\QIP 2010\qip.exe [2010-07-28 5841360]
"WebcamMaxAutoRun"=C:\Program Files\WebcamMax\WebcamMax.exe [2010-01-27 6038672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-17 11:07:39 ----D---- C:\Program Files\trend micro
2010-08-17 11:07:38 ----D---- C:\rsit
2010-08-16 20:50:26 ----A---- C:\Windows\system32\drivers\appdrv01.sys
2010-08-16 20:50:25 ----A---- C:\Windows\system32\appdrvrem01.exe
2010-08-15 14:22:23 ----D---- C:\ProgramData\Blizzard Entertainment
2010-08-15 14:22:23 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-08-14 14:12:19 ----D---- C:\Users\Jakub\AppData\Roaming\IrfanView
2010-08-14 14:12:19 ----D---- C:\Program Files\IrfanView
2010-08-14 13:57:27 ----D---- C:\Program Files\Bonjour
2010-08-13 19:10:28 ----D---- C:\Program Files\Ask.com
2010-08-13 19:10:21 ----D---- C:\Users\Jakub\AppData\Roaming\WebcamMax
2010-08-13 19:10:21 ----D---- C:\ProgramData\WebcamMax
2010-08-13 18:35:51 ----D---- C:\Program Files\WebcamMax
2010-08-11 11:55:38 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-11 11:55:30 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-11 11:55:30 ----A---- C:\Windows\system32\iccvid.dll
2010-08-11 11:55:27 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 11:55:25 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 11:55:25 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-11 11:55:24 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-11 11:55:24 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-11 11:55:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 11:55:22 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-11 11:55:19 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 11:55:18 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 11:55:18 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 11:55:18 ----A---- C:\Windows\system32\mstime.dll
2010-08-11 11:55:18 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 11:55:18 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 11:55:18 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-11 11:55:17 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-11 11:55:17 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-11 11:55:17 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-11 11:55:17 ----A---- C:\Windows\system32\ieui.dll
2010-08-11 11:55:12 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 11:55:12 ----A---- C:\Windows\system32\schannel.dll
2010-08-07 12:22:05 ----D---- C:\ProgramData\Electronic Arts
2010-08-07 12:07:17 ----D---- C:\Windows\system32\AGEIA
2010-08-07 12:07:17 ----D---- C:\Program Files\AGEIA Technologies
2010-08-04 22:26:36 ----D---- C:\Program Files\Microsoft Silverlight
2010-08-04 12:03:08 ----D---- C:\Users\Jakub\AppData\Roaming\Ubisoft
2010-08-04 12:03:08 ----D---- C:\ProgramData\Ubisoft
2010-08-04 10:56:06 ----D---- C:\Program Files\Ubisoft
2010-08-04 10:55:21 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-08-04 10:55:21 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-08-04 10:55:21 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-08-04 10:55:21 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-08-04 10:55:20 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-08-04 10:55:20 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-08-04 10:55:20 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-08-04 10:55:19 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-08-04 10:55:17 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-08-04 10:55:17 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-08-04 10:55:17 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-08-04 10:55:17 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-08-04 10:55:17 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-08-04 10:55:17 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-08-04 10:55:17 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-08-03 11:02:46 ----A---- C:\Windows\system32\shell32.dll
2010-08-01 23:20:57 ----D---- C:\Program Files\DirectVobSub
2010-07-30 01:50:39 ----D---- C:\Program Files\QIP 2010
2010-07-29 21:15:59 ----D---- C:\Nová složka
2010-07-29 20:57:56 ----HD---- C:\ProgramData\CanonBJ
2010-07-29 20:56:50 ----A---- C:\Windows\system32\CNMLM9I.DLL
2010-07-28 20:57:11 ----D---- C:\Program Files\The KMPlayer
2010-07-27 12:13:12 ----D---- C:\Program Files\Google
2010-07-25 02:06:46 ----D---- C:\Users\Jakub\AppData\Roaming\dvdcss
2010-07-21 18:15:43 ----D---- C:\Users\Jakub\AppData\Roaming\gtk-2.0
2010-07-21 17:48:06 ----D---- C:\Program Files\GIMP-2.0
2010-07-20 01:05:43 ----D---- C:\Users\Jakub\AppData\Roaming\TeamViewer

======List of files/folders modified in the last 1 months======

2010-08-17 11:07:49 ----D---- C:\Windows\Prefetch
2010-08-17 11:07:39 ----RD---- C:\Program Files
2010-08-17 09:27:57 ----D---- C:\Windows\system32\config
2010-08-17 09:00:27 ----D---- C:\Users\Jakub\AppData\Roaming\Skype
2010-08-17 08:52:11 ----D---- C:\Windows\Temp
2010-08-17 08:51:02 ----SHD---- C:\System Volume Information
2010-08-17 08:44:24 ----D---- C:\Windows\System32
2010-08-17 08:44:24 ----D---- C:\Windows\inf
2010-08-17 08:44:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-17 08:39:59 ----D---- C:\Users\Jakub\AppData\Roaming\skypePM
2010-08-16 18:50:26 ----D---- C:\Windows\system32\drivers
2010-08-16 18:38:06 ----RSD---- C:\Windows\assembly
2010-08-15 18:57:02 ----D---- C:\Windows\system32\NDF
2010-08-15 14:34:44 ----HD---- C:\ProgramData
2010-08-15 14:34:44 ----D---- C:\Program Files\Common Files
2010-08-14 14:02:24 ----D---- C:\Users\Jakub\AppData\Roaming\Adobe
2010-08-14 13:58:39 ----SHD---- C:\Windows\Installer
2010-08-14 13:58:07 ----D---- C:\Program Files\Adobe
2010-08-14 13:57:27 ----D---- C:\Program Files\Common Files\Adobe
2010-08-14 13:53:53 ----D---- C:\Windows\winsxs
2010-08-14 13:02:26 ----D---- C:\Windows\system32\catroot2
2010-08-13 19:10:30 ----D---- C:\Windows\system32\Tasks
2010-08-12 03:39:06 ----D---- C:\Windows\Microsoft.NET
2010-08-12 03:26:54 ----D---- C:\Windows\system32\migration
2010-08-12 03:26:54 ----D---- C:\Program Files\Internet Explorer
2010-08-12 03:09:48 ----D---- C:\ProgramData\Microsoft Help
2010-08-11 11:55:09 ----D---- C:\Windows\system32\catroot
2010-08-08 22:43:48 ----D---- C:\Program Files\Everest Ultimate
2010-08-07 15:14:32 ----D---- C:\Windows\Tasks
2010-08-07 12:07:21 ----D---- C:\Windows
2010-08-07 12:07:09 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-04 22:26:42 ----SD---- C:\ProgramData\Microsoft
2010-08-04 12:08:22 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-04 10:55:44 ----D---- C:\Program Files\Common Files\microsoft shared
2010-08-03 20:09:31 ----A---- C:\Windows\system32\MRT.exe
2010-08-01 21:30:13 ----D---- C:\Users\Jakub\AppData\Roaming\vlc
2010-07-29 20:57:32 ----D---- C:\Windows\system32\DriverStore
2010-07-29 20:57:07 ----RSD---- C:\Windows\Media
2010-07-29 20:56:46 ----D---- C:\Windows\twain_32
2010-07-25 11:20:33 ----D---- C:\Windows\system32\wdi
2010-07-21 16:26:41 ----SD---- C:\Users\Jakub\AppData\Roaming\Microsoft
2010-07-21 16:17:00 ----D---- C:\Windows\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2009-08-04 213024]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-16 691696]
R1 appdrv01;Application Driver (01); C:\Windows\System32\Drivers\appdrv01.sys [2010-08-16 2915944]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-20 2664032]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-14 116064]
R3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2010-02-09 722720]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-06-27 66080]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2009-07-30 287392]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2009-07-14 1068032]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 a1tp0tj3;a1tp0tj3; C:\Windows\system32\drivers\a1tp0tj3.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-08-10 387616]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-08-10 178720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488]
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-12 1488128]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
S2 appdrvrem01;Application Driver Auto Removal Service (01); C:\Windows\System32\appdrvrem01.exe [2010-08-16 304528]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-07 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-15 655624]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-15 1343400]

-----------------EOF-----------------

CZDaywalker · #5 Příspěvek od **CZDaywalker** » 20 srp 2010 06:02

#6 Příspěvek od **motji** » 20 srp 2010 21:46

Dobrý večer

3 logy naráz je strašně nepřehledné, mohla bych Vás poprosit, můžeme v tomto topicu řešit 1. log a na ty další založte nový topic. Označte ho log 2 a log 3 a pro Motji.
Děkuji

Na všech pc rovnou spusťte mbam

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

CZDaywalker · #7 Příspěvek od **CZDaywalker** » 23 srp 2010 19:21

MBAM nic nenasel.

Log neni

#8 Příspěvek od **motji** » 23 srp 2010 19:42

Jste si jistý, že to není chyba poskytovatele?
jestli to dobře chápu, tak Vám vypadává net na všech třech počítačích?

CZDaywalker · #9 Příspěvek od **CZDaywalker** » 23 srp 2010 21:28

Chci právě vyloučit HW chybu.

Jestli to není jen routerem nebo něčím ve W7.

#10 Příspěvek od **motji** » 23 srp 2010 21:40

Kolik máte doma počítačů? Ty tři? Viry můžeme zkusit vyloučit, ale skoro bych to tipla na ten router.

CZDaywalker · #11 Příspěvek od **CZDaywalker** » 24 srp 2010 20:10

Ano, Tri notebooky a jeden router.

Začalo to dělat v poslední době, tak nevím, čim to je.

#12 Příspěvek od **motji** » 24 srp 2010 20:18

Máte možnost připojit notebook k netu bez routeru?

Ale pro jistotu udělejte ještě combofix.

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

CZDaywalker · #13 Příspěvek od **CZDaywalker** » 25 srp 2010 10:38

Ano, mohu se připojit i bez routeru, ale jen na jedno zařízení.

Log dám večer.

#14 Příspěvek od **motji** » 25 srp 2010 23:09

Když se připojíte přímo z jednoho počítače, tak to jede ok, nebo jsou stejné problémy?

CZDaywalker · #15 Příspěvek od **CZDaywalker** » 26 zář 2010 12:50

Omlouvám se, ale neměl jsem teď na řešení čas.

Zatím to vypadá dobře, počkám ještě pár dní a kdyžtak to můžeme pak amknout.

VIRY.CZ

Výpadky Internetu, zpomalení - PC1

Výpadky Internetu, zpomalení - PC1

Re: Výpadky Internetu, zpomalení - PC1

Re: Výpadky Internetu, zpomalení

Re: Výpadky Internetu, zpomalení

Re: Výpadky Internetu, zpomalení

Re: Výpadky Internetu, zpomalení

Re: Výpadky Internetu, zpomalení - PC1

Re: Výpadky Internetu, zpomalení - PC1

Re: Výpadky Internetu, zpomalení - PC1

Re: Výpadky Internetu, zpomalení - PC1

Re: Výpadky Internetu, zpomalení - PC1

Re: Výpadky Internetu, zpomalení - PC1

Re: Výpadky Internetu, zpomalení - PC1

Re: Výpadky Internetu, zpomalení - PC1

Re: Výpadky Internetu, zpomalení - PC1