Pomalé PC

[cappie]

Dobrý deň, mohol by sa mi niekto pozrieť na toto pc, je dosť spomalené, vopred ďakujem

Logfile of random's system information tool 1.08 (written by random/random)
Run by Admin at 2010-09-04 13:54:47
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 66 GB (84%) free of 79 GB
Total RAM: 247 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:54:55, on 4.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\MSTMON_N.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Documents and Settings\Admin\Desktop\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.0.1:3128
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KONICA MINOLTA PagePro 1300WStatusDisplay] C:\WINDOWS\System32\MSTMON_N.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 5394403171
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 5051 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-06-19 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-20 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\System32\igfxtray.exe [2003-04-06 155648]
"HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2003-04-06 114688]
"KONICA MINOLTA PagePro 1300WStatusDisplay"=C:\WINDOWS\System32\MSTMON_N.EXE [2004-04-13 151552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2010-08-20 133432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Admin^Start Menu^Programs^Startup^OpenOffice.org 1.1.0.lnk]
C:\PROGRA~1\OPENOF~1.0\program\QUICKS~1.EXE [2003-10-06 61532]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
C:\PROGRA~1\WINDOW~4\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-04-06 315392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-09-04 12:08:23 ----D---- C:\WINDOWS\LastGood
2010-08-22 14:57:03 ----SHD---- C:\RECYCLER
2010-08-22 14:47:12 ----D---- C:\WINDOWS\temp
2010-08-22 14:47:10 ----A---- C:\ComboFix.txt
2010-08-22 14:33:05 ----A---- C:\Boot.bak
2010-08-22 14:32:55 ----RASHD---- C:\cmdcons
2010-08-22 14:31:28 ----D---- C:\WINDOWS\ERDNT
2010-08-21 20:56:47 ----D---- C:\Program Files\Microsoft.NET
2010-08-21 20:53:14 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2010-08-21 20:53:12 ----D---- C:\WINDOWS\system32\winrm
2010-08-21 20:53:01 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2010-08-21 20:49:45 ----D---- C:\Program Files\Microsoft Silverlight
2010-08-21 20:46:24 ----D---- C:\Documents and Settings\Admin\Application Data\Windows Desktop Search
2010-08-21 20:45:12 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-08-21 14:30:13 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2010-08-21 14:30:07 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-08-21 14:27:28 ----D---- C:\Documents and Settings\Admin\Application Data\TuneUp Software
2010-08-21 14:25:34 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-08-21 14:22:51 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2010-08-21 14:18:07 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-08-21 14:11:42 ----D---- C:\Documents and Settings\Admin\Application Data\WinRAR
2010-08-21 12:24:20 ----A---- C:\WINDOWS\system32\muweb.dll
2010-08-21 12:24:20 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-08-21 12:24:19 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-08-20 21:55:38 ----D---- C:\Program Files\trend micro
2010-08-20 21:55:32 ----D---- C:\rsit
2010-08-20 21:49:57 ----D---- C:\Documents and Settings\Admin\Application Data\Skype
2010-08-20 21:48:40 ----D---- C:\Program Files\Common Files\Skype
2010-08-20 21:48:26 ----RD---- C:\Program Files\Skype
2010-08-20 21:47:41 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-08-20 21:39:56 ----D---- C:\Program Files\ICQ7.2
2010-08-20 21:33:22 ----D---- C:\Program Files\Microsoft
2010-08-20 21:32:53 ----D---- C:\Program Files\Windows Live SkyDrive
2010-08-20 21:32:13 ----D---- C:\Program Files\Windows Live
2010-08-20 21:29:19 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-08-20 21:28:40 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-08-20 21:27:06 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-08-20 21:26:44 ----D---- C:\Program Files\Windows Media Connect 2
2010-08-20 21:21:52 ----D---- C:\WINDOWS\system32\LogFiles
2010-08-20 21:21:52 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-08-20 21:21:27 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-08-20 21:16:55 ----D---- C:\Program Files\QuickTime
2010-08-20 21:16:47 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-08-20 21:11:36 ----D---- C:\Program Files\Common Files\Apple
2010-08-20 21:10:14 ----D---- C:\Program Files\Apple Software Update
2010-08-20 21:10:11 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2010-08-20 21:03:10 ----D---- C:\Program Files\Common Files\Windows Live
2010-08-20 20:59:52 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-08-20 20:36:32 ----D---- C:\Program Files\CCleaner
2010-08-20 20:34:32 ----D---- C:\Program Files\FileHippo.com
2010-08-20 20:29:44 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-08-20 20:29:36 ----D---- C:\Program Files\Common Files\Java
2010-08-20 20:28:24 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-08-20 20:28:23 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-20 20:28:23 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-20 20:28:22 ----A---- C:\WINDOWS\system32\java.exe
2010-08-20 20:26:50 ----D---- C:\Program Files\Java
2010-08-20 20:25:13 ----D---- C:\Documents and Settings\Admin\Application Data\Sun
2010-08-20 20:22:50 ----D---- C:\WINDOWS\pss
2010-08-20 20:10:49 ----D---- C:\Documents and Settings\Admin\Application Data\ESET
2010-08-20 20:06:04 ----D---- C:\Program Files\WinRAR

======List of files/folders modified in the last 1 months======

2010-09-04 13:53:34 ----D---- C:\WINDOWS\Prefetch
2010-09-04 12:09:32 ----SHD---- C:\WINDOWS\Installer
2010-09-04 12:08:54 ----D---- C:\WINDOWS\system32\drivers
2010-09-04 12:08:53 ----HD---- C:\WINDOWS\inf
2010-09-04 12:08:23 ----D---- C:\WINDOWS
2010-09-04 12:08:21 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-04 12:07:21 ----D---- C:\Program Files\ESET
2010-09-04 11:34:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-04 11:20:07 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-08-24 18:47:00 ----D---- C:\Program Files\E-Poradca August 2007
2010-08-24 18:46:59 ----AC---- C:\WINDOWS\eporadca_0708.ini
2010-08-24 18:42:07 ----D---- C:\Program Files\E-Poradca Marec 2009
2010-08-24 18:42:01 ----AC---- C:\WINDOWS\eporadca_0902.ini
2010-08-24 16:04:00 ----D---- C:\Program Files\OLYMP
2010-08-24 15:00:14 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-24 15:00:11 ----RSD---- C:\WINDOWS\assembly
2010-08-22 15:12:38 ----RASH---- C:\boot.ini
2010-08-22 15:03:56 ----D---- C:\Program Files\Windows Desktop Search
2010-08-22 15:00:58 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-22 15:00:38 ----D---- C:\WINDOWS\system32
2010-08-22 14:56:17 ----SHD---- C:\System Volume Information
2010-08-22 14:56:17 ----D---- C:\WINDOWS\system32\Restore
2010-08-22 14:43:42 ----N---- C:\WINDOWS\system.ini
2010-08-22 14:43:31 ----D---- C:\WINDOWS\system32\drivers\etc
2010-08-22 14:39:32 ----D---- C:\WINDOWS\AppPatch
2010-08-22 14:39:30 ----D---- C:\Program Files\Common Files
2010-08-21 22:07:29 ----D---- C:\WINDOWS\system32\config
2010-08-21 21:23:38 ----D---- C:\Program Files\OpenOffice.org1.1.0
2010-08-21 21:06:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-21 21:06:41 ----D---- C:\Program Files\Internet Explorer
2010-08-21 21:06:34 ----D---- C:\WINDOWS\ie8updates
2010-08-21 21:06:22 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-21 21:05:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-21 21:00:16 ----D---- C:\WINDOWS\security
2010-08-21 20:58:23 ----D---- C:\WINDOWS\WinSxS
2010-08-21 20:57:10 ----D---- C:\WINDOWS\system32\en-us
2010-08-21 20:56:47 ----RD---- C:\Program Files
2010-08-21 20:53:22 ----D---- C:\WINDOWS\Help
2010-08-21 20:53:12 ----D---- C:\WINDOWS\system32\wbem
2010-08-21 20:51:01 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-08-21 14:58:31 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-08-20 21:41:40 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-20 21:41:23 ----D---- C:\Documents and Settings\Admin\Application Data\ICQ
2010-08-20 21:33:01 ----SD---- C:\Documents and Settings\Admin\Application Data\Microsoft
2010-08-20 21:33:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-08-20 21:32:23 ----RSD---- C:\WINDOWS\Fonts
2010-08-20 21:27:17 ----N---- C:\WINDOWS\win.ini
2010-08-20 21:26:42 ----D---- C:\Program Files\Windows Media Player
2010-08-20 21:10:39 ----SD---- C:\WINDOWS\Tasks
2010-08-20 21:07:55 ----D---- C:\Program Files\Mozilla Firefox
2010-08-20 21:03:54 ----D---- C:\Program Files\IrfanView
2010-08-20 21:00:51 ----D---- C:\Program Files\Common Files\Adobe
2010-08-20 20:59:07 ----D---- C:\Program Files\Adobe
2010-08-20 20:51:23 ----D---- C:\WINDOWS\Debug
2010-08-20 20:51:20 ----D---- C:\WINDOWS\Minidump
2010-08-14 10:33:54 ----D---- C:\Program Files\Movie Maker
2010-08-08 23:37:08 ----A---- C:\WINDOWS\TextSpy.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2008-02-10 51072]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 irda;IrDA Protocol; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 MLPTDR_N;MLPTDR_N; \??\C:\WINDOWS\System32\MLPTDR_N.SYS []
R2 SetupNT;SetupNT; C:\WINDOWS\system32\SetupNT.sys [2000-10-25 3000]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-04-15 90907]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 catchme;catchme; \??\C:\DOCUME~1\Admin\LOCALS~1\Temp\catchme.sys []
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\System32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 Irmon;Infrared Monitor; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-08-20 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-08-21 435016]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

-----------------EOF-----------------

[Caroprd111]

Ahoj,

vlož mi sem log C:\ComboFix.txt


Nedoporučuji používat ComboFix z vlastní iniciativy, může dojít k poškození systému!

[cappie]

ComboFix 10-08-21.06 - Admin 22.08.2010 14:35:22.1.1 - x86 NETWORK
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.247.136 [GMT 2:00]
Running from: c:\documents and settings\Admin\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\winhelp.ini

.
((((((((((((((((((((((((( Files Created from 2010-07-22 to 2010-08-22 )))))))))))))))))))))))))))))))
.

2010-08-21 18:56 . 2010-08-21 18:56 -------- d-----w- c:\program files\Microsoft.NET
2010-08-21 18:53 . 2010-08-21 18:53 -------- d-----w- c:\windows\system32\winrm
2010-08-21 18:53 . 2010-08-21 18:53 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2010-08-21 18:49 . 2010-08-21 18:49 -------- d-----w- c:\program files\Microsoft Silverlight
2010-08-21 18:46 . 2010-08-21 18:46 -------- d-----w- c:\documents and settings\Admin\Application Data\Windows Desktop Search
2010-08-21 12:36 . 2010-08-21 12:36 -------- d-----w- c:\documents and settings\All Users\Data aplikací
2010-08-21 12:30 . 2010-05-07 16:06 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-08-21 12:30 . 2010-05-07 16:01 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-08-21 12:27 . 2010-08-21 12:27 -------- d-----w- c:\documents and settings\Admin\Application Data\TuneUp Software
2010-08-21 12:25 . 2010-08-21 12:30 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-08-21 12:22 . 2010-08-21 12:25 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2010-08-21 12:18 . 2010-08-21 12:18 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-08-21 10:24 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-08-21 10:24 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-08-20 19:55 . 2010-08-20 20:02 -------- d-----w- c:\program files\trend micro
2010-08-20 19:55 . 2010-08-20 19:56 -------- d-----w- C:\rsit
2010-08-20 19:49 . 2010-08-20 19:50 -------- d-----w- c:\documents and settings\Admin\Application Data\Skype
2010-08-20 19:48 . 2010-08-20 19:48 -------- d-----w- c:\program files\Common Files\Skype
2010-08-20 19:48 . 2010-08-21 09:22 -------- d-----r- c:\program files\Skype
2010-08-20 19:47 . 2010-08-20 19:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-08-20 19:40 . 2010-08-20 19:40 -------- d-----w- c:\documents and settings\Admin\Local Settings\Application Data\AOL
2010-08-20 19:39 . 2010-08-20 19:42 -------- d-----w- c:\program files\ICQ7.2
2010-08-20 19:36 . 2010-08-20 19:36 -------- d-----w- c:\documents and settings\Admin\Tracing
2010-08-20 19:33 . 2010-08-20 19:33 -------- d-----w- c:\program files\Microsoft
2010-08-20 19:32 . 2010-08-20 19:32 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-08-20 19:32 . 2010-08-20 19:33 -------- d-----w- c:\program files\Windows Live
2010-08-20 19:30 . 2008-04-14 00:12 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-08-20 19:27 . 2004-08-04 07:56 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-08-20 19:26 . 2010-08-20 19:26 -------- d-----w- c:\program files\Windows Media Connect 2
2010-08-20 19:21 . 2010-08-20 20:07 -------- d-----w- c:\windows\system32\LogFiles
2010-08-20 19:21 . 2010-08-20 19:23 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-08-20 19:16 . 2010-08-20 19:18 -------- d-----w- c:\program files\QuickTime
2010-08-20 19:16 . 2010-08-20 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-08-20 19:11 . 2010-08-20 19:11 -------- d-----w- c:\program files\Common Files\Apple
2010-08-20 19:10 . 2010-08-20 19:10 -------- d-----w- c:\program files\Apple Software Update
2010-08-20 19:10 . 2010-08-20 19:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-08-20 19:03 . 2010-08-20 19:03 -------- d-----w- c:\program files\Common Files\Windows Live
2010-08-20 18:56 . 2010-08-20 19:02 -------- d-----w- c:\documents and settings\Admin\Local Settings\Application Data\Adobe
2010-08-20 18:54 . 2010-08-20 18:54 79944 ----a-w- C:\cc_20100820_205349.reg
2010-08-20 18:37 . 2010-08-20 18:37 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-08-20 18:36 . 2010-08-20 18:36 -------- d-----w- c:\program files\CCleaner
2010-08-20 18:34 . 2010-08-20 18:34 -------- d-----w- c:\program files\FileHippo.com
2010-08-20 18:29 . 2010-08-20 18:29 503808 ----a-w- c:\documents and settings\Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-725a9e45-n\msvcp71.dll
2010-08-20 18:29 . 2010-08-20 18:29 499712 ----a-w- c:\documents and settings\Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-725a9e45-n\jmc.dll
2010-08-20 18:29 . 2010-08-20 18:29 12800 ----a-w- c:\documents and settings\Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4346b38b-n\decora-d3d.dll
2010-08-20 18:29 . 2010-08-20 18:29 61440 ----a-w- c:\documents and settings\Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4346b38b-n\decora-sse.dll
2010-08-20 18:29 . 2010-08-20 18:29 348160 ----a-w- c:\documents and settings\Admin\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-725a9e45-n\msvcr71.dll
2010-08-20 18:29 . 2010-08-20 18:29 -------- d-----w- c:\program files\Common Files\Java
2010-08-20 18:28 . 2010-08-20 18:27 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-20 18:26 . 2010-08-20 18:26 -------- d-----w- c:\program files\Java
2010-08-20 18:10 . 2010-08-20 18:10 -------- d-----w- c:\documents and settings\Admin\Local Settings\Application Data\ESET
2010-08-20 18:10 . 2010-08-20 18:10 -------- d-----w- c:\documents and settings\Admin\Application Data\ESET
2010-08-20 18:10 . 2010-08-20 18:10 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2010-08-03 11:28 . 2010-08-03 11:28 55256 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2010-07-29 11:31 . 2010-07-29 11:31 32608 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-07-29 11:31 . 2010-07-29 11:31 134512 ----a-w- c:\windows\system32\drivers\epfw.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-21 19:23 . 2005-05-08 13:19 -------- d-----w- c:\program files\OpenOffice.org1.1.0
2010-08-21 18:45 . 2009-08-20 13:58 -------- d-----w- c:\program files\Windows Desktop Search
2010-08-20 19:41 . 2005-04-28 11:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-20 19:41 . 2009-08-19 15:37 -------- d-----w- c:\documents and settings\Admin\Application Data\ICQ
2010-08-20 19:34 . 2005-05-02 18:35 21744 ----a-w- c:\documents and settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-20 19:03 . 2005-05-06 11:48 -------- d-----w- c:\program files\IrfanView
2010-08-20 19:00 . 2005-05-06 10:52 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-20 18:17 . 2005-05-05 15:21 -------- d-----w- c:\program files\ESET
2010-08-04 09:50 . 2009-05-14 13:41 140752 ----a-w- c:\windows\system32\drivers\eamon.sys
2010-07-29 11:31 . 2009-05-14 13:47 115008 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-06-30 12:31 . 2003-03-31 12:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:22 . 2006-06-23 09:33 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 13:44 . 2003-03-31 12:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2003-03-31 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2003-03-31 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2005-04-28 10:55 744448 ----a-w- c:\windows\PCHealth\HelpCtr\Binaries\helpsvc.exe
2010-06-14 07:41 . 2006-09-13 05:09 1172480 ----a-w- c:\windows\system32\msxml3.dll
2005-05-06 18:34 . 2005-05-06 15:22 352 -c--a-w- c:\program files\res_data.dat
2005-05-06 16:21 . 2005-05-06 16:21 1710 ----a-w- c:\program files\Fellowship.cfg
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2003-04-06 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-04-06 114688]
"KONICA MINOLTA PagePro 1300WStatusDisplay"="c:\windows\System32\MSTMON_N.EXE" [2004-04-13 151552]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-08-10 421888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Update ESET's license.lnk - c:\program files\ESET\MiNODLogin\MiNODLogin.exe [2010-7-1 125952]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

[HKLM\~\startupfolder\C:^Documents and Settings^Admin^Start Menu^Programs^Startup^OpenOffice.org 1.1.0.lnk]
path=c:\documents and settings\Admin\Start Menu\Programs\Startup\OpenOffice.org 1.1.0.lnk
backup=c:\windows\pss\OpenOffice.org 1.1.0.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-08-20 19:40 133432 ----a-w- c:\program files\ICQ7.2\ICQ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
2003-08-19 14:43 57344 ----a-w- c:\program files\Lexmark X1100 Series\lxbkbmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2010-05-13 14:12 26192168 ----a-r- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\egui.exe"=
"c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\SysInspector.exe"=
"c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\SysRescue.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

S1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 115008]
S2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [24.7.2006 20:47 51072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.8.2010 14:16 810144]
S2 MLPTDR_N;MLPTDR_N;c:\windows\system32\MLPTDR_N.SYS [18.7.2003 2:44 18848]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [7.5.2010 18:04 1051976]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [25.2.2010 11:18 10064]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [31.3.2003 14:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-08-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyServer = 10.0.0.1:3128
uInternet Settings,ProxyOverride = <local>
FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\60h2wehl.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Cmaudio - cmicnfg.cpl



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-22 14:43
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2010-08-22 14:47:09
ComboFix-quarantined-files.txt 2010-08-22 12:47

Pre-Run: 68 904 816 640 bytes free
Post-Run: 69 130 272 768 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - 10701C28458F6EF8777B14B50E98742B

[Caroprd111]

Podle pravidel fóra se zde nelegálním softwarem nezabýváme (nelegální programy představují bezpečnostní hrozbu).
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte nový log z RSIT a log z CKScanner.

Vyberte si třeba free Aviru nebo Avast + nějaký firewall (doporučuji ZoneAlarm) http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe

• Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
• Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.

[cappie]

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11
----- EOF -----

Logfile of random's system information tool 1.08 (written by random/random)
Run by Admin at 2010-09-04 17:28:10
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 66 GB (84%) free of 79 GB
Total RAM: 247 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:28:41, on 4.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\MSTMON_N.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Documents and Settings\Admin\Desktop\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.0.1:3128
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [KONICA MINOLTA PagePro 1300WStatusDisplay] C:\WINDOWS\System32\MSTMON_N.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 5394403171
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 5188 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-06-19 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-20 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\System32\igfxtray.exe [2003-04-06 155648]
"HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2003-04-06 114688]
"KONICA MINOLTA PagePro 1300WStatusDisplay"=C:\WINDOWS\System32\MSTMON_N.EXE [2004-04-13 151552]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2010-08-20 133432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Admin^Start Menu^Programs^Startup^OpenOffice.org 1.1.0.lnk]
C:\PROGRA~1\OPENOF~1.0\program\QUICKS~1.EXE [2003-10-06 61532]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
C:\PROGRA~1\WINDOW~4\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2003-04-06 315392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-09-04 17:07:00 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-09-04 17:06:59 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-09-04 17:06:58 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-09-04 17:06:57 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-09-04 17:06:54 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-09-04 17:06:54 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-09-04 17:06:54 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-09-04 17:06:22 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-09-04 17:06:10 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-08-22 14:57:03 ----SHD---- C:\RECYCLER
2010-08-22 14:47:12 ----D---- C:\WINDOWS\temp
2010-08-22 14:47:10 ----A---- C:\ComboFix.txt
2010-08-22 14:33:05 ----A---- C:\Boot.bak
2010-08-22 14:32:55 ----RASHD---- C:\cmdcons
2010-08-22 14:31:28 ----D---- C:\WINDOWS\ERDNT
2010-08-21 20:56:47 ----D---- C:\Program Files\Microsoft.NET
2010-08-21 20:53:14 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2010-08-21 20:53:12 ----D---- C:\WINDOWS\system32\winrm
2010-08-21 20:53:01 ----HDC---- C:\WINDOWS\$968930Uinstall_KB968930$
2010-08-21 20:49:45 ----D---- C:\Program Files\Microsoft Silverlight
2010-08-21 20:46:24 ----D---- C:\Documents and Settings\Admin\Application Data\Windows Desktop Search
2010-08-21 20:45:12 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-08-21 14:30:13 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2010-08-21 14:30:07 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-08-21 14:27:28 ----D---- C:\Documents and Settings\Admin\Application Data\TuneUp Software
2010-08-21 14:25:34 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-08-21 14:22:51 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2010-08-21 14:18:07 ----SHD---- C:\Documents and Settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-08-21 14:11:42 ----D---- C:\Documents and Settings\Admin\Application Data\WinRAR
2010-08-21 12:24:20 ----A---- C:\WINDOWS\system32\muweb.dll
2010-08-21 12:24:20 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-08-21 12:24:19 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-08-20 21:55:38 ----D---- C:\Program Files\trend micro
2010-08-20 21:55:32 ----D---- C:\rsit
2010-08-20 21:49:57 ----D---- C:\Documents and Settings\Admin\Application Data\Skype
2010-08-20 21:48:40 ----D---- C:\Program Files\Common Files\Skype
2010-08-20 21:48:26 ----RD---- C:\Program Files\Skype
2010-08-20 21:47:41 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-08-20 21:39:56 ----D---- C:\Program Files\ICQ7.2
2010-08-20 21:33:22 ----D---- C:\Program Files\Microsoft
2010-08-20 21:32:53 ----D---- C:\Program Files\Windows Live SkyDrive
2010-08-20 21:32:13 ----D---- C:\Program Files\Windows Live
2010-08-20 21:29:19 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-08-20 21:28:40 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-08-20 21:27:06 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-08-20 21:26:44 ----D---- C:\Program Files\Windows Media Connect 2
2010-08-20 21:21:52 ----D---- C:\WINDOWS\system32\LogFiles
2010-08-20 21:21:52 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-08-20 21:21:27 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-08-20 21:16:55 ----D---- C:\Program Files\QuickTime
2010-08-20 21:16:47 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-08-20 21:11:36 ----D---- C:\Program Files\Common Files\Apple
2010-08-20 21:10:14 ----D---- C:\Program Files\Apple Software Update
2010-08-20 21:10:11 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2010-08-20 21:03:10 ----D---- C:\Program Files\Common Files\Windows Live
2010-08-20 20:59:52 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-08-20 20:36:32 ----D---- C:\Program Files\CCleaner
2010-08-20 20:34:32 ----D---- C:\Program Files\FileHippo.com
2010-08-20 20:29:44 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-08-20 20:29:36 ----D---- C:\Program Files\Common Files\Java
2010-08-20 20:28:24 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-08-20 20:28:23 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-20 20:28:23 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-20 20:28:22 ----A---- C:\WINDOWS\system32\java.exe
2010-08-20 20:26:50 ----D---- C:\Program Files\Java
2010-08-20 20:25:13 ----D---- C:\Documents and Settings\Admin\Application Data\Sun
2010-08-20 20:22:50 ----D---- C:\WINDOWS\pss
2010-08-20 20:10:49 ----D---- C:\Documents and Settings\Admin\Application Data\ESET
2010-08-20 20:06:04 ----D---- C:\Program Files\WinRAR

======List of files/folders modified in the last 1 months======

2010-09-04 17:24:51 ----D---- C:\WINDOWS\Prefetch
2010-09-04 17:16:27 ----D---- C:\WINDOWS\system32
2010-09-04 17:07:00 ----D---- C:\WINDOWS\system32\drivers
2010-09-04 17:06:43 ----SHD---- C:\WINDOWS\Installer
2010-09-04 17:06:41 ----D---- C:\WINDOWS\WinSxS
2010-09-04 17:06:40 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-09-04 17:06:23 ----D---- C:\WINDOWS
2010-09-04 17:06:10 ----D---- C:\Program Files\Alwil Software
2010-09-04 16:56:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-04 16:55:30 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-09-04 16:55:22 ----HD---- C:\WINDOWS\inf
2010-09-04 12:08:21 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-04 12:07:21 ----D---- C:\Program Files\ESET
2010-08-24 18:47:00 ----D---- C:\Program Files\E-Poradca August 2007
2010-08-24 18:46:59 ----AC---- C:\WINDOWS\eporadca_0708.ini
2010-08-24 18:42:07 ----D---- C:\Program Files\E-Poradca Marec 2009
2010-08-24 18:42:01 ----AC---- C:\WINDOWS\eporadca_0902.ini
2010-08-24 16:04:00 ----D---- C:\Program Files\OLYMP
2010-08-24 15:00:14 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-24 15:00:11 ----RSD---- C:\WINDOWS\assembly
2010-08-22 15:12:38 ----RASH---- C:\boot.ini
2010-08-22 15:03:56 ----D---- C:\Program Files\Windows Desktop Search
2010-08-22 15:00:58 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-22 14:56:17 ----SHD---- C:\System Volume Information
2010-08-22 14:56:17 ----D---- C:\WINDOWS\system32\Restore
2010-08-22 14:43:42 ----N---- C:\WINDOWS\system.ini
2010-08-22 14:43:31 ----D---- C:\WINDOWS\system32\drivers\etc
2010-08-22 14:39:32 ----D---- C:\WINDOWS\AppPatch
2010-08-22 14:39:30 ----D---- C:\Program Files\Common Files
2010-08-21 22:07:29 ----D---- C:\WINDOWS\system32\config
2010-08-21 21:23:38 ----D---- C:\Program Files\OpenOffice.org1.1.0
2010-08-21 21:06:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-21 21:06:41 ----D---- C:\Program Files\Internet Explorer
2010-08-21 21:06:34 ----D---- C:\WINDOWS\ie8updates
2010-08-21 21:06:22 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-21 21:05:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-21 21:00:16 ----D---- C:\WINDOWS\security
2010-08-21 20:57:10 ----D---- C:\WINDOWS\system32\en-us
2010-08-21 20:56:47 ----RD---- C:\Program Files
2010-08-21 20:53:22 ----D---- C:\WINDOWS\Help
2010-08-21 20:53:12 ----D---- C:\WINDOWS\system32\wbem
2010-08-21 20:51:01 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-08-21 14:58:31 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2010-08-20 21:41:40 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-20 21:41:23 ----D---- C:\Documents and Settings\Admin\Application Data\ICQ
2010-08-20 21:33:01 ----SD---- C:\Documents and Settings\Admin\Application Data\Microsoft
2010-08-20 21:32:23 ----RSD---- C:\WINDOWS\Fonts
2010-08-20 21:27:17 ----N---- C:\WINDOWS\win.ini
2010-08-20 21:26:42 ----D---- C:\Program Files\Windows Media Player
2010-08-20 21:10:39 ----SD---- C:\WINDOWS\Tasks
2010-08-20 21:07:55 ----D---- C:\Program Files\Mozilla Firefox
2010-08-20 21:03:54 ----D---- C:\Program Files\IrfanView
2010-08-20 21:00:51 ----D---- C:\Program Files\Common Files\Adobe
2010-08-20 20:59:07 ----D---- C:\Program Files\Adobe
2010-08-20 20:51:23 ----D---- C:\WINDOWS\Debug
2010-08-20 20:51:20 ----D---- C:\WINDOWS\Minidump
2010-08-14 10:33:54 ----D---- C:\Program Files\Movie Maker
2010-08-08 23:37:08 ----A---- C:\WINDOWS\TextSpy.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2008-02-10 51072]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 irda;IrDA Protocol; C:\WINDOWS\System32\DRIVERS\irda.sys [2008-04-13 88192]
R2 MLPTDR_N;MLPTDR_N; \??\C:\WINDOWS\System32\MLPTDR_N.SYS []
R2 SetupNT;SetupNT; C:\WINDOWS\system32\SetupNT.sys [2000-10-25 3000]
R3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
R3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2006-06-09 1373120]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2003-04-15 90907]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 catchme;catchme; \??\C:\DOCUME~1\Admin\LOCALS~1\Temp\catchme.sys []
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\System32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 Irmon;Infrared Monitor; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-08-20 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-08-21 435016]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

-----------------EOF-----------------

[Caroprd111]

Odinstalujte ComboFix přes:
Start >> Spustit, zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter



Stáhněte T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe

• Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
• Po použití program vymažte. Pozor, antiviry ho mohou falešně označit za vir.

Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe

• Spusťte.
• Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

• Spusťte.
• Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478

• Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
  
  Záložka Čistič
• Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
  
  Záložka Registry
• Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
  OK Zavřít

V logu nevidím firewall, doinstalujte Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523


Napište stav PC.

[cappie]

Firewall sa vtedy ešte len riešil..teraz už je nahodený ZA
A k stavu PC>>nie je to bohviečo

[Caroprd111]

Total RAM: 247 MB (38% free)

S touto kapacitou RAM nemůžete čekat zázraky.

[cappie]

Ramkou to nebude..30% voľného stačí..akurát keby bolo viacej spustených programov..
//no čo už staršie pc..aj tak ti veľmi pekne ďakujem za pomoc, ochotu a čas

[Caroprd111]

Nemáte zač, je to způsobeno hardwarem. Log je v pořádku.