Zdravím, mám tu počítač kamaráda, kterej stále padá, případně zamrzává. Děkuji za pomoc
Logfile of random's system information tool 1.08 (written by random/random)
Run by Jarda at 2011-01-30 21:54:51
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 14 GB (7%) free of 191 GB
Total RAM: 1023 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:55:06, on 30.1.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Programy\D-Tools\daemon.exe
C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\windows\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Jarda\Data aplikací\QipGuard\QipGuard.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Programy\Microsoft Office\Office12\GROOVE.EXE
C:\Programy\OpenOffice.org1.1.0\program\soffice.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Jarda\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Jarda.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://open-articles.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=Explorer.exe rundll32.exe "C:\DOCUME~1\Jarda\LOCALS~1\Temp\goqw.tco" vnbyln
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programy\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [xhpvwsic] C:\WINDOWS\System32\xhpvwsic.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Jarda\Data aplikací\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [xhpvwsic] C:\Documents and Settings\Jarda\xhpvwsic.exe
O4 - HKCU\..\Run: [MSConfig] C:\Documents and Settings\Jarda\ohavfs.exe \u
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: 60dt703.exe
O4 - Startup: 6qwx81y.exe
O4 - Startup: 87081kv.exe
O4 - Startup: 9703y0z.exe
O4 - Startup: ekf0lbhiiy.exe
O4 - Startup: f0bg86s81ep.exe
O4 - Startup: f5mcsdo9703.exe
O4 - Startup: hnxtopu86g.exe
O4 - Startup: kfgbcx08.exe
O4 - Startup: mcdi81fa.exe
O4 - Startup: Microsoft Office Groove.lnk = C:\Programy\Microsoft Office\Office12\GROOVE.EXE
O4 - Startup: noj081qbcx.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Programy\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Startup: qqwx81zffg.exe
O4 - Startup: u81rmns81.exe
O4 - Startup: ulwwmsnt81.exe
O4 - Startup: uvalbrsnde.exe
O4 - Startup: w81itk1ab.exe
O4 - Startup: w86i81uf.exe
O4 - Startup: w91io2pql0.exe
O4 - Startup: xytjkfvwrsn.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Programy\QIP\qip.exe (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programy\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 8149 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-12-15 5513216]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-12-15 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-04-26 14370816]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-04-11 65536]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]
"DAEMON Tools-1033"=C:\Programy\D-Tools\daemon.exe [2003-12-27 81920]
"GrooveMonitor"=C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe Reader Speed Launcher"=C:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe [2010-12-17 77824]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-03-13 1443072]
"xhpvwsic"=C:\WINDOWS\System32\xhpvwsic.exe [2011-01-30 43008]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"QIP Internet Guardian"=C:\Documents and Settings\Jarda\Data aplikací\QipGuard\QipGuard.exe [2010-03-29 181760]
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe [2010-12-17 77824]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"xhpvwsic"=C:\Documents and Settings\Jarda\xhpvwsic.exe [2011-01-30 43008]
"MSConfig"=C:\Documents and Settings\Jarda\ohavfs.exe [2011-01-30 17920]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění
60dt703.exe
6qwx81y.exe
87081kv.exe
9703y0z.exe
ekf0lbhiiy.exe
f0bg86s81ep.exe
f5mcsdo9703.exe
hnxtopu86g.exe
kfgbcx08.exe
mcdi81fa.exe
Microsoft Office Groove.lnk - C:\Programy\Microsoft Office\Office12\GROOVE.EXE
noj081qbcx.exe
OpenOffice.org 1.1.0.lnk - C:\Programy\OpenOffice.org1.1.0\program\quickstart.exe
qqwx81zffg.exe
u81rmns81.exe
ulwwmsnt81.exe
uvalbrsnde.exe
w81itk1ab.exe
w86i81uf.exe
w91io2pql0.exe
xytjkfvwrsn.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nklkhbko.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nklkhbko.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programy\Microsoft Office\Office12\GROOVE.EXE"="C:\Programy\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Documents and Settings\Jarda\Dokumenty\Stažené soubory\facebook-image14756342163.exe"="c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP LLM"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2011-01-30 21:54:51 ----D---- C:\rsit
2011-01-30 21:54:51 ----D---- C:\Program Files\trend micro
2011-01-30 21:52:15 ----A---- C:\WINDOWS\system32\drivers\nklkhbko.sys
2011-01-30 21:49:22 ----A---- C:\WINDOWS\system32\drivers\pxxwekcp.sys
2011-01-30 21:49:11 ----A---- C:\WINDOWS\system32\drivers\rokdy.sys
2011-01-30 21:08:31 ----A---- C:\WINDOWS\system32\drivers\bpq01d6.sys
2011-01-30 21:03:59 ----A---- C:\WINDOWS\system32\drivers\dnc9a09.sys
2011-01-30 21:03:51 ----A---- C:\WINDOWS\system32\xhpvwsic.exe
2011-01-30 21:03:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-01-30 20:59:37 ----A---- C:\WINDOWS\system32\drivers\klktyhjz.sys
2011-01-30 20:56:07 ----A---- C:\WINDOWS\system32\drivers\ydyvihry.sys
2011-01-30 20:49:24 ----A---- C:\WINDOWS\system32\drivers\rhapapahx.sys
2011-01-30 20:39:28 ----D---- C:\Program Files\ESET
2011-01-28 18:50:19 ----A---- C:\winshg.exe
2011-01-28 14:58:35 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Help
2011-01-28 13:49:17 ----A---- C:\WINDOWS\system32\drivers\jtzfcam.sys
2011-01-28 12:04:04 ----RSH---- C:\Documents and Settings\Jarda\Data aplikací\juzjf.exe
2011-01-28 12:03:52 ----A---- C:\yo3.exe
2011-01-25 13:02:33 ----D---- C:\Program Files\Common Files\Aladdin Shared
2011-01-25 13:02:32 ----A---- C:\WINDOWS\system32\hasplms.exe
2011-01-25 13:02:32 ----A---- C:\WINDOWS\system32\aksllmtp.exe
2011-01-25 13:02:31 ----A---- C:\WINDOWS\system32\drivers\aksfridge.sys
2011-01-25 13:02:29 ----A---- C:\WINDOWS\system32\drivers\hardlock.sys
2011-01-25 13:01:00 ----D---- C:\Program Files\Common Files\Mosaic
2011-01-25 13:00:59 ----D---- C:\MosaicApp
2011-01-19 19:30:27 ----D---- C:\WINDOWS\solcache
2011-01-19 19:29:48 ----A---- C:\WINDOWS\system32\SNWValid.dll
2011-01-19 19:29:48 ----A---- C:\WINDOWS\system32\SierraNW.dll
2011-01-19 19:29:47 ----D---- C:\Program Files\Sierra On-Line
2011-01-19 19:29:22 ----A---- C:\WINDOWS\SIERRA.INI
2011-01-19 19:29:20 ----A---- C:\WINDOWS\IsUninst.exe
2011-01-16 00:55:01 ----D---- C:\WINDOWS\Minidump
2011-01-02 20:15:33 ----D---- C:\Documents and Settings\Jarda\Data aplikací\skypePM
2011-01-02 20:09:29 ----D---- C:\Program Files\Common Files\Skype
2011-01-02 20:09:25 ----RD---- C:\Program Files\Skype
2011-01-02 20:09:25 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Skype
2011-01-02 20:09:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-01-02 16:49:19 ----D---- C:\WINDOWS\pss
======List of files/folders modified in the last 1 months======
2011-01-30 21:54:54 ----AD---- C:\WINDOWS\Temp
2011-01-30 21:54:51 ----RD---- C:\Program Files
2011-01-30 21:52:00 ----RSHD---- C:\RECYCLER
2011-01-30 21:51:08 ----D---- C:\WINDOWS\system32
2011-01-30 21:50:57 ----D---- C:\WINDOWS\system32\Lang
2011-01-30 21:50:41 ----D---- C:\WINDOWS
2011-01-30 21:49:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-30 21:49:12 ----D---- C:\WINDOWS\system32\drivers
2011-01-30 21:49:12 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-30 21:11:05 ----D---- C:\Program Files\Mozilla Firefox
2011-01-30 21:08:49 ----D---- C:\WINDOWS\Prefetch
2011-01-30 21:06:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-30 21:04:29 ----SHD---- C:\WINDOWS\Installer
2011-01-30 21:04:25 ----HD---- C:\WINDOWS\inf
2011-01-28 14:58:35 ----D---- C:\WINDOWS\Help
2011-01-25 13:02:33 ----D---- C:\Program Files\Common Files
2011-01-25 13:02:23 ----D---- C:\WINDOWS\system32\Setup
2011-01-25 13:00:59 ----D---- C:\Programy
2011-01-24 20:51:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2011-01-19 19:29:46 ----D---- C:\Hry
2011-01-03 12:11:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 d344bus;d344bus; C:\WINDOWS\system32\DRIVERS\d344bus.sys [2003-12-27 137216]
R0 d344prt;d344prt; C:\WINDOWS\System32\Drivers\d344prt.sys [2003-12-27 5248]
R0 iteatapi;ITEATAPI_Service_Install; C:\WINDOWS\system32\DRIVERS\iteatapi.sys [2005-04-25 25424]
R0 nklkhbko;nklkhbko; C:\WINDOWS\System32\Drivers\nklkhbko.sys [2011-01-30 40128]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 SI3132;SiI-3132 SATALink Controller; C:\WINDOWS\system32\DRIVERS\SI3132.sys [2005-04-25 67200]
R0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys [2005-04-25 10368]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2004-07-20 20096]
R1 bpq01d6;bpq01d6; C:\WINDOWS\System32\drivers\bpq01d6.sys [2011-01-30 138272]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-13 29704]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-03-13 33800]
R1 hwinterface;hwinterface; C:\WINDOWS\System32\Drivers\hwinterface.sys [2010-09-25 2996]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-13 40456]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-25 2937344]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-12-15 3329504]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-02-01 229888]
S0 jtzfcam;jtzfcam; C:\WINDOWS\system32\drivers\jtzfcam.sys []
S0 rhapapahx;rhapapahx; C:\WINDOWS\system32\drivers\rhapapahx.sys []
S0 rokdy;rokdy; C:\WINDOWS\system32\drivers\rokdy.sys [2011-01-30 737792]
S1 dnc9a09;dnc9a09; C:\WINDOWS\System32\drivers\dnc9a09.sys [2011-01-30 138272]
S3 klktyhjz;klktyhjz; \??\C:\WINDOWS\System32\Drivers\klktyhjz.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
S3 pxxwekcp;pxxwekcp; \??\C:\WINDOWS\System32\Drivers\pxxwekcp.sys []
S3 ydyvihry;ydyvihry; \??\C:\WINDOWS\System32\Drivers\ydyvihry.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2004-07-20 90112]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
R2 hasplms;Sentinel HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2009-12-16 3750400]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-12-15 139331]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-03-13 19200]
S3 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programy\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
NOD odinstalovanej
Logfile of random's system information tool 1.08 (written by random/random)
Run by Jarda at 2011-01-30 22:53:53
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 16 GB (8%) free of 191 GB
Total RAM: 1023 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:46, on 30.1.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Programy\D-Tools\daemon.exe
C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Jarda\Data aplikací\QipGuard\QipGuard.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Programy\Microsoft Office\Office12\GROOVE.EXE
C:\Programy\OpenOffice.org1.1.0\program\soffice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Jarda\Dokumenty\Stažené soubory\RSIT.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\trend micro\Jarda.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://open-articles.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=Explorer.exe rundll32.exe "C:\DOCUME~1\Jarda\LOCALS~1\Temp\goqw.tco" vnbyln
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programy\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Jarda\Data aplikací\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [xhpvwsic] C:\Documents and Settings\Jarda\xhpvwsic.exe
O4 - HKCU\..\Run: [MSConfig] C:\Documents and Settings\Jarda\ohavfs.exe \u
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: 0u1blhc.exe
O4 - Startup: 60dt703.exe
O4 - Startup: 6qwx81y.exe
O4 - Startup: 87081kv.exe
O4 - Startup: 9703y0z.exe
O4 - Startup: ekf0lbhiiy.exe
O4 - Startup: epg6bssiea.exe
O4 - Startup: epqlr66iea.exe
O4 - Startup: f0bg86s81ep.exe
O4 - Startup: f5mcsdo9703.exe
O4 - Startup: hnxtopu86g.exe
O4 - Startup: kfgbcx08.exe
O4 - Startup: mcdi81fa.exe
O4 - Startup: Microsoft Office Groove.lnk = C:\Programy\Microsoft Office\Office12\GROOVE.EXE
O4 - Startup: noj081qbcx.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Programy\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Startup: qqwx81zffg.exe
O4 - Startup: u81rmns81.exe
O4 - Startup: ulwwmsnt81.exe
O4 - Startup: uvalbrsnde.exe
O4 - Startup: w81itk1ab.exe
O4 - Startup: w86i81uf.exe
O4 - Startup: w91io2pql0.exe
O4 - Startup: xytjkfvwrsn.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Programy\QIP\qip.exe (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programy\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 7638 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-12-15 5513216]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-12-15 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-04-26 14370816]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-04-11 65536]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]
"DAEMON Tools-1033"=C:\Programy\D-Tools\daemon.exe [2003-12-27 81920]
"GrooveMonitor"=C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe Reader Speed Launcher"=C:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"QIP Internet Guardian"=C:\Documents and Settings\Jarda\Data aplikací\QipGuard\QipGuard.exe [2010-03-29 181760]
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"xhpvwsic"=C:\Documents and Settings\Jarda\xhpvwsic.exe [2011-01-30 43008]
"MSConfig"=C:\Documents and Settings\Jarda\ohavfs.exe [2011-01-30 17920]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění
0u1blhc.exe
60dt703.exe
6qwx81y.exe
87081kv.exe
9703y0z.exe
ekf0lbhiiy.exe
epg6bssiea.exe
epqlr66iea.exe
f0bg86s81ep.exe
f5mcsdo9703.exe
hnxtopu86g.exe
kfgbcx08.exe
mcdi81fa.exe
Microsoft Office Groove.lnk - C:\Programy\Microsoft Office\Office12\GROOVE.EXE
noj081qbcx.exe
OpenOffice.org 1.1.0.lnk - C:\Programy\OpenOffice.org1.1.0\program\quickstart.exe
qqwx81zffg.exe
u81rmns81.exe
ulwwmsnt81.exe
uvalbrsnde.exe
w81itk1ab.exe
w86i81uf.exe
w91io2pql0.exe
xytjkfvwrsn.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nklkhbko.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nklkhbko.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programy\Microsoft Office\Office12\GROOVE.EXE"="C:\Programy\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Documents and Settings\Jarda\Dokumenty\Stažené soubory\facebook-image14756342163.exe"="c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP LLM"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2011-01-30 22:50:05 ----D---- C:\WINDOWS\system32\appmgmt
2011-01-30 21:54:51 ----D---- C:\rsit
2011-01-30 21:54:51 ----D---- C:\Program Files\trend micro
2011-01-30 21:52:15 ----A---- C:\WINDOWS\system32\drivers\nklkhbko.sys
2011-01-30 21:49:11 ----A---- C:\WINDOWS\system32\drivers\rokdy.sys
2011-01-30 21:03:59 ----A---- C:\WINDOWS\system32\drivers\dnc9a09.sys
2011-01-30 21:03:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-01-30 20:49:24 ----A---- C:\WINDOWS\system32\drivers\rhapapahx.sys
2011-01-30 20:39:28 ----D---- C:\Program Files\ESET
2011-01-28 18:50:19 ----A---- C:\winshg.exe
2011-01-28 14:58:35 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Help
2011-01-28 13:49:17 ----A---- C:\WINDOWS\system32\drivers\jtzfcam.sys
2011-01-28 12:03:52 ----A---- C:\yo3.exe
2011-01-25 13:02:33 ----D---- C:\Program Files\Common Files\Aladdin Shared
2011-01-25 13:02:32 ----A---- C:\WINDOWS\system32\hasplms.exe
2011-01-25 13:02:32 ----A---- C:\WINDOWS\system32\aksllmtp.exe
2011-01-25 13:02:31 ----A---- C:\WINDOWS\system32\drivers\aksfridge.sys
2011-01-25 13:02:29 ----A---- C:\WINDOWS\system32\drivers\hardlock.sys
2011-01-25 13:01:00 ----D---- C:\Program Files\Common Files\Mosaic
2011-01-25 13:00:59 ----D---- C:\MosaicApp
2011-01-19 19:30:27 ----D---- C:\WINDOWS\solcache
2011-01-19 19:29:48 ----A---- C:\WINDOWS\system32\SNWValid.dll
2011-01-19 19:29:48 ----A---- C:\WINDOWS\system32\SierraNW.dll
2011-01-19 19:29:47 ----D---- C:\Program Files\Sierra On-Line
2011-01-19 19:29:22 ----A---- C:\WINDOWS\SIERRA.INI
2011-01-19 19:29:20 ----A---- C:\WINDOWS\IsUninst.exe
2011-01-16 00:55:01 ----D---- C:\WINDOWS\Minidump
2011-01-02 20:15:33 ----D---- C:\Documents and Settings\Jarda\Data aplikací\skypePM
2011-01-02 20:09:29 ----D---- C:\Program Files\Common Files\Skype
2011-01-02 20:09:25 ----RD---- C:\Program Files\Skype
2011-01-02 20:09:25 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Skype
2011-01-02 20:09:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-01-02 16:49:19 ----D---- C:\WINDOWS\pss
======List of files/folders modified in the last 1 months======
2011-01-30 22:55:33 ----D---- C:\WINDOWS
2011-01-30 22:52:50 ----D---- C:\WINDOWS\system32
2011-01-30 22:52:40 ----D---- C:\WINDOWS\system32\Lang
2011-01-30 22:52:18 ----AD---- C:\WINDOWS\Temp
2011-01-30 22:51:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-30 22:49:52 ----D---- C:\WINDOWS\system32\drivers
2011-01-30 22:47:49 ----SHD---- C:\WINDOWS\Installer
2011-01-30 22:11:09 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-30 21:54:51 ----RD---- C:\Program Files
2011-01-30 21:52:00 ----RSHD---- C:\RECYCLER
2011-01-30 21:49:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-30 21:11:05 ----D---- C:\Program Files\Mozilla Firefox
2011-01-30 21:08:49 ----D---- C:\WINDOWS\Prefetch
2011-01-30 21:04:25 ----HD---- C:\WINDOWS\inf
2011-01-28 14:58:35 ----D---- C:\WINDOWS\Help
2011-01-25 13:02:33 ----D---- C:\Program Files\Common Files
2011-01-25 13:02:23 ----D---- C:\WINDOWS\system32\Setup
2011-01-25 13:00:59 ----D---- C:\Programy
2011-01-24 20:51:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2011-01-19 19:29:46 ----D---- C:\Hry
2011-01-03 12:11:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 d344bus;d344bus; C:\WINDOWS\system32\DRIVERS\d344bus.sys [2003-12-27 137216]
R0 d344prt;d344prt; C:\WINDOWS\System32\Drivers\d344prt.sys [2003-12-27 5248]
R0 iteatapi;ITEATAPI_Service_Install; C:\WINDOWS\system32\DRIVERS\iteatapi.sys [2005-04-25 25424]
R0 nklkhbko;nklkhbko; C:\WINDOWS\System32\Drivers\nklkhbko.sys [2011-01-30 40128]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 SI3132;SiI-3132 SATALink Controller; C:\WINDOWS\system32\DRIVERS\SI3132.sys [2005-04-25 67200]
R0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys [2005-04-25 10368]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2004-07-20 20096]
R1 hwinterface;hwinterface; C:\WINDOWS\System32\Drivers\hwinterface.sys [2010-09-25 2996]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-25 2937344]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-12-15 3329504]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-02-01 229888]
S0 jtzfcam;jtzfcam; C:\WINDOWS\system32\drivers\jtzfcam.sys []
S0 rhapapahx;rhapapahx; C:\WINDOWS\system32\drivers\rhapapahx.sys []
S1 dnc9a09;dnc9a09; C:\WINDOWS\System32\drivers\dnc9a09.sys [2011-01-30 138272]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2004-07-20 90112]
R2 hasplms;Sentinel HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2009-12-16 3750400]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-12-15 139331]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S3 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programy\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by Jarda at 2011-01-30 22:53:53
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 16 GB (8%) free of 191 GB
Total RAM: 1023 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:55:46, on 30.1.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Programy\D-Tools\daemon.exe
C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe
C:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Jarda\Data aplikací\QipGuard\QipGuard.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Programy\Microsoft Office\Office12\GROOVE.EXE
C:\Programy\OpenOffice.org1.1.0\program\soffice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Jarda\Dokumenty\Stažené soubory\RSIT.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\trend micro\Jarda.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://open-articles.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=Explorer.exe rundll32.exe "C:\DOCUME~1\Jarda\LOCALS~1\Temp\goqw.tco" vnbyln
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programy\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Documents and Settings\Jarda\Data aplikací\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [xhpvwsic] C:\Documents and Settings\Jarda\xhpvwsic.exe
O4 - HKCU\..\Run: [MSConfig] C:\Documents and Settings\Jarda\ohavfs.exe \u
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: 0u1blhc.exe
O4 - Startup: 60dt703.exe
O4 - Startup: 6qwx81y.exe
O4 - Startup: 87081kv.exe
O4 - Startup: 9703y0z.exe
O4 - Startup: ekf0lbhiiy.exe
O4 - Startup: epg6bssiea.exe
O4 - Startup: epqlr66iea.exe
O4 - Startup: f0bg86s81ep.exe
O4 - Startup: f5mcsdo9703.exe
O4 - Startup: hnxtopu86g.exe
O4 - Startup: kfgbcx08.exe
O4 - Startup: mcdi81fa.exe
O4 - Startup: Microsoft Office Groove.lnk = C:\Programy\Microsoft Office\Office12\GROOVE.EXE
O4 - Startup: noj081qbcx.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Programy\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Startup: qqwx81zffg.exe
O4 - Startup: u81rmns81.exe
O4 - Startup: ulwwmsnt81.exe
O4 - Startup: uvalbrsnde.exe
O4 - Startup: w81itk1ab.exe
O4 - Startup: w86i81uf.exe
O4 - Startup: w91io2pql0.exe
O4 - Startup: xytjkfvwrsn.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Programy\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Programy\QIP\qip.exe (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programy\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Sentinel HASP License Manager (hasplms) - SafeNet Inc. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 7638 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\WGASetup.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-12-15 5513216]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-12-15 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-04-26 14370816]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-04-11 65536]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 1848648]
"DAEMON Tools-1033"=C:\Programy\D-Tools\daemon.exe [2003-12-27 81920]
"GrooveMonitor"=C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe Reader Speed Launcher"=C:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"QIP Internet Guardian"=C:\Documents and Settings\Jarda\Data aplikací\QipGuard\QipGuard.exe [2010-03-29 181760]
"NVIDIA driver monitor"=c:\windows\nvsvc32.exe []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"xhpvwsic"=C:\Documents and Settings\Jarda\xhpvwsic.exe [2011-01-30 43008]
"MSConfig"=C:\Documents and Settings\Jarda\ohavfs.exe [2011-01-30 17920]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění
0u1blhc.exe
60dt703.exe
6qwx81y.exe
87081kv.exe
9703y0z.exe
ekf0lbhiiy.exe
epg6bssiea.exe
epqlr66iea.exe
f0bg86s81ep.exe
f5mcsdo9703.exe
hnxtopu86g.exe
kfgbcx08.exe
mcdi81fa.exe
Microsoft Office Groove.lnk - C:\Programy\Microsoft Office\Office12\GROOVE.EXE
noj081qbcx.exe
OpenOffice.org 1.1.0.lnk - C:\Programy\OpenOffice.org1.1.0\program\quickstart.exe
qqwx81zffg.exe
u81rmns81.exe
ulwwmsnt81.exe
uvalbrsnde.exe
w81itk1ab.exe
w86i81uf.exe
w91io2pql0.exe
xytjkfvwrsn.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nklkhbko.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nklkhbko.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Programy\Microsoft Office\Office12\GROOVE.EXE"="C:\Programy\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Documents and Settings\Jarda\Dokumenty\Stažené soubory\facebook-image14756342163.exe"="c:\windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP LLM"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2011-01-30 22:50:05 ----D---- C:\WINDOWS\system32\appmgmt
2011-01-30 21:54:51 ----D---- C:\rsit
2011-01-30 21:54:51 ----D---- C:\Program Files\trend micro
2011-01-30 21:52:15 ----A---- C:\WINDOWS\system32\drivers\nklkhbko.sys
2011-01-30 21:49:11 ----A---- C:\WINDOWS\system32\drivers\rokdy.sys
2011-01-30 21:03:59 ----A---- C:\WINDOWS\system32\drivers\dnc9a09.sys
2011-01-30 21:03:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-01-30 20:49:24 ----A---- C:\WINDOWS\system32\drivers\rhapapahx.sys
2011-01-30 20:39:28 ----D---- C:\Program Files\ESET
2011-01-28 18:50:19 ----A---- C:\winshg.exe
2011-01-28 14:58:35 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Help
2011-01-28 13:49:17 ----A---- C:\WINDOWS\system32\drivers\jtzfcam.sys
2011-01-28 12:03:52 ----A---- C:\yo3.exe
2011-01-25 13:02:33 ----D---- C:\Program Files\Common Files\Aladdin Shared
2011-01-25 13:02:32 ----A---- C:\WINDOWS\system32\hasplms.exe
2011-01-25 13:02:32 ----A---- C:\WINDOWS\system32\aksllmtp.exe
2011-01-25 13:02:31 ----A---- C:\WINDOWS\system32\drivers\aksfridge.sys
2011-01-25 13:02:29 ----A---- C:\WINDOWS\system32\drivers\hardlock.sys
2011-01-25 13:01:00 ----D---- C:\Program Files\Common Files\Mosaic
2011-01-25 13:00:59 ----D---- C:\MosaicApp
2011-01-19 19:30:27 ----D---- C:\WINDOWS\solcache
2011-01-19 19:29:48 ----A---- C:\WINDOWS\system32\SNWValid.dll
2011-01-19 19:29:48 ----A---- C:\WINDOWS\system32\SierraNW.dll
2011-01-19 19:29:47 ----D---- C:\Program Files\Sierra On-Line
2011-01-19 19:29:22 ----A---- C:\WINDOWS\SIERRA.INI
2011-01-19 19:29:20 ----A---- C:\WINDOWS\IsUninst.exe
2011-01-16 00:55:01 ----D---- C:\WINDOWS\Minidump
2011-01-02 20:15:33 ----D---- C:\Documents and Settings\Jarda\Data aplikací\skypePM
2011-01-02 20:09:29 ----D---- C:\Program Files\Common Files\Skype
2011-01-02 20:09:25 ----RD---- C:\Program Files\Skype
2011-01-02 20:09:25 ----D---- C:\Documents and Settings\Jarda\Data aplikací\Skype
2011-01-02 20:09:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-01-02 16:49:19 ----D---- C:\WINDOWS\pss
======List of files/folders modified in the last 1 months======
2011-01-30 22:55:33 ----D---- C:\WINDOWS
2011-01-30 22:52:50 ----D---- C:\WINDOWS\system32
2011-01-30 22:52:40 ----D---- C:\WINDOWS\system32\Lang
2011-01-30 22:52:18 ----AD---- C:\WINDOWS\Temp
2011-01-30 22:51:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-30 22:49:52 ----D---- C:\WINDOWS\system32\drivers
2011-01-30 22:47:49 ----SHD---- C:\WINDOWS\Installer
2011-01-30 22:11:09 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-30 21:54:51 ----RD---- C:\Program Files
2011-01-30 21:52:00 ----RSHD---- C:\RECYCLER
2011-01-30 21:49:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-30 21:11:05 ----D---- C:\Program Files\Mozilla Firefox
2011-01-30 21:08:49 ----D---- C:\WINDOWS\Prefetch
2011-01-30 21:04:25 ----HD---- C:\WINDOWS\inf
2011-01-28 14:58:35 ----D---- C:\WINDOWS\Help
2011-01-25 13:02:33 ----D---- C:\Program Files\Common Files
2011-01-25 13:02:23 ----D---- C:\WINDOWS\system32\Setup
2011-01-25 13:00:59 ----D---- C:\Programy
2011-01-24 20:51:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2011-01-19 19:29:46 ----D---- C:\Hry
2011-01-03 12:11:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 d344bus;d344bus; C:\WINDOWS\system32\DRIVERS\d344bus.sys [2003-12-27 137216]
R0 d344prt;d344prt; C:\WINDOWS\System32\Drivers\d344prt.sys [2003-12-27 5248]
R0 iteatapi;ITEATAPI_Service_Install; C:\WINDOWS\system32\DRIVERS\iteatapi.sys [2005-04-25 25424]
R0 nklkhbko;nklkhbko; C:\WINDOWS\System32\Drivers\nklkhbko.sys [2011-01-30 40128]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 SI3132;SiI-3132 SATALink Controller; C:\WINDOWS\system32\DRIVERS\SI3132.sys [2005-04-25 67200]
R0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys [2005-04-25 10368]
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2004-07-20 20096]
R1 hwinterface;hwinterface; C:\WINDOWS\System32\Drivers\hwinterface.sys [2010-09-25 2996]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-25 2937344]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-12-15 3329504]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2005-02-01 229888]
S0 jtzfcam;jtzfcam; C:\WINDOWS\system32\drivers\jtzfcam.sys []
S0 rhapapahx;rhapapahx; C:\WINDOWS\system32\drivers\rhapapahx.sys []
S1 dnc9a09;dnc9a09; C:\WINDOWS\System32\drivers\dnc9a09.sys [2011-01-30 138272]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2004-07-20 90112]
R2 hasplms;Sentinel HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2009-12-16 3750400]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-12-15 139331]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S3 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Programy\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Re: Prosím o kontrolu
Mooooc hezky se ti to tam množí, tři čtyři nové kousky za čtvrt hoďky 
Tak že, tohle fixni v HJT :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://open-articles.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=Explorer.exe rundll32.exe "C:\DOCUME~1\Jarda\LOCALS~1\Temp\goqw.tco" vnbyln
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [xhpvwsic] C:\WINDOWS\System32\xhpvwsic.exe
O4 - HKCU\..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe
O4 - HKCU\..\Run: [xhpvwsic] C:\Documents and Settings\Jarda\xhpvwsic.exe
O4 - HKCU\..\Run: [MSConfig] C:\Documents and Settings\Jarda\ohavfs.exe \u
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: 0u1blhc.exe
O4 - Startup: 60dt703.exe
O4 - Startup: 6qwx81y.exe
O4 - Startup: 87081kv.exe
O4 - Startup: 9703y0z.exe
O4 - Startup: ekf0lbhiiy.exe
O4 - Startup: epg6bssiea.exe
O4 - Startup: epqlr66iea.exe
O4 - Startup: f0bg86s81ep.exe
O4 - Startup: f5mcsdo9703.exe
O4 - Startup: hnxtopu86g.exe
O4 - Startup: kfgbcx08.exe
O4 - Startup: mcdi81fa.exe
O4 - Startup: Microsoft Office Groove.lnk = C:\Programy\Microsoft Office\Office12\GROOVE.EXE
O4 - Startup: noj081qbcx.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Programy\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Startup: qqwx81zffg.exe
O4 - Startup: u81rmns81.exe
O4 - Startup: ulwwmsnt81.exe
O4 - Startup: uvalbrsnde.exe
O4 - Startup: w81itk1ab.exe
O4 - Startup: w86i81uf.exe
O4 - Startup: w91io2pql0.exe
O4 - Startup: xytjkfvwrsn.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
HJT najdeš zde :
C:\Program Files\trend micro\Jarda.exe
Fix znamená že spustíš HJT
v okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Stáhni a spusť OTMoveIt
do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,
pokud aplikace bude požadovat restart, klikni na YES
v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
Tak že, tohle fixni v HJT :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://open-articles.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=Explorer.exe rundll32.exe "C:\DOCUME~1\Jarda\LOCALS~1\Temp\goqw.tco" vnbyln
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programy\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [xhpvwsic] C:\WINDOWS\System32\xhpvwsic.exe
O4 - HKCU\..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe
O4 - HKCU\..\Run: [xhpvwsic] C:\Documents and Settings\Jarda\xhpvwsic.exe
O4 - HKCU\..\Run: [MSConfig] C:\Documents and Settings\Jarda\ohavfs.exe \u
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: 0u1blhc.exe
O4 - Startup: 60dt703.exe
O4 - Startup: 6qwx81y.exe
O4 - Startup: 87081kv.exe
O4 - Startup: 9703y0z.exe
O4 - Startup: ekf0lbhiiy.exe
O4 - Startup: epg6bssiea.exe
O4 - Startup: epqlr66iea.exe
O4 - Startup: f0bg86s81ep.exe
O4 - Startup: f5mcsdo9703.exe
O4 - Startup: hnxtopu86g.exe
O4 - Startup: kfgbcx08.exe
O4 - Startup: mcdi81fa.exe
O4 - Startup: Microsoft Office Groove.lnk = C:\Programy\Microsoft Office\Office12\GROOVE.EXE
O4 - Startup: noj081qbcx.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Programy\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Startup: qqwx81zffg.exe
O4 - Startup: u81rmns81.exe
O4 - Startup: ulwwmsnt81.exe
O4 - Startup: uvalbrsnde.exe
O4 - Startup: w81itk1ab.exe
O4 - Startup: w86i81uf.exe
O4 - Startup: w91io2pql0.exe
O4 - Startup: xytjkfvwrsn.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
HJT najdeš zde :
C:\Program Files\trend micro\Jarda.exe
Fix znamená že spustíš HJT
v okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Stáhni a spusť OTMoveIt
do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
Kód: Vybrat vše
:processes
explorer.exe
:files
C:\Program Files\Ask.com
C:\DOCUME~1\Jarda\LOCALS~1\Temp\goqw.tco
c:\windows\nvsvc32.exe
C:\WINDOWS\System32\xhpvwsic.exe
C:\Documents and Settings\Jarda\xhpvwsic.exe
C:\Documents and Settings\Jarda\ohavfs.exe
C:\WINDOWS\System32\xhpvwsic.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\0u1blhc.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\60dt703.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\6qwx81y.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\87081kv.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\9703y0z.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\ekf0lbhiiy.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\epg6bssiea.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\epqlr66iea.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\f0bg86s81ep.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\f5mcsdo9703.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\hnxtopu86g.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\kfgbcx08.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\mcdi81fa.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\noj081qbcx.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\qqwx81zffg.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\u81rmns81.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\ulwwmsnt81.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\uvalbrsnde.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\w81itk1ab.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\w86i81uf.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\w91io2pql0.exe
C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\xytjkfvwrsn.exe
C:\WINDOWS\system32\drivers\nklkhbko.sys
C:\WINDOWS\system32\drivers\pxxwekcp.sys
C:\WINDOWS\system32\drivers\rokdy.sys
C:\WINDOWS\system32\drivers\bpq01d6.sys
C:\WINDOWS\system32\drivers\dnc9a09.sys
C:\WINDOWS\system32\xhpvwsic.exe
C:\WINDOWS\system32\drivers\klktyhjz.sys
C:\WINDOWS\system32\drivers\ydyvihry.sys
C:\WINDOWS\system32\drivers\rhapapahx.sys
C:\winshg.exe
C:\WINDOWS\system32\drivers\jtzfcam.sys
C:\Documents and Settings\Jarda\Data aplikací\juzjf.exe
C:\yo3.exe
C:\Documents and Settings\All Users\Data aplikací\ESET
C:\Program Files\ESET
:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"xhpvwsic"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"=-
:services
jtzfcam
rhapapahx
rokdy
dnc9a09
klktyhjz
pxxwekcp
ydyvihry
NOD32FiXTemDono
:commands
[purity]
[emptytemp]
[start explorer]pokud aplikace bude požadovat restart, klikni na YES
v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
Re: Prosím o kontrolu
tady je ten log, snad je to on
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Program Files\Ask.com folder moved successfully.
File/Folder C:\DOCUME~1\Jarda\LOCALS~1\Temp\goqw.tco not found.
File/Folder c:\windows\nvsvc32.exe not found.
File/Folder C:\WINDOWS\System32\xhpvwsic.exe not found.
C:\Documents and Settings\Jarda\xhpvwsic.exe moved successfully.
C:\Documents and Settings\Jarda\ohavfs.exe moved successfully.
File/Folder C:\WINDOWS\System32\xhpvwsic.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\0u1blhc.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\60dt703.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\6qwx81y.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\87081kv.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\9703y0z.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\ekf0lbhiiy.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\epg6bssiea.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\epqlr66iea.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\f0bg86s81ep.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\f5mcsdo9703.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\hnxtopu86g.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\kfgbcx08.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\mcdi81fa.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\noj081qbcx.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\qqwx81zffg.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\u81rmns81.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\ulwwmsnt81.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\uvalbrsnde.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\w81itk1ab.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\w86i81uf.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\w91io2pql0.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\xytjkfvwrsn.exe not found.
File move failed. C:\WINDOWS\system32\drivers\nklkhbko.sys scheduled to be moved on reboot.
File/Folder C:\WINDOWS\system32\drivers\pxxwekcp.sys not found.
C:\WINDOWS\system32\drivers\rokdy.sys moved successfully.
File/Folder C:\WINDOWS\system32\drivers\bpq01d6.sys not found.
File move failed. C:\WINDOWS\system32\drivers\dnc9a09.sys scheduled to be moved on reboot.
File/Folder C:\WINDOWS\system32\xhpvwsic.exe not found.
File/Folder C:\WINDOWS\system32\drivers\klktyhjz.sys not found.
File/Folder C:\WINDOWS\system32\drivers\ydyvihry.sys not found.
C:\WINDOWS\system32\drivers\rhapapahx.sys moved successfully.
C:\winshg.exe moved successfully.
C:\WINDOWS\system32\drivers\jtzfcam.sys moved successfully.
File/Folder C:\Documents and Settings\Jarda\Data aplikací\juzjf.exe not found.
C:\yo3.exe moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET NOD32 Antivirus folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET folder moved successfully.
C:\Program Files\ESET\ESET NOD32 Antivirus folder moved successfully.
C:\Program Files\ESET folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\xhpvwsic not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSConfig not found.
========== SERVICES/DRIVERS ==========
Service jtzfcam stopped successfully!
Service jtzfcam deleted successfully!
Service rhapapahx stopped successfully!
Service rhapapahx deleted successfully!
Service rokdy stopped successfully!
Service rokdy deleted successfully!
Service dnc9a09 stopped successfully!
Service dnc9a09 deleted successfully!
Error: No service named klktyhjz was found to stop!
Service\Driver key klktyhjz not found.
Error: No service named pxxwekcp was found to stop!
Service\Driver key pxxwekcp not found.
Error: No service named ydyvihry was found to stop!
Service\Driver key ydyvihry not found.
Error: No service named NOD32FiXTemDono was found to stop!
Service\Driver key NOD32FiXTemDono not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Jarda
->Temp folder emptied: 378777971 bytes
->Temporary Internet Files folder emptied: 4694794 bytes
->FireFox cache emptied: 55501058 bytes
->Flash cache emptied: 10516 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Rodiče
->Temp folder emptied: 173791 bytes
->Temporary Internet Files folder emptied: 127531459 bytes
->FireFox cache emptied: 55423663 bytes
->Flash cache emptied: 814 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13725577 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3168633285 bytes
Total Files Cleaned = 3 630,00 mb
OTM by OldTimer - Version 3.1.17.2 log created on 01312011_000033
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Program Files\Ask.com folder moved successfully.
File/Folder C:\DOCUME~1\Jarda\LOCALS~1\Temp\goqw.tco not found.
File/Folder c:\windows\nvsvc32.exe not found.
File/Folder C:\WINDOWS\System32\xhpvwsic.exe not found.
C:\Documents and Settings\Jarda\xhpvwsic.exe moved successfully.
C:\Documents and Settings\Jarda\ohavfs.exe moved successfully.
File/Folder C:\WINDOWS\System32\xhpvwsic.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\0u1blhc.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\60dt703.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\6qwx81y.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\87081kv.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\9703y0z.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\ekf0lbhiiy.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\epg6bssiea.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\epqlr66iea.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\f0bg86s81ep.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\f5mcsdo9703.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\hnxtopu86g.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\kfgbcx08.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\mcdi81fa.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\noj081qbcx.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\qqwx81zffg.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\u81rmns81.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\ulwwmsnt81.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\uvalbrsnde.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\w81itk1ab.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\w86i81uf.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\w91io2pql0.exe not found.
File/Folder C:\Documents and Settings\Jarda\Nabídka Start\Programy\Po spuštění\xytjkfvwrsn.exe not found.
File move failed. C:\WINDOWS\system32\drivers\nklkhbko.sys scheduled to be moved on reboot.
File/Folder C:\WINDOWS\system32\drivers\pxxwekcp.sys not found.
C:\WINDOWS\system32\drivers\rokdy.sys moved successfully.
File/Folder C:\WINDOWS\system32\drivers\bpq01d6.sys not found.
File move failed. C:\WINDOWS\system32\drivers\dnc9a09.sys scheduled to be moved on reboot.
File/Folder C:\WINDOWS\system32\xhpvwsic.exe not found.
File/Folder C:\WINDOWS\system32\drivers\klktyhjz.sys not found.
File/Folder C:\WINDOWS\system32\drivers\ydyvihry.sys not found.
C:\WINDOWS\system32\drivers\rhapapahx.sys moved successfully.
C:\winshg.exe moved successfully.
C:\WINDOWS\system32\drivers\jtzfcam.sys moved successfully.
File/Folder C:\Documents and Settings\Jarda\Data aplikací\juzjf.exe not found.
C:\yo3.exe moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET\ESET NOD32 Antivirus folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\ESET folder moved successfully.
C:\Program Files\ESET\ESET NOD32 Antivirus folder moved successfully.
C:\Program Files\ESET folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\xhpvwsic not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSConfig not found.
========== SERVICES/DRIVERS ==========
Service jtzfcam stopped successfully!
Service jtzfcam deleted successfully!
Service rhapapahx stopped successfully!
Service rhapapahx deleted successfully!
Service rokdy stopped successfully!
Service rokdy deleted successfully!
Service dnc9a09 stopped successfully!
Service dnc9a09 deleted successfully!
Error: No service named klktyhjz was found to stop!
Service\Driver key klktyhjz not found.
Error: No service named pxxwekcp was found to stop!
Service\Driver key pxxwekcp not found.
Error: No service named ydyvihry was found to stop!
Service\Driver key ydyvihry not found.
Error: No service named NOD32FiXTemDono was found to stop!
Service\Driver key NOD32FiXTemDono not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Jarda
->Temp folder emptied: 378777971 bytes
->Temporary Internet Files folder emptied: 4694794 bytes
->FireFox cache emptied: 55501058 bytes
->Flash cache emptied: 10516 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Rodiče
->Temp folder emptied: 173791 bytes
->Temporary Internet Files folder emptied: 127531459 bytes
->FireFox cache emptied: 55423663 bytes
->Flash cache emptied: 814 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2114584 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 13725577 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 3168633285 bytes
Total Files Cleaned = 3 630,00 mb
OTM by OldTimer - Version 3.1.17.2 log created on 01312011_000033
Re: Prosím o kontrolu
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Přispějete na provoz fóra?