Dobry den,
prosim o kontrolu logu - notebook se chova divne. Nize jsou logy z RSIT a HJT:
RSIT
Logfile of random's system information tool 1.08 (written by random/random)
Run by Ivo at 2011-02-28 16:18:08
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 35 GB (68%) free of 51 GB
Total RAM: 1919 MB (78% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\expressripSevenDays.job
C:\WINDOWS\tasks\expressripShakeIcon.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\videopadSevenDays.job
C:\WINDOWS\tasks\videopadShakeIcon.job
C:\WINDOWS\tasks\wavepadSevenDays.job
C:\WINDOWS\tasks\wavepadShakeIcon.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin0.dll [2011-01-10 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
NCH Toolbar - C:\Program Files\NCH\tbNC1.dll [2011-01-10 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{c2db4fe6-8409-45ce-8010-189a7b5cce86} - NCH Toolbar - C:\Program Files\NCH\tbNC1.dll [2011-01-10 3911776]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-21 1018680]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin0.dll [2011-01-10 3911776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-04-01 98304]
"ATKHOTKEY"=C:\Program Files\ASUS\ATK Hotkey\HControl.exe [2009-04-23 178744]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"AmIcoSinglun"=C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2009-04-09 237568]
"Power4Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2009-03-03 92728]
"ASUS Screen Saver Protector"=C:\WINDOWS\AsScrPro.exe [2009-10-27 3054136]
"ASUS Camera ScreenSaver"=C:\WINDOWS\AsScrProlog.exe [2009-10-27 47672]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2008-09-30 851968]
"SiSPower"=SiSPower.dll,ModeAgent []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-06-10 1447168]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
FancyStart daemon.lnk - C:\WINDOWS\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
======List of files/folders created in the last 1 months======
2011-02-28 16:18:09 ----D---- C:\Program Files\trend micro
2011-02-28 16:18:08 ----D---- C:\rsit
2011-02-05 13:00:21 ----D---- C:\Program Files\ESET
======List of files/folders modified in the last 1 months======
2011-02-28 16:18:09 ----RD---- C:\Program Files
2011-02-28 16:16:19 ----D---- C:\WINDOWS\Prefetch
2011-02-28 16:14:57 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-19 19:26:15 ----D---- C:\WINDOWS\Temp
2011-02-19 19:24:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-08 19:33:55 ----D---- C:\WINDOWS
2011-02-05 14:46:25 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-02-05 13:00:59 ----SHD---- C:\WINDOWS\Installer
2011-02-05 13:00:54 ----HD---- C:\WINDOWS\inf
2011-02-05 13:00:54 ----D---- C:\WINDOWS\system32\drivers
2011-02-05 12:10:52 ----D---- C:\WINDOWS\system32
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-10-27 721904]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-06-10 53256]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-06-10 34312]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2009-04-01 19200]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-06-10 39944]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-06-03 1570240]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS []
R3 GUCI_AVS;ASUS USB2.0 UVC VGA WebCam; C:\WINDOWS\system32\DRIVERS\GUCI_AVS.sys [2009-02-27 591744]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-30 5063168]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-17 7680]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-01-22 120064]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2009-04-01 324608]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 aet4neuy;aet4neuy; C:\WINDOWS\system32\drivers\aet4neuy.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2009-05-08 25600]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-06-10 468224]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-05-09 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-01 133104]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-06-10 19200]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-05-09 360192]
-----------------EOF----------------
HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:19:48, on 28.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\WINDOWS\AsScrPro.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\WINDOWS\system32\sistray.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Ivo\Plocha\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/sm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Program Files\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [Power4Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\AsScrProlog.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 6287 bytes
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu - podezreni na vir
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosim o kontrolu logu - podezreni na vir
Zdravim a pekny den preji 
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o kontrolu logu - podezreni na vir
Také přeji krásný den a zde je info log:
info.txt logfile of random's system information tool 1.08 2011-02-28 16:18:11
======Uninstall list======
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0x9 -uninst
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->MsiExec.exe /X{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.0.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90100000001}
Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
Aktualizace systému Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Alcor Micro Card Rader Driver and Utility-->C:\Program Files\InstallShield Installation Information\{5A22D889-FBDD-4AE8-86EC-089D45FC133E}\Setup.exe -runfromtemp -l0x0409
Ask Toolbar-->MsiExec.exe /X{86D4B82A-ABED-442A-BE86-96357B70F4FE}
ASUS FancyStart-->MsiExec.exe /I{60D6618B-153F-4353-8185-908E676E5888}
ASUS Power4Gear-->MsiExec.exe /I{4462AD13-F2AA-4CBD-9F95-293C38EED870}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS USB2.0 UVC VGA WebCam-->C:\WINDOWS\uninstall.exe /name='ASUS USB2.0 UVC VGA WebCam'
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
Asus_Camera_ScreenSaver-->"C:\WINDOWS\ASUS Camera ScreenSaver Uninstaller.exe"
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0005 -removeonly
ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9}
ATK Media-->MsiExec.exe /I{D1E5870E-E3E5-4475-98A6-ADD614524ADF}
Codec Pack - All In 1 6.0.2.7-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Encyklopedie her 1.2-->"C:\Program Files\Encyklopedie her\setup\uninst.exe"
ESET NOD32 Antivirus-->MsiExec.exe /I{608B3334-B5BE-4868-BE37-7042C98E548C}
Express Gate-->MsiExec.exe /X{865CD808-6D31-4269-9D36-693CFE75D26A}
Express Rip-->C:\Program Files\NCH Swift Sound\ExpressRip\uninst.exe
Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\9.0.597.98\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 9 Essentials-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM02-508X-MHAT-19WU-9Z3Z-0CH0-3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000"
Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
Nero Online Upgrade-->MsiExec.exe /X{dba84796-8503-4ff0-af57-1747dd9a166d}
Nero StartSmart OEM-->MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NCH Toolbar-->C:\PROGRA~1\NCH\UNWISE.EXE /U C:\PROGRA~1\NCH\INSTALL.LOG
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Prism Video Converter-->C:\Program Files\NCH Software\Prism\uninst.exe
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x5 -removeonly
Sada Compatibility Pack pro systém Office 2007-->MsiExec.exe /X{90120000-0020-0405-0000-0000000FF1CE}
SiS VGA Utilities-->SiSUninstall.exe VGA,R,oem0.inf
SiSAGP driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe" -l0x5
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
The Sims 2-->C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe
Total Commander (Remove or Repair)-->c:\Program files\Totalcmd\tcuninst.exe
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
VideoPad Video Editor-->C:\Program Files\NCH Software\VideoPad\uninst.exe
WavePad Sound Editor-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\Setup.exe" -l0x9
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
======Security center information======
AV: ESET NOD32 Antivirus 3.0
======System event log======
Computer Name: NOTEBOOK
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{FD79E947-BF88-4A57-B8B2-C09FA109EA8B} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.
Record Number: 18791
Source Name: Tcpip
Time Written: 20110105143710.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 4202
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{6DDE9E0C-1870-433D-935C-87AF737A4660} byl odpojen od sítě
a síťová konfigurace adaptéru byla uvolněna. Pokud síťový
adaptér nebyl odpojen, může to znamenat, že nepracoval správně.
Obraťte se na dodavatele a požádejte o aktualizované ovladače.
Record Number: 18790
Source Name: Tcpip
Time Written: 20110105143707.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{FD79E947-BF88-4A57-B8B2-C09FA109EA8B} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.
Record Number: 18789
Source Name: Tcpip
Time Written: 20110105143702.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 7036
Message: Stav služby Načítání obrázků (WIA) byl změněn na: Spuštěno
Record Number: 18788
Source Name: Service Control Manager
Time Written: 20110105143658.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{FD79E947-BF88-4A57-B8B2-C09FA109EA8B} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.
Record Number: 18787
Source Name: Tcpip
Time Written: 20110105143657.000000+060
Event Type: Informace
User:
=====Application event log=====
Computer Name: NOTEBOOK
Event Code: 1000
Message: Čítače výkonu pro službu MSDTC (MSDTC) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.
Record Number: 5
Source Name: LoadPerf
Time Written: 20091027213124.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 1000
Message: Čítače výkonu pro službu TermService (Terminálová služba) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.
Record Number: 4
Source Name: LoadPerf
Time Written: 20091027213120.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 1000
Message: Čítače výkonu pro službu RemoteAccess (Směrování a vzdálený přístup) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.
Record Number: 3
Source Name: LoadPerf
Time Written: 20091027213014.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 1000
Message: Čítače výkonu pro službu PSched (PSched) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.
Record Number: 2
Source Name: LoadPerf
Time Written: 20091027212947.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 1000
Message: Čítače výkonu pro službu RSVP (QoS RSVP) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.
Record Number: 1
Source Name: LoadPerf
Time Written: 20091027212946.000000+060
Event Type: Informace
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 22 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=1601
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.08 2011-02-28 16:18:11
======Uninstall list======
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0x9 -uninst
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->MsiExec.exe /X{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.0.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90100000001}
Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d}
Aktualizace systému Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Alcor Micro Card Rader Driver and Utility-->C:\Program Files\InstallShield Installation Information\{5A22D889-FBDD-4AE8-86EC-089D45FC133E}\Setup.exe -runfromtemp -l0x0409
Ask Toolbar-->MsiExec.exe /X{86D4B82A-ABED-442A-BE86-96357B70F4FE}
ASUS FancyStart-->MsiExec.exe /I{60D6618B-153F-4353-8185-908E676E5888}
ASUS Power4Gear-->MsiExec.exe /I{4462AD13-F2AA-4CBD-9F95-293C38EED870}
ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
ASUS USB2.0 UVC VGA WebCam-->C:\WINDOWS\uninstall.exe /name='ASUS USB2.0 UVC VGA WebCam'
ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
Asus_Camera_ScreenSaver-->"C:\WINDOWS\ASUS Camera ScreenSaver Uninstaller.exe"
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0005 -removeonly
ATK Generic Function Service-->C:\Program Files\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly
ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9}
ATK Media-->MsiExec.exe /I{D1E5870E-E3E5-4475-98A6-ADD614524ADF}
Codec Pack - All In 1 6.0.2.7-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Encyklopedie her 1.2-->"C:\Program Files\Encyklopedie her\setup\uninst.exe"
ESET NOD32 Antivirus-->MsiExec.exe /I{608B3334-B5BE-4868-BE37-7042C98E548C}
Express Gate-->MsiExec.exe /X{865CD808-6D31-4269-9D36-693CFE75D26A}
Express Rip-->C:\Program Files\NCH Swift Sound\ExpressRip\uninst.exe
Google Earth-->MsiExec.exe /X{4286E640-B5FB-11DF-AC4B-005056C00008}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\9.0.597.98\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
LifeFrame2-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.6.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 9 Essentials-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM02-508X-MHAT-19WU-9Z3Z-0CH0-3U6E-85W5-MMHH-6647-1Z5L-7M8C-0U45-758P-0000"
Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff}
Nero Online Upgrade-->MsiExec.exe /X{dba84796-8503-4ff0-af57-1747dd9a166d}
Nero StartSmart OEM-->MsiExec.exe /X{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NCH Toolbar-->C:\PROGRA~1\NCH\UNWISE.EXE /U C:\PROGRA~1\NCH\INSTALL.LOG
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
Prism Video Converter-->C:\Program Files\NCH Software\Prism\uninst.exe
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x5 -removeonly
Sada Compatibility Pack pro systém Office 2007-->MsiExec.exe /X{90120000-0020-0405-0000-0000000FF1CE}
SiS VGA Utilities-->SiSUninstall.exe VGA,R,oem0.inf
SiSAGP driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC226AC9-0314-496C-BE6A-B6A132628466}\setup.exe" -l0x5
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
The Sims 2-->C:\Program Files\EA GAMES\The Sims 2\EAUninstall.exe
Total Commander (Remove or Repair)-->c:\Program files\Totalcmd\tcuninst.exe
TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}
VideoPad Video Editor-->C:\Program Files\NCH Software\VideoPad\uninst.exe
WavePad Sound Editor-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinFlash-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\Setup.exe" -l0x9
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
======Security center information======
AV: ESET NOD32 Antivirus 3.0
======System event log======
Computer Name: NOTEBOOK
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{FD79E947-BF88-4A57-B8B2-C09FA109EA8B} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.
Record Number: 18791
Source Name: Tcpip
Time Written: 20110105143710.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 4202
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{6DDE9E0C-1870-433D-935C-87AF737A4660} byl odpojen od sítě
a síťová konfigurace adaptéru byla uvolněna. Pokud síťový
adaptér nebyl odpojen, může to znamenat, že nepracoval správně.
Obraťte se na dodavatele a požádejte o aktualizované ovladače.
Record Number: 18790
Source Name: Tcpip
Time Written: 20110105143707.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{FD79E947-BF88-4A57-B8B2-C09FA109EA8B} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.
Record Number: 18789
Source Name: Tcpip
Time Written: 20110105143702.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 7036
Message: Stav služby Načítání obrázků (WIA) byl změněn na: Spuštěno
Record Number: 18788
Source Name: Service Control Manager
Time Written: 20110105143658.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 4201
Message: Sytém zjistil, že síťový adaptér \DEVICE\TCPIP_{FD79E947-BF88-4A57-B8B2-C09FA109EA8B} byl připojen k síti
a inicializoval normální činnost přes síťový adaptér.
Record Number: 18787
Source Name: Tcpip
Time Written: 20110105143657.000000+060
Event Type: Informace
User:
=====Application event log=====
Computer Name: NOTEBOOK
Event Code: 1000
Message: Čítače výkonu pro službu MSDTC (MSDTC) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.
Record Number: 5
Source Name: LoadPerf
Time Written: 20091027213124.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 1000
Message: Čítače výkonu pro službu TermService (Terminálová služba) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.
Record Number: 4
Source Name: LoadPerf
Time Written: 20091027213120.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 1000
Message: Čítače výkonu pro službu RemoteAccess (Směrování a vzdálený přístup) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.
Record Number: 3
Source Name: LoadPerf
Time Written: 20091027213014.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 1000
Message: Čítače výkonu pro službu PSched (PSched) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.
Record Number: 2
Source Name: LoadPerf
Time Written: 20091027212947.000000+060
Event Type: Informace
User:
Computer Name: NOTEBOOK
Event Code: 1000
Message: Čítače výkonu pro službu RSVP (QoS RSVP) byly úspěšně načteny.
Data záznamu obsahují nové indexové hodnoty přiřazené
této službě.
Record Number: 1
Source Name: LoadPerf
Time Written: 20091027212946.000000+060
Event Type: Informace
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 22 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=1601
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
Re: Prosim o kontrolu logu - podezreni na vir
Predpokladam ze ten NOD32 mate legalni = zakoupena licence 
Mohl byste prosim blize specifikovat "notebook se chova divne" "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o kontrolu logu - podezreni na vir
Dekuji za odpoved. Notebook je mych rodicu, kteri se v nem vubec nevyznaji, takze uplne presne nebudu moci zodpovedet 
. Pokud vim, NOD32 je verze zadarmo, ale nejsem si jist - instaloval jim to soused. Co se tyce problemu, notebook je zpomalen a nelze se s nim pripojit na Internet, i kdyz to jinak hlasi, ze pripojeni je v poradku.
. Pokud vim, NOD32 je verze zadarmo, ale nejsem si jist - instaloval jim to soused. Co se tyce problemu, notebook je zpomalen a nelze se s nim pripojit na Internet, i kdyz to jinak hlasi, ze pripojeni je v poradku.Re: Prosim o kontrolu logu - podezreni na vir
NOD urcite zadarmo neni, je treba licenci koupit - viz licencni podminky. Takze jej odinstalujte a dejte tam Avast Free - ten zadarmo je - navic i jeho detekce je na lepsi urovni nez NODu
Pak mi sem dejte novy log z RSIT
Stahnete na plochu CKScanner
Pak mi sem dejte novy log z RSIT Stahnete na plochu CKScanner
- Spustte a kliknete na Search for files
- Po dokonceni skenu kliknete na Save List to File a nasledne OK
- Na plose se Vam vytvori log s nazvem ckfiles.txt, jeho obsah mi sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o kontrolu logu - podezreni na vir
Dekuji za odpoved. Vse jsem provedl dle instrukci.
Zde je log z CKfiles:
CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11
----- EOF -----
Zde je log z RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Ivo at 2011-02-28 19:15:12
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 34 GB (66%) free of 51 GB
Total RAM: 1919 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:15:19, on 28.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\WINDOWS\AsScrPro.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\O2 Mobilni internet\O2 Mobilni internet.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Ivo\Plocha\RSIT.exe
C:\Program Files\trend micro\Ivo.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/sm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll
O3 - Toolbar: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Program Files\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [Power4Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\AsScrProlog.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{64EBB488-3453-46F7-9357-9B893F20D3A1}: NameServer = 160.218.167.5 160.218.161.60
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 5966 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\expressripSevenDays.job
C:\WINDOWS\tasks\expressripShakeIcon.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\videopadSevenDays.job
C:\WINDOWS\tasks\videopadShakeIcon.job
C:\WINDOWS\tasks\wavepadSevenDays.job
C:\WINDOWS\tasks\wavepadShakeIcon.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin0.dll [2011-01-10 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
NCH Toolbar - C:\Program Files\NCH\tbNC1.dll [2011-01-10 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{c2db4fe6-8409-45ce-8010-189a7b5cce86} - NCH Toolbar - C:\Program Files\NCH\tbNC1.dll [2011-01-10 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin0.dll [2011-01-10 3911776]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-04-01 98304]
"ATKHOTKEY"=C:\Program Files\ASUS\ATK Hotkey\HControl.exe [2009-04-23 178744]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"AmIcoSinglun"=C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2009-04-09 237568]
"Power4Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2009-03-03 92728]
"ASUS Screen Saver Protector"=C:\WINDOWS\AsScrPro.exe [2009-10-27 3054136]
"ASUS Camera ScreenSaver"=C:\WINDOWS\AsScrProlog.exe [2009-10-27 47672]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2008-09-30 851968]
"SiSPower"=SiSPower.dll,ModeAgent []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
FancyStart daemon.lnk - C:\WINDOWS\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2011-02-28 19:13:15 ----A---- C:\WINDOWS\system32\ckfiles.txt
2011-02-28 19:08:56 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-02-28 19:08:55 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-02-28 19:08:54 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-02-28 19:08:53 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-02-28 19:08:53 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-02-28 19:08:52 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-02-28 19:08:52 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-02-28 19:08:52 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-02-28 19:08:40 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-02-28 19:08:33 ----D---- C:\Program Files\AVAST Software
2011-02-28 19:08:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-02-28 18:51:43 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2011-02-28 18:47:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-02-28 18:47:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-02-28 18:46:56 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-02-28 18:46:49 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-02-28 18:46:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-02-28 18:46:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-02-28 18:46:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-02-28 18:46:18 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-02-28 18:46:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-28 18:46:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2011-02-28 18:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-02-28 18:45:53 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2011-02-28 18:45:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-02-28 18:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-02-28 18:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-02-28 18:45:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-28 18:45:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-02-28 18:45:14 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-02-28 18:45:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-02-28 18:45:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-02-28 18:44:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-02-28 18:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-02-28 18:44:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-02-28 18:44:34 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2011-02-28 18:44:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-02-28 18:44:04 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-02-28 18:43:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-02-28 18:43:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-02-28 18:43:44 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-02-28 18:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-02-28 18:43:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-02-28 18:43:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-02-28 18:43:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-28 18:43:10 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-02-28 18:43:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-02-28 18:42:57 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-02-28 18:42:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-02-28 18:42:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-02-28 18:42:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-02-28 18:42:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-28 18:42:15 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-02-28 18:42:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2011-02-28 18:42:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-02-28 18:41:55 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-02-28 18:41:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-02-28 18:41:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-02-28 18:41:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-02-28 18:41:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-02-28 18:41:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-02-28 18:41:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-02-28 18:41:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-02-28 18:40:59 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2011-02-28 18:40:42 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-02-28 18:40:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-02-28 18:39:02 ----A---- C:\WINDOWS\system32\MRT.exe
2011-02-28 18:38:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-02-28 18:38:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2011-02-28 18:37:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-02-28 18:37:44 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-02-28 18:37:39 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-02-28 18:37:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-02-28 18:37:27 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-02-28 18:37:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-28 18:37:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-02-28 18:37:07 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-02-28 18:37:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-02-28 18:36:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-02-28 18:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-02-28 18:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2011-02-28 18:36:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2011-02-28 18:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-02-28 18:36:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-02-28 18:36:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-02-28 18:36:03 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-02-28 18:35:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-02-28 18:35:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-02-28 18:35:40 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-02-28 18:35:34 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-02-28 18:35:28 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-02-28 18:35:22 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-02-28 18:35:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2482017$
2011-02-28 18:35:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-02-28 18:34:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-02-28 18:34:50 ----D---- C:\Program Files\MSXML 4.0
2011-02-28 18:34:40 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-02-28 18:34:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-28 18:34:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-02-28 18:34:19 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-02-28 18:34:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2011-02-28 18:34:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-02-28 18:34:00 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-02-28 18:33:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-02-28 18:33:51 ----A---- C:\WINDOWS\imsins.BAK
2011-02-28 18:33:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-02-28 18:23:08 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2011-02-28 18:07:44 ----N---- C:\WINDOWS\system32\browserchoice.exe
2011-02-28 17:46:46 ----D---- C:\Documents and Settings\Ivo\Data aplikací\Malwarebytes
2011-02-28 17:46:43 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-02-28 17:46:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-02-28 17:46:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-02-28 17:46:39 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-02-28 17:34:53 ----D---- C:\Program Files\CCleaner
2011-02-28 17:29:12 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2011-02-28 17:25:06 ----A---- C:\WINDOWS\system32\drivers\mod7700.sys
2011-02-28 17:25:06 ----A---- C:\WINDOWS\system32\drivers\ewusbnet.sys
2011-02-28 17:25:06 ----A---- C:\WINDOWS\system32\drivers\ewusbmdm.sys
2011-02-28 17:25:06 ----A---- C:\WINDOWS\system32\drivers\ewdcsc.sys
2011-02-28 17:24:27 ----D---- C:\Program Files\O2 Mobilni internet
2011-02-28 16:18:09 ----D---- C:\Program Files\trend micro
2011-02-28 16:18:08 ----D---- C:\rsit
======List of files/folders modified in the last 1 months======
2011-02-28 19:13:15 ----D---- C:\WINDOWS\system32
2011-02-28 19:12:17 ----D---- C:\WINDOWS\Temp
2011-02-28 19:08:56 ----D---- C:\WINDOWS\system32\drivers
2011-02-28 19:08:49 ----SHD---- C:\WINDOWS\Installer
2011-02-28 19:08:48 ----D---- C:\WINDOWS\WinSxS
2011-02-28 19:08:40 ----D---- C:\WINDOWS
2011-02-28 19:08:33 ----RD---- C:\Program Files
2011-02-28 19:04:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-28 18:53:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-02-28 18:48:47 ----HD---- C:\WINDOWS\inf
2011-02-28 18:48:46 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-28 18:48:25 ----D---- C:\WINDOWS\system32\wbem
2011-02-28 18:48:25 ----D---- C:\WINDOWS\AppPatch
2011-02-28 18:48:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-28 18:47:09 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-28 18:46:52 ----D---- C:\Program Files\Messenger
2011-02-28 18:36:10 ----D---- C:\Program Files\Outlook Express
2011-02-28 18:35:44 ----D---- C:\Program Files\Movie Maker
2011-02-28 18:15:37 ----D---- C:\WINDOWS\Prefetch
2011-02-28 17:39:02 ----SD---- C:\WINDOWS\Tasks
2011-02-28 17:36:00 ----D---- C:\Documents and Settings\Ivo\Data aplikací\Winamp
2011-02-28 17:35:40 ----D---- C:\WINDOWS\Debug
2011-02-05 14:46:25 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-10-27 721904]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2009-04-01 19200]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-06-03 1570240]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS []
R3 GUCI_AVS;ASUS USB2.0 UVC VGA WebCam; C:\WINDOWS\system32\DRIVERS\GUCI_AVS.sys [2009-02-27 591744]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-30 5063168]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-17 7680]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-01-22 120064]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2009-04-01 324608]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2009-05-08 25600]
S3 axwsq8i5;axwsq8i5; C:\WINDOWS\system32\drivers\axwsq8i5.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-05-09 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-01 133104]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-05-09 360192]
-----------------EOF-----------------
Zde je log z CKfiles:
CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11
----- EOF -----
Zde je log z RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Ivo at 2011-02-28 19:15:12
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 34 GB (66%) free of 51 GB
Total RAM: 1919 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:15:19, on 28.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\WINDOWS\AsScrPro.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files\ASUS\ATK Hotkey\WDC.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\O2 Mobilni internet\O2 Mobilni internet.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Ivo\Plocha\RSIT.exe
C:\Program Files\trend micro\Ivo.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/sm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll
O3 - Toolbar: NCH Toolbar - {c2db4fe6-8409-45ce-8010-189a7b5cce86} - C:\Program Files\NCH\tbNC1.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKHOTKEY] C:\Program Files\ASUS\ATK Hotkey\HControl.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [Power4Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\WINDOWS\AsScrProlog.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{64EBB488-3453-46F7-9357-9B893F20D3A1}: NameServer = 160.218.167.5 160.218.161.60
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 5966 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\expressripSevenDays.job
C:\WINDOWS\tasks\expressripShakeIcon.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\videopadSevenDays.job
C:\WINDOWS\tasks\videopadShakeIcon.job
C:\WINDOWS\tasks\wavepadSevenDays.job
C:\WINDOWS\tasks\wavepadShakeIcon.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin0.dll [2011-01-10 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2db4fe6-8409-45ce-8010-189a7b5cce86}]
NCH Toolbar - C:\Program Files\NCH\tbNC1.dll [2011-01-10 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{c2db4fe6-8409-45ce-8010-189a7b5cce86} - NCH Toolbar - C:\Program Files\NCH\tbNC1.dll [2011-01-10 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngin0.dll [2011-01-10 3911776]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-04-01 98304]
"ATKHOTKEY"=C:\Program Files\ASUS\ATK Hotkey\HControl.exe [2009-04-23 178744]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"AmIcoSinglun"=C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2009-04-09 237568]
"Power4Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2009-03-03 92728]
"ASUS Screen Saver Protector"=C:\WINDOWS\AsScrPro.exe [2009-10-27 3054136]
"ASUS Camera ScreenSaver"=C:\WINDOWS\AsScrProlog.exe [2009-10-27 47672]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2008-09-30 851968]
"SiSPower"=SiSPower.dll,ModeAgent []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
FancyStart daemon.lnk - C:\WINDOWS\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2011-02-28 19:13:15 ----A---- C:\WINDOWS\system32\ckfiles.txt
2011-02-28 19:08:56 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-02-28 19:08:55 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-02-28 19:08:54 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-02-28 19:08:53 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-02-28 19:08:53 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-02-28 19:08:52 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-02-28 19:08:52 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-02-28 19:08:52 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-02-28 19:08:40 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-02-28 19:08:33 ----D---- C:\Program Files\AVAST Software
2011-02-28 19:08:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-02-28 18:51:43 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2011-02-28 18:47:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-02-28 18:47:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-02-28 18:46:56 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-02-28 18:46:49 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-02-28 18:46:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-02-28 18:46:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-02-28 18:46:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-02-28 18:46:18 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-02-28 18:46:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-28 18:46:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2011-02-28 18:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-02-28 18:45:53 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2011-02-28 18:45:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-02-28 18:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-02-28 18:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-02-28 18:45:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-28 18:45:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-02-28 18:45:14 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-02-28 18:45:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-02-28 18:45:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-02-28 18:44:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-02-28 18:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-02-28 18:44:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-02-28 18:44:34 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2011-02-28 18:44:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-02-28 18:44:04 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-02-28 18:43:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-02-28 18:43:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-02-28 18:43:44 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-02-28 18:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-02-28 18:43:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-02-28 18:43:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-02-28 18:43:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-28 18:43:10 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-02-28 18:43:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-02-28 18:42:57 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-02-28 18:42:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-02-28 18:42:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-02-28 18:42:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-02-28 18:42:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-28 18:42:15 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-02-28 18:42:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2011-02-28 18:42:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-02-28 18:41:55 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-02-28 18:41:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-02-28 18:41:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-02-28 18:41:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-02-28 18:41:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-02-28 18:41:19 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-02-28 18:41:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-02-28 18:41:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-02-28 18:40:59 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2011-02-28 18:40:42 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-02-28 18:40:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-02-28 18:39:02 ----A---- C:\WINDOWS\system32\MRT.exe
2011-02-28 18:38:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-02-28 18:38:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2011-02-28 18:37:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-02-28 18:37:44 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-02-28 18:37:39 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-02-28 18:37:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-02-28 18:37:27 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-02-28 18:37:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-28 18:37:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-02-28 18:37:07 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-02-28 18:37:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-02-28 18:36:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-02-28 18:36:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-02-28 18:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2011-02-28 18:36:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2011-02-28 18:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-02-28 18:36:14 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-02-28 18:36:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-02-28 18:36:03 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-02-28 18:35:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-02-28 18:35:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-02-28 18:35:40 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-02-28 18:35:34 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-02-28 18:35:28 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-02-28 18:35:22 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-02-28 18:35:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2482017$
2011-02-28 18:35:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-02-28 18:34:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-02-28 18:34:50 ----D---- C:\Program Files\MSXML 4.0
2011-02-28 18:34:40 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-02-28 18:34:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-28 18:34:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-02-28 18:34:19 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-02-28 18:34:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2011-02-28 18:34:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-02-28 18:34:00 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-02-28 18:33:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-02-28 18:33:51 ----A---- C:\WINDOWS\imsins.BAK
2011-02-28 18:33:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-02-28 18:23:08 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2011-02-28 18:07:44 ----N---- C:\WINDOWS\system32\browserchoice.exe
2011-02-28 17:46:46 ----D---- C:\Documents and Settings\Ivo\Data aplikací\Malwarebytes
2011-02-28 17:46:43 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-02-28 17:46:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-02-28 17:46:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-02-28 17:46:39 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-02-28 17:34:53 ----D---- C:\Program Files\CCleaner
2011-02-28 17:29:12 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2011-02-28 17:25:06 ----A---- C:\WINDOWS\system32\drivers\mod7700.sys
2011-02-28 17:25:06 ----A---- C:\WINDOWS\system32\drivers\ewusbnet.sys
2011-02-28 17:25:06 ----A---- C:\WINDOWS\system32\drivers\ewusbmdm.sys
2011-02-28 17:25:06 ----A---- C:\WINDOWS\system32\drivers\ewdcsc.sys
2011-02-28 17:24:27 ----D---- C:\Program Files\O2 Mobilni internet
2011-02-28 16:18:09 ----D---- C:\Program Files\trend micro
2011-02-28 16:18:08 ----D---- C:\rsit
======List of files/folders modified in the last 1 months======
2011-02-28 19:13:15 ----D---- C:\WINDOWS\system32
2011-02-28 19:12:17 ----D---- C:\WINDOWS\Temp
2011-02-28 19:08:56 ----D---- C:\WINDOWS\system32\drivers
2011-02-28 19:08:49 ----SHD---- C:\WINDOWS\Installer
2011-02-28 19:08:48 ----D---- C:\WINDOWS\WinSxS
2011-02-28 19:08:40 ----D---- C:\WINDOWS
2011-02-28 19:08:33 ----RD---- C:\Program Files
2011-02-28 19:04:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-28 18:53:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-02-28 18:48:47 ----HD---- C:\WINDOWS\inf
2011-02-28 18:48:46 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-28 18:48:25 ----D---- C:\WINDOWS\system32\wbem
2011-02-28 18:48:25 ----D---- C:\WINDOWS\AppPatch
2011-02-28 18:48:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-28 18:47:09 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-28 18:46:52 ----D---- C:\Program Files\Messenger
2011-02-28 18:36:10 ----D---- C:\Program Files\Outlook Express
2011-02-28 18:35:44 ----D---- C:\Program Files\Movie Maker
2011-02-28 18:15:37 ----D---- C:\WINDOWS\Prefetch
2011-02-28 17:39:02 ----SD---- C:\WINDOWS\Tasks
2011-02-28 17:36:00 ----D---- C:\Documents and Settings\Ivo\Data aplikací\Winamp
2011-02-28 17:35:40 ----D---- C:\WINDOWS\Debug
2011-02-05 14:46:25 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-10-27 721904]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2009-04-01 19200]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-06-03 1570240]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS []
R3 GUCI_AVS;ASUS USB2.0 UVC VGA WebCam; C:\WINDOWS\system32\DRIVERS\GUCI_AVS.sys [2009-02-27 591744]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-03-30 5063168]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-17 7680]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-01-22 120064]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2009-04-01 324608]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 AmUStor;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2009-05-08 25600]
S3 axwsq8i5;axwsq8i5; C:\WINDOWS\system32\drivers\axwsq8i5.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-05-09 603904]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-11-01 133104]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-05-09 360192]
-----------------EOF-----------------
Re: Prosim o kontrolu logu - podezreni na vir
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
- Provedte aktualizaci - treti zalozka
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosim o kontrolu logu - podezreni na vir
MBAM nic nenasel - viz log:
¨Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 5905
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
28.2.2011 19:53:05
mbam-log-2011-02-28 (19-53-05).txt
Typ kontroly: Rychlý test
Testované objekty: 131266
Uplynulý čas: 4 minut, 8 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
¨Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 5905
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512
28.2.2011 19:53:05
mbam-log-2011-02-28 (19-53-05).txt
Typ kontroly: Rychlý test
Testované objekty: 131266
Uplynulý čas: 4 minut, 8 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Re: Prosim o kontrolu logu - podezreni na vir
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Stahnete WinSockXPFix a aplikujte http://vyosek.ic.cz/pro_usery/winsockxpfix.exe - utilita restartuje protokol TCP\IP, pokud mate parametry pripojeni nastavene rucne, bude treba je nastavit dle smlouvy od poskytovatele - vizte navod kolegyne
Eithne píše: Klepněte na Start -> Ovládací Panely -> Sítová připojení -> Připojení k místní síti a pravým tlačítkem na Vlastnosti. Vyhledejte položku Protokol sítě Internet (TCP/IP) a poklepejte na ni. Tady musíte po zaškrtnutí políček Použít následující adresu IP a Použít následující adresy serverů DNS vyplnit dva údaje, a to, IP adresu a adresu DNS serveru.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?