Prosím o kontrolu, nikdo neví co tam je

[Lavinian]

log z RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by admin at 2011-04-30 17:53:49
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 49 GB (60%) free of 82 GB
Total RAM: 1015 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:54:06, on 30.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\admin\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60049
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [ETDWareDetect] C:\Program Files\Elantech\ETDDect.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O4 - Startup: SuperHybridEngine.lnk = C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
O4 - Global Startup: Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
O4 - Global Startup: SuperHybridEngine.lnk = C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 5289 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Game_Booster_Startup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-03-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-03-21 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-31 16806912]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2008-09-03 335872]
"ETDWareDetect"=C:\Program Files\Elantech\ETDDect.exe [2008-08-22 204800]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-09-02 106496]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-09-02 593920]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2008-05-21 94208]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-04-18 3460784]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-15 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-15 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-15 131072]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
SuperHybridEngine.lnk - C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
SuperHybridEngine.lnk - C:\Program Files\Asus\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Metin2_CZ\metin2.bin"="C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Metin2_CZ\metin2client.bin"="C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client"
"C:\Documents and Settings\admin\Plocha\Metin2\SindicateM2\metin2client.bin"="C:\Documents and Settings\admin\Plocha\Metin2\SindicateM2\metin2client.bin:*:Enabled:metin2client"
"C:\KaM The Peasants Rebellion\KM_TPR.exe"="C:\KaM The Peasants Rebellion\KM_TPR.exe:*:Disabled:KM_TPR"
"C:\Program Files\racer0655\racer.exe"="C:\Program Files\racer0655\racer.exe:*:Disabled:racer"
"C:\Program Files\TmUnitedForever\TmForever.exe"="C:\Program Files\TmUnitedForever\TmForever.exe:*:Disabled:TmForever"
"D:\GMOD\[PSY] Garrys Mod 11(1.o.o.5)\hl2.exe"="D:\GMOD\[PSY] Garrys Mod 11(1.o.o.5)\hl2.exe:*:Disabled:hl2"
"C:\Documents and Settings\admin\Local Settings\Temp\Blizzard Installer Bootstrap - 062296cd\Installer.exe"="C:\Documents and Settings\admin\Local Settings\Temp\Blizzard Installer Bootstrap - 062296cd\Installer.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Gothic III\Gothic3.exe"="C:\Program Files\Gothic III\Gothic3.exe:*:Enabled:Genome Gaming System"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.3.0.10958-enGB-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0.10192-to-3.3.0.10958-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\World of Warcraft\Launcher.exe"="C:\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Playlogic\World Racing 2 Demo\WR2_PC.exe"="C:\Program Files\Playlogic\World Racing 2 Demo\WR2_PC.exe:*:Enabled:WR2_PC Application"
"C:\Program Files\TDK\World Racing Demo\mbwr_pc.exe"="C:\Program Files\TDK\World Racing Demo\mbwr_pc.exe:*:Enabled:mbwr_pc"
"C:\Program Files\TDK\World Racing Demo\mbwr_pc_MX.exe"="C:\Program Files\TDK\World Racing Demo\mbwr_pc_MX.exe:*:Enabled:mbwr_pc"
"C:\Documents and Settings\admin\Local Settings\Temp\Blizzard Installer Bootstrap - 00077caf\Installer.exe"="C:\Documents and Settings\admin\Local Settings\Temp\Blizzard Installer Bootstrap - 00077caf\Installer.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\VDrift\vdrift.exe"="C:\Program Files\VDrift\vdrift.exe:*:Enabled:vdrift"
"C:\Program Files\Ferrari Virtual Race\FerrariVR_Low.exe"="C:\Program Files\Ferrari Virtual Race\FerrariVR_Low.exe:*:Disabled:FerrariVR Executable"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Disabled:Half-Life Launcher"
"D:\[psy] Counter-Strike Source\hl2.exe"="D:\[psy] Counter-Strike Source\hl2.exe:*:Disabled:hl2"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Disabled:hl2"
"C:\Documents and Settings\admin\Dokumenty\Stažené soubory\racer\racer.exe"="C:\Documents and Settings\admin\Dokumenty\Stažené soubory\racer\racer.exe:*:Disabled:racer"
"C:\Documents and Settings\admin\Dokumenty\Stažené soubory\racer\racer_nocg.exe"="C:\Documents and Settings\admin\Dokumenty\Stažené soubory\racer\racer_nocg.exe:*:Disabled:racer_nocg"
"C:\Program Files\Unigine\Tropics\Unigine.exe"="C:\Program Files\Unigine\Tropics\Unigine.exe:*:Disabled:Unigine Engine"
"C:\Program Files\Crazy Animals\Unlimited Racer\Unlimited Racer.exe"="C:\Program Files\Crazy Animals\Unlimited Racer\Unlimited Racer.exe:*:Disabled:Unlimited Racer"
"C:\Program Files\Vsk5Online\Vsk5Online.exe"="C:\Program Files\Vsk5Online\Vsk5Online.exe:*:Disabled:Vsk5Online"
"C:\Program Files\Xtreme Moped Racing\Xtreme Moped Racing.exe"="C:\Program Files\Xtreme Moped Racing\Xtreme Moped Racing.exe:*:Disabled:Xtreme Moped Racing"
"D:\Need for Speed Underground 2\Need For Speed Underground 2.exe"="D:\Need for Speed Underground 2\Need For Speed Underground 2.exe:*:Disabled:Need For Speed Underground 2"
"D:\Game\hl2.exe"="D:\Game\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Beatgames\GSR-HH\GSR HH.exe"="C:\Program Files\Beatgames\GSR-HH\GSR HH.exe:*:Enabled:GSR HH"
"C:\Program Files\Xider\EsR DEMO\ESR DEMO.exe"="C:\Program Files\Xider\EsR DEMO\ESR DEMO.exe:*:Enabled:ESR DEMO"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Documents and Settings\admin\Plocha\Test games\racer\racer_nocg.exe"="C:\Documents and Settings\admin\Plocha\Test games\racer\racer_nocg.exe:*:Enabled:racer_nocg"
"C:\Documents and Settings\admin\Plocha\Test games\racer\racer.exe"="C:\Documents and Settings\admin\Plocha\Test games\racer\racer.exe:*:Enabled:racer"
"D:\racer\racer_nocg.exe"="D:\racer\racer_nocg.exe:*:Enabled:racer_nocg"
"D:\racer\racer.exe"="D:\racer\racer.exe:*:Enabled:racer"
"C:\SIMS\RACER\racer.exe"="C:\SIMS\RACER\racer.exe:*:Enabled:racer"
"C:\Documents and Settings\admin\Plocha\Metin2\Sindicate\client.bin"="C:\Documents and Settings\admin\Plocha\Metin2\Sindicate\client.bin:*:Enabled:client"
"D:\Games\Extreme Racers\Extreme Racers.exe"="D:\Games\Extreme Racers\Extreme Racers.exe:*:Enabled:Cipher Game Engine"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 1 months======

2013-08-26 00:27:58 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2013-08-26 00:27:58 ----A---- C:\WINDOWS\SkyTel.exe
2013-08-26 00:27:58 ----A---- C:\WINDOWS\RtlUpd.exe
2013-08-26 00:27:57 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2013-08-26 00:27:57 ----A---- C:\WINDOWS\RTLCPL.EXE
2013-08-26 00:27:55 ----A---- C:\WINDOWS\RTHDCPL.EXE
2013-08-26 00:27:55 ----A---- C:\WINDOWS\MicCal.exe
2013-08-26 00:27:54 ----D---- C:\Program Files\Realtek
2013-08-26 00:27:54 ----A---- C:\WINDOWS\ALCWZRD.EXE
2013-08-26 00:27:54 ----A---- C:\WINDOWS\ALCMTR.EXE
2013-08-26 00:27:39 ----A---- C:\WINDOWS\RtlExUpd.dll
2013-08-17 22:22:50 ----A---- C:\WINDOWS\system32\DetectDevice.txt
2013-08-12 00:14:29 ----A---- C:\WINDOWS\system32\wmpns.dll
2013-08-12 00:13:05 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2013-08-12 00:13:02 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2013-08-12 00:13:01 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2013-08-12 00:12:59 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2013-08-12 00:12:57 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2013-08-12 00:12:55 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2013-08-12 00:12:53 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2013-08-12 00:12:48 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2013-08-12 00:12:48 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys
2013-08-12 00:12:46 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2012-09-18 10:11:00 ----A---- C:\WINDOWS\system32\drivers\btwusb.sys
2012-09-18 10:11:00 ----A---- C:\WINDOWS\system32\drivers\btwdndis.sys
2012-09-18 10:11:00 ----A---- C:\WINDOWS\system32\btw_ci.dll
2012-09-18 10:10:59 ----A---- C:\WINDOWS\system32\drivers\btport.sys
2012-09-18 10:10:59 ----A---- C:\WINDOWS\system32\drivers\btkrnl.sys
2012-09-18 10:10:59 ----A---- C:\WINDOWS\system32\drivers\btaudio.sys
2012-09-18 10:10:54 ----D---- C:\Program Files\WIDCOMM
2011-09-11 17:59:53 ----D---- C:\Program Files\EeePC
2011-09-11 17:59:53 ----A---- C:\WINDOWS\system32\drivers\ASUSACPI.SYS
2011-09-11 17:17:29 ----D---- C:\Program Files\Elantech
2011-04-30 17:53:49 ----D---- C:\rsit
2011-04-25 22:20:45 ----A---- C:\WINDOWS\iun6002.exe
2011-04-25 22:20:34 ----D---- C:\Program Files\Codec Pack - All In 1
2011-04-25 22:19:32 ----A---- C:\WINDOWS\Codec Pack - All In 1 Setup Log.txt
2011-04-15 17:41:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-04-15 17:41:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2011-04-15 17:41:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-15 17:40:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-15 17:36:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-15 17:35:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-15 17:35:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-15 17:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2497640$
2011-04-15 17:35:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-15 17:34:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-15 17:34:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-15 17:31:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-10 13:44:58 ----D---- C:\Documents and Settings\admin\Data aplikací\stuntrally
2011-04-02 21:19:58 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-04-02 14:52:24 ----D---- C:\Program Files\GMABooster
2011-03-31 09:35:02 ----D---- C:\dir

======List of files/folders modified in the last 1 months======

2013-08-26 00:28:10 ----D---- C:\WINDOWS\system32\RTCOM
2013-08-26 00:27:39 ----A---- C:\WINDOWS\HideWin.exe
2012-09-18 11:32:30 ----D---- C:\WINDOWS\repair
2012-09-18 10:18:16 ----A---- C:\WINDOWS\oemver.txt
2011-04-30 17:53:56 ----D---- C:\Program Files\trend micro
2011-04-30 17:53:39 ----D---- C:\WINDOWS\Prefetch
2011-04-30 14:39:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\TrackMania
2011-04-30 14:11:35 ----D---- C:\LFS
2011-04-30 14:05:01 ----D---- C:\WINDOWS\Temp
2011-04-30 10:43:42 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-29 21:56:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-29 21:54:15 ----D---- C:\WINDOWS\Debug
2011-04-29 20:06:53 ----D---- C:\Program Files\Mozilla Firefox
2011-04-29 18:17:36 ----D---- C:\WINDOWS\system32
2011-04-29 18:17:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-25 22:20:45 ----D---- C:\WINDOWS
2011-04-25 22:20:34 ----RD---- C:\Program Files
2011-04-21 10:00:46 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-19 21:25:06 ----A---- C:\WINDOWS\cncscore.ini
2011-04-18 19:25:10 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-04-18 15:46:44 ----A---- C:\WINDOWS\system32\MRT.exe
2011-04-17 12:11:02 ----SHD---- C:\WINDOWS\Installer
2011-04-17 12:11:02 ----D---- C:\Config.Msi
2011-04-15 17:53:48 ----D---- C:\WINDOWS\Microsoft.NET
2011-04-15 17:53:34 ----RSD---- C:\WINDOWS\assembly
2011-04-15 17:41:55 ----HD---- C:\WINDOWS\inf
2011-04-15 17:41:38 ----HD---- C:\WINDOWS\$hf_mig$
2011-04-15 17:41:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-15 17:41:00 ----D---- C:\WINDOWS\WinSxS
2011-04-15 17:35:04 ----D---- C:\WINDOWS\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-05-13 111808]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-09 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-04-18 30680]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-04-18 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-04-18 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-04-18 307288]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-04-18 49240]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files\HWiNFO32\HWiNFO32.SYS []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-05-13 79488]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-04-18 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-04-18 102488]
R2 cpuz135;cpuz135; \??\C:\WINDOWS\system32\drivers\cpuz135_x32.sys []
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-08-19 991656]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-12 4751360]
R3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-08-25 26112]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2008-03-28 625024]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 ahqftmmp;ahqftmmp; C:\WINDOWS\system32\drivers\ahqftmmp.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-03 546976]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-05-30 534568]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-24 156816]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-08-19 47272]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cpuz130;cpuz130; \??\C:\DOCUME~1\admin\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 jfdcd;jfdcd; \??\C:\DOCUME~1\admin\LOCALS~1\Temp\jfdcd.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2004-02-03 32768]
S3 PortTalk;PortTalk; C:\WINDOWS\System32\Drivers\PortTalk.sys [2009-01-18 3567]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-04-18 42184]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-09-02 346720]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-03-21 153376]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2004-02-03 86016]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Hezké odpoledne .
Ani já nemám věšteckou kouli , takže nevím, co Váš počítač trápí?

[Lavinian]

Nic netrápí, jenom preventivní kontrola. Ale třeba tam něco bude.

[motji]

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[Lavinian]

nebude mazat co
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6479

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

30.4.2011 20:16:14
mbam-log-2011-04-30 (20-16-14).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 209692
Uplynulý čas: 39 minut, 18 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[motji]

start-spustit
- do okénka napište
sc delete jfdcd
enter

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.



Nemáte firewall,k čemu je užitečný se dozvíte zde http://www.viry.cz/forum/viewtopic.php?f=41&t=20980


Pokud nejsou problémy, je to vše