Re: Kontrola logu
Napsal: 29 úno 2012 21:49
Zkusila jsem znovu restartovat počítač, výstraha se opět objevila. Počkala jsem cca 5 min, jestli se Defender nezapne sám, ale nic. Musela jsem ho zapnout sama.
Stránka 2 z 2
Re: Kontrola logu
Napsal: 29 úno 2012 21:53
Dejte mi sem prosim novy log z RSIT, mrknem, jestli je tam nastavene jeho zapnuti
Re: Kontrola logu
Napsal: 29 úno 2012 22:11
Logfile of random's system information tool 1.09 (written by random/random)
Run by oem at 2012-02-29 21:56:10
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 39 GB (51%) free of 76 GB
Total RAM: 1023 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:57:06, on 29.2.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\ctfmon.exe
C:\Users\oem\Downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\oem.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
--
End of file - 3599 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\r9trdojd.default
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, personas@christopher.beard:1.6.2, LG_LexFox_v2@lingea.com:1.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{3112ca9c-de6d-4884-a869-9855de68056c}"=C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\r9trdojd.default\extensions\
LG_LexFox_v2@lingea.com
personas@christopher.beard
{20a82645-c095-46ed-80e3-08825760534b}
C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\r9trdojd.default\searchplugins\
askcom.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-02-23 998560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-02-28 342128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-02-23 998560]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-02-28 342128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2008-12-04 665424]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-02-23 4031368]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=153
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=i263_32.drv
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"msacm.iac2"=C:\Windows\system32\iac25_32.ax
"msacm.g723"=
"vidc.I263"=I263_32.drv
"VIDC.IV41"=ir41_32.ax
"vidc.iv50"=ir50_32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-02-29 21:56:10 ----D---- C:\rsit
2012-02-29 19:58:27 ----SHD---- C:\$RECYCLE.BIN
2012-02-29 19:49:04 ----D---- C:\Windows\temp
2012-02-29 17:44:54 ----D---- C:\Windows\ERDNT
2012-02-29 10:44:12 ----D---- C:\Program Files\trend micro
2012-02-29 08:51:29 ----AD---- C:\Windows\VDLL.DLL
2012-02-29 08:51:29 ----AD---- C:\Windows\system32\runouce.exe
2012-02-29 08:51:29 ----AD---- C:\Windows\rundll16.exe
2012-02-29 08:51:29 ----AD---- C:\Windows\RUNDL132.EXE
2012-02-29 08:51:29 ----AD---- C:\Windows\logo1_.exe
2012-02-29 08:51:29 ----AD---- C:\Windows\logo_1.exe
2012-02-29 08:46:41 ----A---- C:\Windows\system32\msvcr80.dll
2012-02-29 08:46:40 ----A---- C:\Windows\system32\msvcp80.dll
2012-02-29 08:46:38 ----A---- C:\Windows\system32\msvcp90.dll
2012-02-29 08:46:37 ----A---- C:\Windows\system32\msvcr90.dll
2012-02-29 08:46:36 ----A---- C:\Windows\system32\eEmpty.exe
2012-02-29 08:46:27 ----D---- C:\Program Files\Common Files\MicroWorld
2012-02-29 08:45:26 ----D---- C:\ProgramData\MicroWorld
2012-02-29 08:36:48 ----D---- C:\Users\oem\AppData\Roaming\Download Manager
2012-02-28 13:47:19 ----ASH---- C:\hiberfil.sys
2012-02-28 11:53:57 ----D---- C:\Program Files\Google
2012-02-28 11:51:24 ----D---- C:\Program Files\Common Files\Adobe
======List of files/folders modified in the last 1 month======
2012-02-29 21:18:29 ----D---- C:\Windows\Minidump
2012-02-29 21:18:29 ----D---- C:\Windows
2012-02-29 20:54:41 ----D---- C:\Windows\system32\drivers
2012-02-29 20:06:13 ----D---- C:\Windows\Microsoft.NET
2012-02-29 19:52:21 ----A---- C:\Windows\system.ini
2012-02-29 19:51:45 ----D---- C:\Windows\system32\drivers\etc
2012-02-29 19:40:55 ----D---- C:\Windows\System32
2012-02-29 19:40:55 ----D---- C:\Windows\AppPatch
2012-02-29 19:40:48 ----D---- C:\Program Files\Common Files
2012-02-29 18:10:50 ----D---- C:\Windows\system32\catroot2
2012-02-29 18:07:22 ----D---- C:\Windows\system32\config
2012-02-29 18:04:53 ----RD---- C:\Program Files
2012-02-29 16:54:25 ----D---- C:\Windows\Tasks
2012-02-29 16:54:24 ----SHD---- C:\Windows\Installer
2012-02-29 16:54:22 ----SD---- C:\Windows\Downloaded Program Files
2012-02-29 14:04:36 ----SHD---- C:\System Volume Information
2012-02-29 08:45:28 ----A---- C:\Windows\win.ini
2012-02-29 08:45:26 ----D---- C:\ProgramData
2012-02-29 00:51:01 ----RSD---- C:\Windows\assembly
2012-02-28 21:45:12 ----D---- C:\Windows\Prefetch
2012-02-28 13:32:23 ----A---- C:\Windows\ntbtlog.txt
2012-02-28 11:55:20 ----D---- C:\Windows\system32\Tasks
2012-02-28 11:55:12 ----SD---- C:\Users\oem\AppData\Roaming\Microsoft
2012-02-28 11:55:11 ----D---- C:\Users\oem\AppData\Roaming\Adobe
2012-02-28 11:53:57 ----D---- C:\ProgramData\Google
2012-02-28 11:51:40 ----D---- C:\ProgramData\Adobe
2012-02-28 11:51:24 ----D---- C:\Program Files\Adobe
2012-02-28 11:11:38 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-26 20:12:39 ----D---- C:\Program Files\LG PC Suite II
2012-02-25 09:22:19 ----D---- C:\Program Files\Mozilla Firefox
2012-02-24 17:14:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-02-23 17:23:21 ----A---- C:\Windows\system32\aswBoot.exe
2012-02-16 07:19:17 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-16 05:41:46 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2012-02-23 35672]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-02-23 610648]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-02-23 337112]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-02-23 53848]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-02-23 20696]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-02-23 57688]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-18 4172832]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2011-01-27 15664]
R3 nv;nv; C:\Windows\system32\DRIVERS\nv4_mini.sys [2006-11-02 1897664]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2011-10-13 23456]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 VIAudio;Zvukový ovladač VIA AC'97; C:\Windows\system32\drivers\ac97via.sys [2006-11-02 68096]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-02-23 44768]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Run by oem at 2012-02-29 21:56:10
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 39 GB (51%) free of 76 GB
Total RAM: 1023 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:57:06, on 29.2.2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\ctfmon.exe
C:\Users\oem\Downloads\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\oem.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [EEventManager] C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
--
End of file - 3599 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\r9trdojd.default
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, personas@christopher.beard:1.6.2, LG_LexFox_v2@lingea.com:1.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{3112ca9c-de6d-4884-a869-9855de68056c}"=C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml
C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\r9trdojd.default\extensions\
LG_LexFox_v2@lingea.com
personas@christopher.beard
{20a82645-c095-46ed-80e3-08825760534b}
C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\r9trdojd.default\searchplugins\
askcom.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-02-23 998560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-02-28 342128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-02-23 998560]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-02-28 342128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EEventManager"=C:\PROGRA~1\EPSONS~1\EVENTM~1\EEventManager.exe [2008-12-04 665424]
"avast"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-02-23 4031368]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=153
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=i263_32.drv
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"msacm.iac2"=C:\Windows\system32\iac25_32.ax
"msacm.g723"=
"vidc.I263"=I263_32.drv
"VIDC.IV41"=ir41_32.ax
"vidc.iv50"=ir50_32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2012-02-29 21:56:10 ----D---- C:\rsit
2012-02-29 19:58:27 ----SHD---- C:\$RECYCLE.BIN
2012-02-29 19:49:04 ----D---- C:\Windows\temp
2012-02-29 17:44:54 ----D---- C:\Windows\ERDNT
2012-02-29 10:44:12 ----D---- C:\Program Files\trend micro
2012-02-29 08:51:29 ----AD---- C:\Windows\VDLL.DLL
2012-02-29 08:51:29 ----AD---- C:\Windows\system32\runouce.exe
2012-02-29 08:51:29 ----AD---- C:\Windows\rundll16.exe
2012-02-29 08:51:29 ----AD---- C:\Windows\RUNDL132.EXE
2012-02-29 08:51:29 ----AD---- C:\Windows\logo1_.exe
2012-02-29 08:51:29 ----AD---- C:\Windows\logo_1.exe
2012-02-29 08:46:41 ----A---- C:\Windows\system32\msvcr80.dll
2012-02-29 08:46:40 ----A---- C:\Windows\system32\msvcp80.dll
2012-02-29 08:46:38 ----A---- C:\Windows\system32\msvcp90.dll
2012-02-29 08:46:37 ----A---- C:\Windows\system32\msvcr90.dll
2012-02-29 08:46:36 ----A---- C:\Windows\system32\eEmpty.exe
2012-02-29 08:46:27 ----D---- C:\Program Files\Common Files\MicroWorld
2012-02-29 08:45:26 ----D---- C:\ProgramData\MicroWorld
2012-02-29 08:36:48 ----D---- C:\Users\oem\AppData\Roaming\Download Manager
2012-02-28 13:47:19 ----ASH---- C:\hiberfil.sys
2012-02-28 11:53:57 ----D---- C:\Program Files\Google
2012-02-28 11:51:24 ----D---- C:\Program Files\Common Files\Adobe
======List of files/folders modified in the last 1 month======
2012-02-29 21:18:29 ----D---- C:\Windows\Minidump
2012-02-29 21:18:29 ----D---- C:\Windows
2012-02-29 20:54:41 ----D---- C:\Windows\system32\drivers
2012-02-29 20:06:13 ----D---- C:\Windows\Microsoft.NET
2012-02-29 19:52:21 ----A---- C:\Windows\system.ini
2012-02-29 19:51:45 ----D---- C:\Windows\system32\drivers\etc
2012-02-29 19:40:55 ----D---- C:\Windows\System32
2012-02-29 19:40:55 ----D---- C:\Windows\AppPatch
2012-02-29 19:40:48 ----D---- C:\Program Files\Common Files
2012-02-29 18:10:50 ----D---- C:\Windows\system32\catroot2
2012-02-29 18:07:22 ----D---- C:\Windows\system32\config
2012-02-29 18:04:53 ----RD---- C:\Program Files
2012-02-29 16:54:25 ----D---- C:\Windows\Tasks
2012-02-29 16:54:24 ----SHD---- C:\Windows\Installer
2012-02-29 16:54:22 ----SD---- C:\Windows\Downloaded Program Files
2012-02-29 14:04:36 ----SHD---- C:\System Volume Information
2012-02-29 08:45:28 ----A---- C:\Windows\win.ini
2012-02-29 08:45:26 ----D---- C:\ProgramData
2012-02-29 00:51:01 ----RSD---- C:\Windows\assembly
2012-02-28 21:45:12 ----D---- C:\Windows\Prefetch
2012-02-28 13:32:23 ----A---- C:\Windows\ntbtlog.txt
2012-02-28 11:55:20 ----D---- C:\Windows\system32\Tasks
2012-02-28 11:55:12 ----SD---- C:\Users\oem\AppData\Roaming\Microsoft
2012-02-28 11:55:11 ----D---- C:\Users\oem\AppData\Roaming\Adobe
2012-02-28 11:53:57 ----D---- C:\ProgramData\Google
2012-02-28 11:51:40 ----D---- C:\ProgramData\Adobe
2012-02-28 11:51:24 ----D---- C:\Program Files\Adobe
2012-02-28 11:11:38 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-26 20:12:39 ----D---- C:\Program Files\LG PC Suite II
2012-02-25 09:22:19 ----D---- C:\Program Files\Mozilla Firefox
2012-02-24 17:14:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-02-23 17:23:21 ----A---- C:\Windows\system32\aswBoot.exe
2012-02-16 07:19:17 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-16 05:41:46 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2012-02-23 35672]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-02-23 610648]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-02-23 337112]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-02-23 53848]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-02-23 20696]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-02-23 57688]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-18 4172832]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2011-01-27 15664]
R3 nv;nv; C:\Windows\system32\DRIVERS\nv4_mini.sys [2006-11-02 1897664]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 DrvAgent32;DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [2011-10-13 23456]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 VIAudio;Zvukový ovladač VIA AC'97; C:\Windows\system32\drivers\ac97via.sys [2006-11-02 68096]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-02-23 44768]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Re: Kontrola logu
Napsal: 29 úno 2012 22:14
No jo, neni tam 
Otevrete si poznamkovy blok
- Start->spustit->notepad
- Vlozte text nize
Kód: Vybrat vše
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe"- Soubor ulozte jako oprava.reg
- Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
- Zavrit notepad a spustit dvojklikem oprava.reg
- Pripadny dotaz na zmenu registru potvrdte
- Okno jen problikne a opravi regsitry - soubor muzete smazat
Restart PC a napiste ci se nam Defender spustilRe: Kontrola logu
Napsal: 29 úno 2012 22:30
Defender se sám nespustil.
Re: Kontrola logu
Napsal: 29 úno 2012 22:35
Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
- Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
services.msc- Kliknete na OK
- Najdete sluzby nize
- Windows Defender
- U sluzby provedte toto
- Klik na ni pravym mysidlem a zvolit Vlastnosti
- Typ spousteni nastavit na Automaticky (Zpozdene spusteni)
- Potvrdte kliknutim na OK
Restart a doufam ze napisete lepsi zpravu nez minule 
Re: Kontrola logu
Napsal: 29 úno 2012 22:57
Po restartu se sice znovu objevila výstraha, ale za pár vteřin se Defender zapnul sám. Nicméně ve Vlastnostech Defenderu jsem jako typ spouštění vybrala Automaticky, protože když jsem chtěla dát Automaticky (Zpožděné spuštění) tak se objevila zpráva: Příznak Automatického zpožděného spuštění nelze nastavit. Chyba 87: Parametr není správný.
Ale opět doufám, že to není nic vážného
Ale opět doufám, že to není nic vážného
Re: Kontrola logu
Napsal: 01 bře 2012 17:23
Pokud se Defender spousti tak OK A co jsme tedy delali 
- RSIT je jen takovy povrchovy skener, umi ledacos ukazat ale neda se pres nej havet mazat
- Takze jsme pouzili OTL, coz je dukladnejsi skener a pak umi i mazat, coz jsme udelali
- Byla tam havet typu adware\spyware Akamai - hodne vytezuje procesor a posila nejaka data - pry informacni o tom co vyuzivate atd a co byste mohla potrebovat - podle toho co hledate - takze pryc s nim - co je komu po tom
- ComboFix je velmi silny nastroj na odstranovani haveti - je velmi casto aktualizovan - i nekolikrat denne - a maze nam co do nej zadame + ma databazi zname haveti - to tvorime my radci, takze je to takovy nastroj nas radcu. Je vsak velmi silny a obcas smazne co nema, proto je treba jej pouzivat jen na doporuceni nekoho kdo s nim umi, aby mohl pripadne skody vratit zpatky
- Pres skript pro ComboFix jsme tak domazali jeste nejake pozustatky toho Akamai
- No a pak nasledoval uklid po utilitach - odinstalace CF; OTC+TCleaner uklidili po OTL a jeste zbytecky po CF
- TFC a CCleaner zas uklidili docasne slozky a procistili neplatne zaznamy v registru
- No a na zaver jsme opravili ten Defender - opravili typ jeho spousteni a pres ten reg soubor zadali at se spousti po startu
- Tot tedy vse, doufam ze jste s pomoci spokojena a predpokladam ze jste se zas neco noveho naucila a ted i trochu pochopila co ze se to vlastne delalo
Re: Kontrola logu
Napsal: 01 bře 2012 18:21
Spokojená jsem moc. Odvádíte tady na fóru skvělou práci
Děkuji za pomoc s likvidací té havěti, za zkušenost i za nové poznatky, které se mi budou někdy v budoucnu určitě hodit
Děkuji za pomoc s likvidací té havěti, za zkušenost i za nové poznatky, které se mi budou někdy v budoucnu určitě hodit
Re: Kontrola logu
Napsal: 01 bře 2012 18:53
Nemate zac, rad jsem pomohl 
Zase nekdy 
A na rozloucenou vam zahraje nase kapela
Zase nekdy A na rozloucenou vam zahraje nase kapela
Re: Kontrola logu
Napsal: 01 bře 2012 19:30
Skvělé!!! 
Nashledanou
Nashledanou
Re: Kontrola logu
Napsal: 01 bře 2012 19:37
Navidenou, doufam ze snad jen v sekci preventivek a jen na preventivku