Prosím o kontrolu logu-zpomaleni

[deni96]

Logfile of random's system information tool 1.08 (written by random/random)
Run by xxx at 2010-08-15 19:40:46
Microsoft Windows 7 Ultimate
System drive C: has 127 GB (58%) free of 220 GB
Total RAM: 3327 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:41:15, on 15.8.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Users\xxx\Desktop\RSIT.exe
C:\Program Files\trend micro\xxx.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odebírat RSS/Podcast pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_rss.htm
O8 - Extra context menu item: Přidat stránku do DownloadStudio obrázkového alba... - C:\Program Files\Conceiva\DownloadStudio\ds_snap.htm
O8 - Extra context menu item: Stáhnout obrázek pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_img.htm
O8 - Extra context menu item: Stáhnout odkaz pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_file.htm
O8 - Extra context menu item: Stáhnout stránku pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_all.htm
O8 - Extra context menu item: Stáhnout video pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_video.htm
O8 - Extra context menu item: Stáhnout výběr pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_sel.htm
O8 - Extra context menu item: Zobrazit odkazy stránky pomocí DownloadStudia... - C:\Program Files\Conceiva\DownloadStudio\ds_link.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe

--
End of file - 6382 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GlaryInitialize.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-11 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 1505144]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-07-02 2202704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-10-06 7772704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\FlashFXP\FlashFXP.exe"="C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3"

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-08-15 19:40:46 ----DC---- C:\rsit
2010-08-15 19:20:46 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-08-15 19:20:45 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-08-15 19:20:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-15 18:54:50 ----DC---- C:\UCTO2010
2010-08-15 18:54:50 ----AC---- C:\DeQuarantine.txt
2010-08-15 18:53:26 ----SDC---- C:\ComboFix
2010-08-15 18:53:10 ----A---- C:\Windows\SWXCACLS.exe
2010-08-15 18:53:06 ----DC---- C:\32788R22FWJFW
2010-08-15 18:47:53 ----SHDC---- C:\$RECYCLE.BIN
2010-08-15 17:34:05 ----A---- C:\Windows\zip.exe
2010-08-15 17:34:05 ----A---- C:\Windows\SWSC.exe
2010-08-15 17:34:05 ----A---- C:\Windows\SWREG.exe
2010-08-15 17:34:05 ----A---- C:\Windows\sed.exe
2010-08-15 17:34:05 ----A---- C:\Windows\PEV.exe
2010-08-15 17:34:05 ----A---- C:\Windows\MBR.exe
2010-08-15 17:34:05 ----A---- C:\Windows\grep.exe
2010-08-15 17:33:57 ----D---- C:\Windows\ERDNT
2010-08-15 17:30:37 ----DC---- C:\Qoobox
2010-08-13 20:15:44 ----A---- C:\Windows\libem.INI
2010-08-13 20:15:36 ----D---- C:\Users\xxx\AppData\Roaming\FlashGet
2010-08-13 19:44:55 ----D---- C:\Program Files\trend micro
2010-08-11 20:54:51 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-10 20:43:10 ----A---- C:\Windows\system32\rtutils.dll
2010-08-10 20:43:09 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-10 20:43:08 ----A---- C:\Windows\system32\msxml3.dll
2010-08-10 20:43:07 ----A---- C:\Windows\system32\ir32_32.dll
2010-08-10 20:43:07 ----A---- C:\Windows\system32\iccvid.dll
2010-08-10 20:43:06 ----A---- C:\Windows\system32\win32k.sys
2010-08-10 20:43:04 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-10 20:43:04 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-10 20:43:04 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-10 20:43:00 ----A---- C:\Windows\system32\mshtml.dll
2010-08-10 20:42:58 ----A---- C:\Windows\system32\wininet.dll
2010-08-10 20:42:58 ----A---- C:\Windows\system32\urlmon.dll
2010-08-10 20:42:58 ----A---- C:\Windows\system32\ieframe.dll
2010-08-10 20:42:57 ----A---- C:\Windows\system32\mstime.dll
2010-08-10 20:42:57 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-10 20:42:57 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-10 20:42:57 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-10 20:42:57 ----A---- C:\Windows\system32\ieui.dll
2010-08-10 20:42:57 ----A---- C:\Windows\system32\iepeers.dll
2010-08-10 20:42:57 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-10 20:42:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-10 20:42:54 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-10 20:41:33 ----A---- C:\Windows\system32\schannel.dll
2010-08-03 17:22:59 ----A---- C:\Windows\system32\shell32.dll
2010-07-30 15:14:27 ----A---- C:\Windows\wininit.ini
2010-07-28 18:40:00 ----D---- C:\Users\xxx\AppData\Roaming\vlc
2010-07-27 12:35:18 ----D---- C:\Program Files\Common Files\Skype
2010-07-27 12:35:17 ----RD---- C:\Program Files\Skype
2010-07-26 23:31:06 ----D---- C:\Program Files\Alcohol Soft
2010-07-25 19:34:30 ----D---- C:\ProgramData\ESET

======List of files/folders modified in the last 1 months======

2010-08-15 19:41:14 ----D---- C:\Windows\Temp
2010-08-15 19:20:46 ----D---- C:\Windows\system32\drivers
2010-08-15 19:20:44 ----RD---- C:\Program Files
2010-08-15 19:02:01 ----AD---- C:\Windows
2010-08-15 18:58:33 ----D---- C:\Windows\system32\NDF
2010-08-15 18:54:09 ----D---- C:\Windows\System32
2010-08-15 18:44:40 ----AC---- C:\Windows\system.ini
2010-08-15 18:39:38 ----D---- C:\Windows\AppPatch
2010-08-15 18:39:37 ----D---- C:\Program Files\Common Files
2010-08-15 18:38:53 ----D---- C:\Windows\system32\config
2010-08-15 18:24:38 ----D---- C:\Windows\Prefetch
2010-08-15 17:55:08 ----D---- C:\Windows\system32\inetsrv
2010-08-15 17:55:01 ----D---- C:\Windows\system32\drivers\etc
2010-08-15 17:34:14 ----SHD---- C:\System Volume Information
2010-08-15 17:29:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-15 17:29:37 ----D---- C:\Windows\inf
2010-08-15 16:15:41 ----D---- C:\Windows\Tasks
2010-08-15 16:12:25 ----SHD---- C:\Windows\Installer
2010-08-15 16:12:23 ----D---- C:\Windows\Globalization
2010-08-15 16:04:31 ----D---- C:\Program Files\JDownloader
2010-08-13 19:50:45 ----D---- C:\ProgramData\Microsoft Help
2010-08-13 19:50:45 ----D---- C:\Config.Msi
2010-08-13 19:50:05 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-08-13 19:34:04 ----D---- C:\ProgramData\NVIDIA
2010-08-13 19:20:00 ----D---- C:\Program Files\Google
2010-08-13 19:11:22 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-08-13 19:11:17 ----D---- C:\ProgramData\DVD Shrink
2010-08-13 19:11:13 ----D---- C:\ProgramData\Bluetooth
2010-08-13 19:11:10 ----D---- C:\Program Files\PC Connectivity Solution
2010-08-13 19:10:43 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-08-13 19:10:38 ----D---- C:\ProgramData\QuickMediaConverter
2010-08-13 19:06:50 ----SD---- C:\ProgramData\Microsoft
2010-08-13 19:06:50 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-08-13 19:06:50 ----D---- C:\ProgramData\PC Suite
2010-08-13 19:06:50 ----D---- C:\ProgramData\Nero
2010-08-13 19:06:50 ----D---- C:\ProgramData
2010-08-13 19:06:49 ----D---- C:\ProgramData\DivX
2010-08-13 19:06:49 ----D---- C:\ProgramData\Adobe
2010-08-13 19:06:49 ----D---- C:\inetpub
2010-08-13 18:54:49 ----RSD---- C:\Windows\assembly
2010-08-13 18:48:42 ----D---- C:\Users\xxx\AppData\Roaming\Macromedia
2010-08-12 18:31:43 ----D---- C:\Program Files\ICQ6.5
2010-08-12 17:39:48 ----D---- C:\Program Files\Opera
2010-08-12 08:36:56 ----D---- C:\Windows\system32\LogFiles
2010-08-11 20:54:54 ----D---- C:\Users\xxx\AppData\Roaming\Adobe
2010-08-11 20:54:52 ----D---- C:\Program Files\Adobe
2010-08-11 14:55:48 ----D---- C:\Windows\Microsoft.NET
2010-08-11 10:40:12 ----D---- C:\Windows\winsxs
2010-08-10 22:54:44 ----D---- C:\Windows\system32\migration
2010-08-10 22:54:44 ----D---- C:\Program Files\Internet Explorer
2010-08-10 20:49:47 ----D---- C:\Windows\debug
2010-08-10 20:45:04 ----D---- C:\Windows\Downloaded Program Files
2010-08-10 20:42:43 ----D---- C:\Windows\system32\catroot2
2010-08-10 20:42:43 ----D---- C:\Windows\system32\catroot
2010-08-10 20:00:22 ----D---- C:\Program Files\Common Files\Nero
2010-08-10 19:44:34 ----D---- C:\Program Files\HandBrake
2010-08-10 19:43:05 ----D---- C:\Program Files\DivX
2010-08-10 19:43:04 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-08-10 19:38:01 ----D---- C:\Users\xxx\AppData\Roaming\ArcSoft
2010-08-10 19:36:37 ----D---- C:\Windows\ehome
2010-08-10 15:44:14 ----D---- C:\Program Files\Glary Utilities
2010-08-09 16:36:05 ----D---- C:\Program Files\Ashampoo
2010-08-09 13:10:47 ----A---- C:\Windows\system32\OpenAL32.dll
2010-08-08 19:54:16 ----SD---- C:\Users\xxx\AppData\Roaming\Microsoft
2010-08-04 21:54:01 ----D---- C:\Program Files\WinRAR
2010-08-04 16:23:53 ----D---- C:\Program Files\CDBurnerXP
2010-08-04 16:23:21 ----D---- C:\Program Files\Defraggler
2010-08-03 20:09:31 ----A---- C:\Windows\system32\MRT.exe
2010-07-30 17:23:08 ----D---- C:\Windows\system32\Tasks
2010-07-28 18:37:12 ----D---- C:\Users\xxx\AppData\Roaming\dvdcss
2010-07-27 19:59:55 ----D---- C:\Program Files\Wyzo
2010-07-27 12:35:17 ----D---- C:\ProgramData\Skype
2010-07-26 20:33:13 ----D---- C:\Program Files\CCleaner
2010-07-26 10:28:44 ----D---- C:\Windows\system32\wdi
2010-07-25 19:34:42 ----D---- C:\Windows\system32\DriverStore
2010-07-25 13:06:07 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-28 114984]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 55040]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-09-23 294912]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-06-24 136120]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-04-28 134488]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-04-28 41312]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2009-07-14 117248]
R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 catchme;catchme; \??\C:\Users\xxx\AppData\Local\Temp\catchme.sys []
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-04-28 32584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-10-06 2779104]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224]
R3 MQAC;@mqutil.dll,-6101; C:\Windows\system32\drivers\mqac.sys [2009-07-14 141824]
R3 NfsRdr;@%windir%\system32\nfsrc.dll,-5003; C:\Windows\system32\drivers\nfsrdr.sys [2009-07-14 201216]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-11-05 47360]
R3 PsxDrv;@%systemroot%\system32\suares.dll,-107; C:\Windows\system32\drivers\psxdrv.sys [2009-07-14 9216]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
R3 RpcXdr;@%windir%\system32\nfsrc.dll,-5011; C:\Windows\system32\drivers\rpcxdr.sys [2009-07-14 86528]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 165376]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 78336]
S1 archlp;archlp; C:\Windows\system32\drivers\archlp.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-05-09 36496]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 cpudrv;cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [2009-12-18 11336]
S3 FLASHSYS;FLASHSYS; \??\C:\Program Files\MSI\Live Update 3\FLASHSYS.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-01-21 18048]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-12-30 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-12-30 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys [2009-12-30 8320]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2007-11-06 34064]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2009-11-08 23600]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-12-30 7936]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-12-30 7936]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-26 697328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2009-07-14 20480]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-07-02 810144]
R2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\Windows\system32\inetsrv\inetinfo.exe [2009-07-14 13824]
R2 LPDSVC;@%systemroot%\system32\lpdsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MSMQ;@mqutil.dll,-6102; C:\Windows\system32\mqsvc.exe [2009-07-14 8704]
R2 MSMQTriggers;@mqutil.dll,-6203; C:\Windows\system32\mqtgsvc.exe [2009-07-14 126464]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
R2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
R2 NfsClnt;@%windir%\system32\nfsrc.dll,-5001; C:\Windows\system32\nfsclnt.exe [2009-07-14 52736]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-09-06 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 9216]
R2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2009-07-14 47616]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-07-06 1051968]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-07-02 33584]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-07-12 435008]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-03-26 1343400]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-10 136176]
S4 TlntSvr;@%SystemRoot%\system32\tlntsvr.exe,-119; C:\Windows\System32\tlntsvr.exe [2009-07-14 71680]

-----------------EOF-----------------

[vyosek]

Nerozepisoval, tedy kdysi jo, ted to bylo jen ctrl+c a ctrl+v

Pockame tedy na MBAM jestli neco najde a zacnem uklizet Pokud by se zdalo byti PC jeste pomale, muzem udelat test na rootkity - ale ty vetsinou brzdi pc v prubehu prace, nikoliv jen pri startu...log samozrejme zkouknu, ale pockam hlavne na mbam

[deni96]

aha, no ten MBAM us skenuje 30minut a zatim nic nenasel musime pockat

[vyosek]

Jo tak on muze tez trvat i dve hodky

[deni96]

no to asi bude no myslite ze bych vas mohl poprosit i o kontrolu meho notebooku? (tam by to melo byt jednodussi tam nemam zadna dulezita data a taky ten NB nemam tak dlouho) ?

[vyosek]

Jasne neni problem, jen zalozte nove tema at se to tu neplete a dejte do predmetu "pro vyosek" a kolegove mi to prenechaji Samozrejme vlozte log ze RSITu

[deni96]

dekuju vam moc za pomoc , to tema us jsem zalozil

[vyosek]

Jdu na to mrknout a zde budu vyhlizet mbam

[deni96]

dobre no nevim nevim kdy to bude

[vyosek]

Pockame, zatim si dam dvojku cerveneho

[deni96]

dobre dejte si

[deni96]

ach jo us to bezi 2hodiny

[deni96]

slava us to je

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4433

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

15.8.2010 21:36:15
mbam-log-2010-08-15 (21-36-15).txt

Typ skenu: Úplný sken (C:\|D:\|E:\|)
Skenované objekty: 521550
Uplynulý čas: 2 hodina(y), 6 minuta(y), 10 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[vyosek]

A cisto
Jak se nam chova pacient

[deni96]

tet bouzel nemuzu vypnout PC tak to nemam jak vyskouset az za 50min, a nevyzkousime to jeste na ty rokity nebo jak jse to jmenuje za zkousku nic nedame?