Kontrola RSIT logu

Zpráva

Specters · #1 Příspěvek od **Specters** » 03 úno 2011 16:30

Prosím o kontrolu logu, jestli je už vše v pořádku. Přešel jsem PC avastem, spyware terminatorem, malwarebytes, ccleanerem a rychlým scanem trojan remover, protože nebyl chráněn antiviry a bylo v něm hodně virů. Nerad bych používal combofix, protože to zasahuje do systému, a není to můj počítač. Diky moc.

Tady je log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Luky at 2011-02-03 16:19:17
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 112 GB (73%) free of 153 GB
Total RAM: 1014 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:19:35, on 3.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\PLFSetL.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\yuPlay\yuPlay.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\Luky\LOCALS~1\Temp\RtkBtMnt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Luky\Plocha\RSIT.exe
C:\Program Files\trend micro\Luky.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mydtzone.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof2.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof2.dll
O2 - BHO: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof2.dll
O3 - Toolbar: MediaBar - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PLFSetL] C:\WINDOWS\PLFSetL.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [yuPlay.exe] "C:\Program Files\yuPlay\yuPlay.exe" -silent
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\aro.exe -rem
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Program Files\PartyGaming\PartyCasino\RunApp.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3167655576
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://d1ylr6sba64qi3.cloudfront.net/gl ... 1.66.0.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 8221 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Norton Security Scan for Luky.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-12-10 1254024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSof2.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F}]
MediaBar - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll [2009-11-20 87472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-01-05 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\tbSof2.dll [2010-10-18 3908192]
{ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - MediaBar - C:\PROGRA~1\IMESHA~1\MediaBar\ToolBar\iMeshMediaBarDx.dll [2009-11-20 87472]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-12-10 1254024]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-10 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-10 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-10 137752]
"PLFSetL"=C:\WINDOWS\PLFSetL.exe [2007-07-05 94208]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2006-07-19 53248]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-09-03 16841216]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"DATAMNGR"=C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE [2010-10-13 985008]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-01-13 3396624]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-02-03 2216960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"yuPlay.exe"=C:\Program Files\yuPlay\yuPlay.exe [2010-10-20 4226040]
"NexonEULauncher"= []
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2010-06-28 2322501]
"fsm"= []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"Steam"=C:\Program Files\Steam\Steam.exe [2011-01-17 1242448]
"AROReminder"=C:\Program Files\Advanced Registry Optimizer\aro.exe [2010-10-18 2215944]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-10 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Counter-Strike 1.6\hl.exe"="D:\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\1C Company\Streets of Moscow\som.exe"="C:\Program Files\1C Company\Streets of Moscow\som.exe:*:Enabled:som"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Program Files\yuPlay\yuPlay.exe"="C:\Program Files\yuPlay\yuPlay.exe:*:Enabled:yuPlay"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
"D:\CS\HL.EXE"="D:\CS\HL.EXE:*:Enabled:Half-Life Launcher"
"C:\Program Files\Deer Hunter Tournament\DHT.exe"="C:\Program Files\Deer Hunter Tournament\DHT.exe:*:Enabled:Deer Hunter Tournament"
"C:\Program Files\Deer Hunter Tournament\Updater.exe"="C:\Program Files\Deer Hunter Tournament\Updater.exe:*:Enabled:Deer Hunter Tournament Current Updater"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"

======List of files/folders created in the last 1 months======

2011-02-03 15:45:41 ----D---- C:\Program Files\CCleaner
2011-02-03 15:03:27 ----D---- C:\Program Files\WinClamAVShield
2011-02-03 14:56:22 ----D---- C:\Program Files\Crawler
2011-02-03 14:56:18 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2011-02-03 14:56:17 ----D---- C:\Documents and Settings\Luky\Data aplikací\Spyware Terminator
2011-02-03 14:56:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-02-03 14:56:11 ----D---- C:\Program Files\Spyware Terminator
2011-02-03 14:46:50 ----A---- C:\WINDOWS\system32\javaws.exe
2011-02-03 14:46:50 ----A---- C:\WINDOWS\system32\javaw.exe
2011-02-03 14:46:50 ----A---- C:\WINDOWS\system32\java.exe
2011-02-03 13:33:26 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2011-02-03 13:21:50 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-02-02 14:28:33 ----A---- C:\WINDOWS\system32\ztvunace26.dll
2011-02-02 14:28:32 ----A---- C:\WINDOWS\system32\ztvunrar36.dll
2011-02-02 14:28:32 ----A---- C:\WINDOWS\system32\ztvcabinet.dll
2011-02-02 14:28:32 ----A---- C:\WINDOWS\system32\UNRAR3.dll
2011-02-02 14:28:32 ----A---- C:\WINDOWS\system32\unacev2.dll
2011-02-02 14:28:26 ----D---- C:\Program Files\Trojan Remover
2011-02-02 14:28:26 ----D---- C:\Documents and Settings\Luky\Data aplikací\Simply Super Software
2011-02-02 14:28:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Simply Super Software
2011-02-02 14:24:57 ----D---- C:\Documents and Settings\Luky\Data aplikací\Malwarebytes
2011-02-02 14:24:52 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-02-02 14:24:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-02-02 14:24:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-02-02 14:24:48 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-02-02 14:23:29 ----D---- C:\rsit
2011-02-02 14:23:29 ----D---- C:\Program Files\trend micro
2011-01-31 11:52:09 ----D---- C:\Documents and Settings\Luky\Data aplikací\Mount&Blade
2011-01-20 10:24:27 ----D---- C:\Casino
2011-01-20 09:54:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2011-01-20 09:48:09 ----D---- C:\Documents and Settings\Luky\Data aplikací\Sammsoft
2011-01-20 09:47:54 ----D---- C:\Program Files\Advanced Registry Optimizer
2011-01-19 14:52:00 ----D---- C:\Program Files\Zrychlenie PC
2011-01-19 13:40:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2011-01-19 13:40:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-01-19 13:40:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-01-19 13:39:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2011-01-19 13:39:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2011-01-19 13:38:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2011-01-19 13:38:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-19 13:38:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-01-17 21:06:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2011-01-17 21:06:41 ----D---- C:\Program Files\Google
2011-01-17 21:06:38 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-01-17 21:06:38 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-01-17 21:06:37 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-01-17 21:06:35 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-01-17 21:06:33 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-01-17 21:06:33 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-01-17 21:06:32 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-01-17 21:06:16 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-01-17 21:06:04 ----D---- C:\Program Files\Alwil Software
2011-01-17 21:06:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2011-01-15 20:05:14 ----D---- C:\Program Files\GOTCHA!
2011-01-15 10:50:28 ----D---- C:\Program Files\Eidos
2011-01-14 20:25:59 ----RA---- C:\WINDOWS\system32\tmp8.tmp
2011-01-14 20:22:28 ----D---- C:\Program Files\Instinkt
2011-01-14 19:49:44 ----D---- C:\Program Files\Kobra 11 Nitro
2011-01-13 17:52:53 ----D---- C:\Program Files\Steam
2011-01-12 18:58:49 ----D---- C:\Program Files\Undercover
2011-01-12 18:41:19 ----D---- C:\WINDOWS\solcache
2011-01-12 18:40:46 ----A---- C:\WINDOWS\system32\snwvalid.dll
2011-01-12 18:40:46 ----A---- C:\WINDOWS\system32\sierranw.dll
2011-01-12 18:40:46 ----A---- C:\WINDOWS\system32\gif89.dll
2011-01-12 18:38:23 ----A---- C:\WINDOWS\system32\drivers\papycpu.sys
2011-01-12 18:38:21 ----A---- C:\WINDOWS\system32\drivers\papyjoy.sys
2011-01-12 18:38:09 ----D---- C:\Program Files\Sierra On-Line
2011-01-12 18:38:09 ----D---- C:\Papyrus
2011-01-12 18:37:50 ----A---- C:\WINDOWS\SIERRA.INI
2011-01-11 17:28:46 ----D---- C:\Documents and Settings\Luky\Data aplikací\Help
2011-01-09 18:45:13 ----D---- C:\WINDOWS\Minidump
2011-01-04 11:00:14 ----D---- C:\WINDOWS\system32\appmgmt

======List of files/folders modified in the last 1 months======

2011-02-03 16:19:02 ----D---- C:\WINDOWS\Temp
2011-02-03 16:14:42 ----D---- C:\WINDOWS\system32\ias
2011-02-03 16:12:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-03 16:09:51 ----D---- C:\WINDOWS
2011-02-03 15:53:01 ----D---- C:\WINDOWS\Debug
2011-02-03 15:45:41 ----RD---- C:\Program Files
2011-02-03 14:56:19 ----D---- C:\WINDOWS\system32\drivers
2011-02-03 14:47:02 ----SHD---- C:\WINDOWS\Installer
2011-02-03 14:46:51 ----D---- C:\WINDOWS\system32
2011-02-03 14:46:48 ----D---- C:\Program Files\Java
2011-02-03 14:46:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-02-03 14:43:49 ----D---- C:\Documents and Settings\Luky\Data aplikací\Software Informer
2011-02-03 14:37:07 ----D---- C:\WINDOWS\mui
2011-02-03 13:16:36 ----HD---- C:\WINDOWS\inf
2011-02-03 13:16:34 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-03 12:25:50 ----D---- C:\Program Files\DAEMON Tools
2011-02-02 14:25:07 ----D---- C:\WINDOWS\Prefetch
2011-02-01 20:38:29 ----D---- C:\Program Files\Microsoft
2011-01-24 15:58:45 ----D---- C:\WINDOWS\system32\inetsrv
2011-01-21 19:17:48 ----D---- C:\WINDOWS\network diagnostic
2011-01-20 20:45:11 ----D---- C:\Program Files\PartyGaming
2011-01-20 15:55:07 ----D---- C:\Program Files\Mozilla Firefox
2011-01-19 13:55:31 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-19 13:40:42 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-19 13:40:25 ----D---- C:\Program Files\Internet Explorer
2011-01-19 13:40:13 ----D---- C:\WINDOWS\ie8updates
2011-01-19 13:40:07 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-19 13:38:38 ----D---- C:\Program Files\Outlook Express
2011-01-19 13:30:21 ----D---- C:\WINDOWS\system32\drivers\etc
2011-01-18 08:58:25 ----D---- C:\Documents and Settings\Luky\Data aplikací\advantage
2011-01-17 21:06:26 ----D---- C:\WINDOWS\WinSxS
2011-01-14 20:25:59 ----D---- C:\Program Files\OpenAL
2011-01-14 20:25:59 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2011-01-14 13:07:09 ----D---- C:\WINDOWS\Help
2011-01-13 17:52:24 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-13 17:51:37 ----RSD---- C:\WINDOWS\assembly
2011-01-13 17:51:02 ----D---- C:\WINDOWS\system32\DirectX
2011-01-11 17:33:33 ----SD---- C:\WINDOWS\Tasks
2011-01-04 17:20:14 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-11-01 639224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R0x01000000 papycpu;papycpu; C:\WINDOWS\system32\drivers\papycpu.sys [1998-10-06 1984]
R0x01000000 papyjoy;papyjoy; C:\WINDOWS\system32\drivers\papyjoy.sys [1998-10-06 1888]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-07-26 547904]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-07-22 161792]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-10 5851488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-09-05 4611072]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 androidusb;ADB Interface Driver; C:\WINDOWS\System32\Drivers\fxxandroidusb.sys [2010-04-01 25728]
S3 axdkcqv5;axdkcqv5; C:\WINDOWS\system32\drivers\axdkcqv5.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpudrv;cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 qcusbser;Qualcomm USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\FXX\qcusbser.sys [2010-04-01 103424]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-02-03 496128]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 04 úno 2011 19:07

Log vypadá čistý.

Specters · #3 Příspěvek od **Specters** » 06 úno 2011 15:35

Dobrá, děkuji za kontrolu.

#4 Příspěvek od **Rudy** » 06 úno 2011 17:28

Není zač!

VIRY.CZ

Kontrola RSIT logu

Kontrola RSIT logu

Re: Kontrola RSIT logu

Re: Kontrola RSIT logu

Re: Kontrola RSIT logu