Prosím, můžete se podívat na tenhle log? Díky!

Zpráva

KMS · #1 Příspěvek od **KMS** » 13 dub 2011 14:18

Logfile of random's system information tool 1.08 (written by random/random)
Run by test at 2011-04-13 14:57:10
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 14 GB (23%) free of 62 GB
Total RAM: 511 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:57:33, on 13.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Samsung\Samsung SCX-4x21 Series\PSU\Scan2pc.exe
C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe
C:\Program Files\SmartDefrag\IObit SmartDefrag.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\PixArt\PAC207\Monitor.exe
C:\Program Files\ESET\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\ESET\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Documents and Settings\test\Plocha\RSIT.exe
C:\Program Files\trend micro\test.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=488
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,AutoConfigURL = file://C:\PROGRA~1\SPEEDB~1\vaproxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
Odkazy
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} -
(no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7}
- c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl -
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common
Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google
Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [WHITNEY_S2P] C:\Program Files\Samsung\Samsung
SCX-4x21 Series\PSU\Scan2pc.exe
O4 - HKLM\..\Run: [SpeedBitVideoAccelerator] "C:\Program Files\SpeedBit Video
Accelerator\VideoAccelerator.exe"
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\SmartDefrag\IObit
SmartDefrag.exe" /StartUp
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [PAC207_Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash
/minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\test\Local
Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting]
"C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]
C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Yahoo! Widgets.lnk = C:\Program
Files\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI
Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy
Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program
Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program
Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -
C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network
Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = KMS
O17 - HKLM\Software\..\Telephony: DomainName = KMS
O17 -
HKLM\System\CCS\Services\Tcpip\..\{0F528CE3-F5D9-4EEE-B137-0536276129D
B}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = KMS
O17 -
HKLM\System\CS1\Services\Tcpip\..\{0F528CE3-F5D9-4EEE-B137-0536276129DB
}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = KMS
O17 -
HKLM\System\CS2\Services\Tcpip\..\{0F528CE3-F5D9-4EEE-B137-0536276129DB
}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader -
{438755C2-A8BA-11D1-B96B-00A0C90312E1} -
C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí -
{8C7461EF-2B13-11d2-BE35-3078302C2030} -
C:\WINDOWS\system32\browseui.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program
Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation -
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner -
C:\PROGRA~1\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner -
C:\PROGRA~1\AVG7\avgupsvc.exe (file missing)
O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner -
C:\PROGRA~1\AVG7\avgemc.exe (file missing)
O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner -
C:\PROGRA~1\AVG7\avgfwsrv.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program
Files\ESET\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ekrn.exe
O23 - Service: Google Desktop Manager 5.7.806.10245
(GoogleDesktopManager-061008-081103) - Google - C:\Program
Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc.
- C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: 602LAN SUITE (lansuits) - Unknown owner - C:\Program
Files\Software602\602LAN SUITE\lansuits.exe (file missing)
O23 - Service: VideoAcceleratorService - Speedbit Ltd. -
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program
Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 8814 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-1563985344-68200
3330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-1563985344-68200
3330-1004UA.job
C:\WINDOWS\tasks\SmartDefrag.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Expl
orer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Expl
orer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2006-10-20
2018368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Expl
orer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll
[2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Expl
orer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program
files\google\googletoolbar1.dll [2006-10-20 2018368]
{855F3B16-6D32-4fe6-8A56-BBB695989046}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2003-08-20 88363]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java
Update\jusched.exe [2010-05-14 248552]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop
Search\GoogleDesktop.exe [2008-08-21 29744]
"WHITNEY_S2P"=C:\Program Files\Samsung\Samsung SCX-4x21
Series\PSU\Scan2pc.exe [2006-03-27 229376]
"SpeedBitVideoAccelerator"=C:\Program Files\SpeedBit Video
Accelerator\VideoAccelerator.exe [2008-09-17 2705008]
"SmartDefrag"=C:\Program Files\SmartDefrag\IObit SmartDefrag.exe [2008-09-08
1965296]
"C-Media Mixer"=Mixer.exe /startup []
"PAC207_Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03
319488]
"Monitor"=C:\WINDOWS\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"egui"=C:\Program Files\ESET\egui.exe [2009-10-07 1461080]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-09-08 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-09-02 13351304]
"Google Update"=C:\Documents and Settings\test\Local Settings\Data
aplikací\Google\Update\GoogleUpdate.exe [2010-08-06 136176]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
APC UPS Status.lnk - C:\Program Files\APC\APC PowerChute Personal
Edition\Display.exe
ATI CATALYST System Tray.lnk - C:\Program Files\ATI
Technologies\ATI.ACE\CLI.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

C:\Documents and Settings\KMS-Mladej\Programy\Po spuštění
Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-01-05 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shel
lServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} -
C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minima
l\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\networ
k\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\networ
k\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\networ
k\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ex
plorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
explorer]
"NoResolveSearch"=1
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\paramet
ers\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x
psp2res.dll,-22019"
"C:\Program Files\RealVNC\VNC4\winvnc4.exe"="C:\Program
Files\RealVNC\VNC4\winvnc4.exe:*:Enabled:VNC Server"
"C:\Program Files\win_comd\WINCMD32.EXE"="C:\Program
Files\win_comd\WINCMD32.EXE:*:Enabled:Windows Commander 32 bit
international version, file manager replacement for Windows"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network
Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MailStore_Home\MailStoreDesktopServices.exe"="C:\Program
Files\MailStore_Home\MailStoreDesktopServices.exe:*:Enabled:MailStore Desktop
Services"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program
Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program
Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\paramet
ers\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@x
psp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network
Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-04-13 14:57:10 ----D---- C:\rsit
2011-03-24 20:07:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2011-03-24 08:52:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP

======List of files/folders modified in the last 1 months======

2011-04-13 14:57:33 ----D---- C:\Program Files\trend micro
2011-04-13 14:57:18 ----D---- C:\WINDOWS\Prefetch
2011-04-13 14:57:16 ----D---- C:\WINDOWS\Temp
2011-04-13 14:57:12 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-13 14:57:03 ----D---- C:\Documents and Settings\test\Data aplikací\Skype
2011-04-13 14:56:36 ----D---- C:\Documents and Settings\test\Data aplikací\skypePM
2011-04-13 14:56:16 ----D---- C:\WINDOWS\system32\ias
2011-04-13 14:56:06 ----D---- C:\Program Files\SpeedBit Video Accelerator
2011-04-13 14:55:57 ----D---- C:\WINDOWS
2011-04-12 19:27:26 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-12 11:50:39 ----D---- C:\Program Files\Archibald
2011-04-08 11:18:26 ----D---- C:\WINDOWS\system32
2011-04-07 11:16:02 ----D---- C:\Program Files\Mozilla_Thunderbird
2011-03-29 16:56:56 ----SHD---- C:\WINDOWS\Installer
2011-03-29 16:56:47 ----SHD---- C:\Config.Msi
2011-03-29 16:56:44 ----D---- C:\Program Files
2011-03-29 16:56:42 ----HD---- C:\WINDOWS\inf
2011-03-29 16:56:22 ----SD---- C:\WINDOWS\Tasks
2011-03-24 20:06:49 ----D---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto,
3=Demand, 4=Disabled)======

R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys
[2008-04-13 44672]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2004-03-29
73600]
R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys
[2006-10-20 4224]
R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\system32\drivers\avgclean.sys
[2006-10-23 3968]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07
54184]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-10-07
55256]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys
[2008-04-14 40192]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez
podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 DgiVecp;Team MFP Comm Driver;
C:\WINDOWS\System32\Drivers\DgiVecp.sys [2005-11-30 41984]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07
40824]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-10-07 73760]
R2 sbbotdi;sbbotdi; \??\C:\PROGRA~1\SPEEDB~1\sbbotdi.sys []
R3 AgereSoftModem;Agere Systems Soft Modem;
C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-01-25 1149888]
R3 cmpci;C-Media PCI Audio Driver (WDM);
C:\WINDOWS\system32\drivers\cmaudio.sys [2002-07-16 379726]
R3 Epfwndis;Eset Personal Firewall;
C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-10-07 32072]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service;
C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-11-11 41984]
R3 HidUsb;Ovladač třídy standardu HID;
C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 MODEMCSA;Unimodem Streaming Filter Device;
C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 PAC207;Eye 110; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-10-25
616064]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB;
C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys
[2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys
[2008-04-13 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB;
C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti
Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys
[2007-10-24 821856]
S1 Avg7RsXP;AVG7 Resident Driver XP;
C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2007-02-22 27776]
S2 AvgTdi;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdi.sys []
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-05
1420288]
S3 catchme;catchme; \??\C:\DOCUME~1\test\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption;
C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cmuda;C-Media WDM Audio Interface;
C:\WINDOWS\system32\drivers\cmuda.sys [2005-12-15 1368000]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver;
C:\WINDOWS\system32\DRIVERS\fetnd5.sys []
S3 FWL;Fwl Packet Filter; \??\C:\Program files\Software602\602LAN SUITE\fwl.sys
[]
S3 GTwinUSB;GTwinUSB; C:\WINDOWS\System32\Drivers\GTwinUSB.sys
[2002-10-04 61776]
S3 HidBatt;Ovladač baterie zdroje UPS standardu HID;
C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-14 20352]
S3 mouhid;Ovladač myši standardu HID;
C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter;
C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec;
C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection;
C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nm;Ovladač programu Sledování sítě;
C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys
[2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys
[2008-04-14 15232]
S3 ultradfg;ultradfg; C:\WINDOWS\System32\DRIVERS\ultradfg.sys [2007-12-22
23552]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28
18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu;
C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform
Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector;
C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto,
3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program
Files\Lavasoft\Ad-Aware\aawservice.exe [2008-10-22 611664]
R2 APC UPS Service;APC UPS Service; C:\Program Files\APC\APC PowerChute
Personal Edition\mainserv.exe [2005-12-12 176193]
R2 ekrn;Eset Service; C:\Program Files\ESET\ekrn.exe [2009-10-07 472280]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program
Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 UMWdf;Windows User Mode Driver Framework;
C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 VideoAcceleratorService;VideoAcceleratorService;
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2008-09-17 292472]
R2 WinVNC4;VNC Server Version 4; C:\Program
Files\RealVNC\VNC4\WinVNC4.exe [2005-03-11 455632]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe
[2006-01-05 405504]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-01-04
520192]
S2 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\AVG7\avgamsvr.exe []
S2 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\AVG7\avgupsvc.exe []
S2 AVGEMS;AVG E-mail Scanner; C:\PROGRA~1\AVG7\avgemc.exe []
S2 AVGFwSrv;AVG Firewall; C:\PROGRA~1\AVG7\avgfwsrv.exe /srvfsys []
S3 aspnet_state;Stavová služba ASP.NET;
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25
34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service
v2.0.50727_X86;
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25
69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\EHttpSrv.exe [2009-10-07
20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0;
C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
[2008-07-29 46104]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-21
29744]
S3 idsvc;Windows CardSpace;
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication
Foundation\infocard.exe [2008-07-29 881664]
S3 lansuits;602LAN SUITE; C:\Program Files\Software602\602LAN
SUITE\lansuits.exe []
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program
Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework;
C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication
Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Roli** » 13 dub 2011 21:20

Zdravím, koukám, koukám a vidím akorát hodně písmenek a číslíček

Ne vážně, tohle fixni v HJT :

R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} -(no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\CommonFiles\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\GoogleDesktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"-atboottime
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\test\LocalSettings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE]C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting]"C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE]C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\MicrosoftOffice\Office10\OSA.EXE
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner -C:\PROGRA~1\AVG7\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner -C:\PROGRA~1\AVG7\avgupsvc.exe (file missing)
O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner -C:\PROGRA~1\AVG7\avgemc.exe (file missing)
O23 - Service: AVG Firewall (AVGFwSrv) - Unknown owner -C:\PROGRA~1\AVG7\avgfwsrv.exe (file missing)
O23 - Service: 602LAN SUITE (lansuits) - Unknown owner - C:\ProgramFiles\Software602\602LAN SUITE\lansuits.exe (file missing)

HJT najdeš zde :

C:\Program Files\trend micro\test.exe

Fix znamená že spustíš HJT Obrázek

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Použij AVG Remover a dočisti jím zbytky.

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém

Jinak nic špatného nevidím.

P.S. až sem příště budeš dávat log otevři si nejdříve Poznámkový blok v celoobrazovkovém módu.

KMS · #3 Příspěvek od **KMS** » 27 dub 2011 17:24

Moc děkuju. Mrknu na to.

#4 Příspěvek od **Roli** » 27 dub 2011 17:56

Není zač.

VIRY.CZ

Prosím, můžete se podívat na tenhle log? Díky!

Prosím, můžete se podívat na tenhle log? Díky!

Re: Prosím, můžete se podívat na tenhle log? Díky!

Re: Prosím, můžete se podívat na tenhle log? Díky!

Re: Prosím, můžete se podívat na tenhle log? Díky!