RSIT - kontrola logu

Zpráva

Blein · #1 Příspěvek od **Blein** » 21 čer 2011 15:43

Dobrý den, mám zde jeden zpomalený počítač,byl mi donešený abych ho vyčistil, myslím, že ale samotné vyčištění ccleanerem nepomůže - ještě jsem je nedělal, příkládám logy z RSIT.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-06-22 16:38:21
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (30%) free of 25 GB
Total RAM: 3326 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:38:44, on 22.6.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Programy\INSTAL~1\AVG8~1.5\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
D:\Programy\INSTAL~1\AVG8~1.5\avgwdsvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
D:\Programy\INSTAL~1\AVG8~1.5\avgam.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
D:\Programy\INSTAL~1\AVG8~1.5\avgrsx.exe
D:\Programy\INSTAL~1\AVG8~1.5\avgnsx.exe
C:\Program Files\Java\jre6\bin\jqs.exe
D:\Programy\INstalovane\NetLimiter 2 Pro\nlsvc.exe
D:\Programy\Kopirovane\FirefoxPortable\FirefoxPortable.exe
D:\Programy\Kopirovane\FirefoxPortable\App\firefox\firefox.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
D:\Programy\INSTAL~1\AVG8~1.5\avgemc.exe
D:\Programy\INstalovane\AVG 8.5\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Profils\Administrator\Plocha\Onfra\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Programy\INstalovane\AVG 8.5\avgssie.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AVG8_TRAY] D:\Programy\INSTAL~1\AVG8~1.5\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [Samsung.PCSync] D:\Programy\INstalovane\Samsung PC Studio 7\Samsung PC Studio 7\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Samsung.PCSync] D:\Programy\INstalovane\Samsung PC Studio 7\Samsung PC Studio 7\PcSync2.exe /NoDialog (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: Nokia Nseries PC Suite.lnk = E:\Program Files\Nokia\NNPCS\RunLauncher.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\Programy\INSTAL~1\Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\Programy\INSTAL~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\INSTAL~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - E:\Hry\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Unibet - {00000000-0000-0000-0000-000000000000} - C:\MicroGaming\Poker\unibetpokerMPP\MPPoker.exe (HKCU)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O17 - HKLM\System\CS1\Services\Tcpip\..\{446A96B4-B62A-42E0-9D8C-9A97496A9269}: NameServer = 10.5.5.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Programy\INstalovane\AVG 8.5\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\Programy\INSTAL~1\AVG8~1.5\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\Programy\INSTAL~1\AVG8~1.5\avgwdsvc.exe
O23 - Service: CWAII - Unknown owner - C:\Temp\CWAII.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\Programy\INstalovane\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - D:\Programy\INstalovane\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

--
End of file - 8717 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cc23636f7f4d10.job
C:\WINDOWS\tasks\NSSstub.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-507921405-1454471165-725345543-500.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-507921405-1454471165-725345543-500.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - D:\Programy\INstalovane\AVG 8.5\avgssie.dll [2010-09-25 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-05-20 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-05-20 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-27 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-27 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-05-20 305328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"=D:\Programy\INSTAL~1\AVG8~1.5\avgtray.exe [2010-09-25 2048352]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-06-26 13529088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Programy\INstalovane\Adobe Reader 9\Reader\Reader_sl.exe [2011-01-31 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Programy\INstalovane\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Programy\INstalovane\QuickTime\qttask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SamsungPCSuiteTrayApplication]
D:\Programy\INstalovane\Samsung PC Studio 7\Samsung PC Studio 7\LaunchApplication.exe [2008-08-07 278016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-01-10 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
D:\Programy\INstalovane\Real Player\update\realsched.exe [2011-01-05 274608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"C-DillaCdaC11BA"=2
"ekrn"=2
"EhttpSrv"=3

C:\Profils\All Users\Nabídka Start\Programy\Po spuštění
Nokia Nseries PC Suite.lnk - E:\Program Files\Nokia\NNPCS\RunLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-09-25 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStatusMessages"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoSMMyDocs"=1
"NoSMMyPictures"=1
"NoSMHelp"=1
"NoUserNameInStartMenu"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programy\INstalovane\uTorrent.exe"="D:\Programy\INstalovane\uTorrent.exe:*:Enabled:µTorrent"
"D:\Programy\INstalovane\Power dvd 8\PowerDVD8\PowerDVD8.exe"="D:\Programy\INstalovane\Power dvd 8\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Programy\INstalovane\AVG 8.5\avgam.exe"="D:\Programy\INstalovane\AVG 8.5\avgam.exe:*:Enabled:avgam.exe"
"D:\Programy\INstalovane\AVG 8.5\avgdiag.exe"="D:\Programy\INstalovane\AVG 8.5\avgdiag.exe:*:Enabled:avgdiag.exe"
"D:\Programy\INstalovane\AVG 8.5\avgdiagex.exe"="D:\Programy\INstalovane\AVG 8.5\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"D:\Programy\INstalovane\AVG 8.5\avgemc.exe"="D:\Programy\INstalovane\AVG 8.5\avgemc.exe:*:Enabled:avgemc.exe"
"D:\Programy\INstalovane\AVG 8.5\avgupd.exe"="D:\Programy\INstalovane\AVG 8.5\avgupd.exe:*:Enabled:avgupd.exe"
"D:\Programy\INstalovane\AVG 8.5\avgnsx.exe"="D:\Programy\INstalovane\AVG 8.5\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Programy\INstalovane\Power dvd 8\PowerDVD8\PowerDVD8.exe"="D:\Programy\INstalovane\Power dvd 8\PowerDVD8\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0"

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 3 months======

2011-06-22 16:38:22 ----D---- C:\Program Files\trend micro
2011-06-22 16:38:21 ----D---- C:\rsit
2011-05-16 14:02:24 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2011-05-02 15:27:23 ----SHD---- C:\RECYCLER
2011-05-02 15:26:42 ----A---- C:\ComboFix.txt
2011-05-02 15:14:19 ----RA---- C:\ComboFix.exe

======List of files/folders modified in the last 3 months======

2011-06-22 16:38:37 ----D---- C:\Temp
2011-06-22 16:38:22 ----RD---- C:\Program Files
2011-06-22 16:38:19 ----AD---- C:\WINDOWS\Temp
2011-06-22 16:31:59 ----D---- C:\Profils\Administrator\Data aplikací\Mozilla
2011-06-22 16:30:29 ----RASH---- C:\boot.ini
2011-06-22 16:30:29 ----A---- C:\WINDOWS\win.ini
2011-06-22 16:30:29 ----A---- C:\WINDOWS\system.ini
2011-06-22 16:25:02 ----D---- C:\WINDOWS
2011-06-22 16:24:27 ----D---- C:\WINDOWS\system32\CatRoot2
2011-06-16 11:13:41 ----D---- C:\WINDOWS\system32\drivers\Avg
2011-06-14 16:21:53 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-06-14 15:43:50 ----D---- C:\Profils
2011-06-08 20:14:11 ----A---- C:\WINDOWS\NeroDigital.ini
2011-06-05 21:45:21 ----A---- C:\WINDOWS\WINCMD.INI
2011-06-05 21:26:20 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-06-05 11:32:10 ----SHD---- C:\WINDOWS\Installer
2011-06-05 11:32:10 ----D---- C:\Config.Msi
2011-06-05 11:32:06 ----SD---- C:\WINDOWS\Tasks
2011-06-02 15:29:29 ----D---- C:\Profils\Administrator\Data aplikací\uTorrent
2011-05-25 18:47:53 ----D---- C:\Profils\Administrator\Data aplikací\Real
2011-05-23 11:38:41 ----D---- C:\WINDOWS\system32
2011-05-17 16:54:48 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-05-16 21:11:51 ----D---- C:\Profils\Administrator\Data aplikací\HLSW
2011-05-16 14:02:29 ----D---- C:\WINDOWS\system32\dllcache
2011-05-16 14:02:24 ----D---- C:\WINDOWS\system32\drivers
2011-05-14 12:06:53 ----D---- C:\Profils\Administrator\Data aplikací\TS3Client
2011-05-14 11:56:18 ----SD---- C:\Profils\Administrator\Data aplikací\Microsoft
2011-05-13 12:04:47 ----D---- C:\$AVG8.VAULT$
2011-05-02 15:26:43 ----AD---- C:\Qoobox
2011-05-02 15:23:46 ----D---- C:\WINDOWS\system32\drivers\etc
2011-05-02 15:22:30 ----D---- C:\WINDOWS\system32\config
2011-05-02 15:22:20 ----D---- C:\WINDOWS\ERDNT
2011-05-02 15:18:47 ----D---- C:\WINDOWS\AppPatch
2011-05-02 15:18:46 ----D---- C:\Program Files\Common Files
2011-04-17 22:23:36 ----D---- C:\Profils\Administrator\Data aplikací\Skype
2011-04-17 21:45:58 ----D---- C:\Profils\Administrator\Data aplikací\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2010-09-25 12552]
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-06-18 64288]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-09-25 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-09-25 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-09-25 108552]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-08-07 33052]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-09-02 5632]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\D:\Programy\INstalovane\Power dvd 8\PowerDVD8\000.fcl []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-05-01 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-06-26 6555168]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-03 105856]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys []
S1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys []
S3 FXDrv32;FXDrv32; \??\F:\FXDrv32.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 nmwcdsa;Samsung USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcdsa.sys [2007-05-02 135680]
S3 nmwcdsac;Samsung USB Generic; C:\WINDOWS\system32\drivers\nmwcdsac.sys [2007-05-02 8320]
S3 nmwcdsacj;Samsung USB Port; C:\WINDOWS\system32\drivers\nmwcdsacj.sys [2007-05-02 12288]
S3 nmwcdsacm;Samsung USB Modem; C:\WINDOWS\system32\drivers\nmwcdsacm.sys [2007-05-02 12288]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-06-02 721904]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
R2 avg8emc;AVG8 E-mail Scanner; D:\Programy\INSTAL~1\AVG8~1.5\avgemc.exe [2010-09-25 908056]
R2 avg8wd;AVG8 WatchDog; D:\Programy\INSTAL~1\AVG8~1.5\avgwdsvc.exe [2010-09-25 297752]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-27 152984]
R2 nlsvc;NetLimiter; D:\Programy\INstalovane\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-06-26 159812]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-03-10 632792]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-04-21 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2011-06-14 214520]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-10 136176]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-06-14 1355968]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-11-27 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 CWAII;CWAII; C:\Temp\CWAII.exe []
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; D:\Programy\INstalovane\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-10-13 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-10 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-01-10 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2009-05-10 79360]
S4 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe []
S4 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.08 2011-06-22 16:38:46

======Uninstall list======

-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Ad-Aware Email Scanner for Outlook-->MsiExec.exe /I{338F08AB-C262-42C7-B000-34DE1A475273}
Ad-Aware-->"C:\Profils\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Profils\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper_3004.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10p_Plugin.exe -maintain plugin
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}
Adobe Reader 9.4.4-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AutoCAD 2008 - Český-->D:\Programy\INstalovane\AutoCad 2008 CZ\Setup\Setup.exe /P {5783F2D7-6001-0405-0002-0060B0CE6BBA} /M ACAD
Autodesk DWF Viewer 7-->MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
Autodesk Express Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove
AVG 8.5-->D:\Programy\INstalovane\AVG 8.5\setup.exe /UNINSTALL
Balíček ovladače systému Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpacm_18A9B92ED8DEDC602E49E767FA4BE98A30525207\shpacm.inf
Balíček ovladače systému Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpusb_558D416BCEB984F35885804D3E1A9C3773F1B17C\shpusb.inf
Balíček ovladače systému Windows - Nokia Modem (02/15/2007 3.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
BS.Player FREE-->"D:\Programy\INstalovane\BSplayer\uninstall.exe"
Call of Duty Modern Warfare 2-->"E:\Hry\Call of Duty 6 - Modern Warfare 2\unins000.exe"
Call of Duty(R) 2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l2057
Call of Duty: Black Ops-->"E:\Hry\Call of Duty - Black Ops\unins000.exe"
CCleaner (remove only)-->"D:\Programy\INstalovane\CCleaner\uninst.exe"
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Cool Edit Pro 2.1-->D:\Programy\INstalovane\Cool Edit pro 2\cep2unin.exe
CyberLink PowerDVD 8-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\setup.exe" /z-uninstall
EA Download Manager-->C:\Program Files\Electronic Arts\EADM\EADMUninstall.exe
FIFA 11-->MsiExec.exe /X{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}
Firebird SQL Server - MAGIX Edition-->D:\Programy\INstalovane\Common\Database\unwise.exe
Free Audio CD Burner version 1.2-->"C:\Program Files\DVDVideoSoft\Free Audio CD Burner\unins000.exe"
Free YouTube to MP3 Converter version 3.2-->"D:\Programy\INstalovane\Free YouTube to MP3 Converter\unins000.exe"
GamePark-->D:\Programy\INstalovane\GamePark\unins000.exe
Genius SlimStar 310/311 Hotkey driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C2157D30-298B-11D7-BF3B-00079500A37A}\Setup.exe" -l0x5 -removeonly
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_B12CA2CBE40DD1A2.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hamachi 1.0.2.5-->D:\Programy\INstalovane\Hamachi\uninstall.exe
HijackThis 2.0.2-->"D:\Programy\INstalovane\hijack\HijackThis.exe" /uninstall
HLSW v1.3.1-->"D:\Programy\INstalovane\HLSW\unins000.exe"
Home Media Server 4.2.0.38-->E:\Program Files\SimpleCenter\uninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
hp deskjet 3320 series (Pouze odstranit)-->C:\Program Files\hp deskjet 3320 series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=USB001 -vproduct=3320 -huninstall
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
JDownloader-->D:\Programy\INstalovane\JDownloader\uninstall.exe
Mafia II-->"E:\Hry\Mafia II-nainstalováno\unins000.exe"
Microsoft .NET Framework 2.0 Language Pack - CSY-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - CSY\install.exe
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Age of Empires II: The Conquerors Expansion-->"E:\Hry\Age of Empires II\UNINSTALX.EXE" /runtemp /addremove
Microsoft Age of Empires II-->"E:\Hry\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mindgames Freecell-->"C:\Program Files\Mindgames\Freecell\unins000.exe"
MSXML 6.0 Parser (KB925673)-->MsiExec.exe /I{FE9126DB-5F84-495A-BB46-3C724F1C2D08}
Nero 6 Ultra Edition-->D:\Programy\INstalovane\Nero 6\nero\uninstall\UNNERO.exe /UNINSTALL
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NHL® 09-->MsiExec.exe /X{F2B5A2A7-2DF9-4361-8BD5-362714528B51}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{11964613-805F-432D-A12B-169554B793E7}
Nokia Download!-->MsiExec.exe /X{301BEB64-7C38-4BB5-8F94-62E6160532C8}
Nokia Map Loader-->MsiExec.exe /I{03528A01-7E5E-4C5F-94DF-1D8012E969EF}
Nokia NSeries Application Installer 6.83.11-->msiexec /qn /x {82C0BCC7-A3ED-4AD9-9C94-6E71CAFC939E}
Nokia NSeries Application Installer-->MsiExec.exe /I{82C0BCC7-A3ED-4AD9-9C94-6E71CAFC939E}
Nokia NSeries Content Copier 6.83.11-->msiexec /qn /x {90870373-8351-4F73-B5C1-73A9A01BAAEA}
Nokia NSeries Content Copier-->MsiExec.exe /X{90870373-8351-4F73-B5C1-73A9A01BAAEA}
Nokia NSeries Music Manager 6.83.11-->msiexec /qn /x {CA585226-334C-4411-8F52-0C7F58BC932A}
Nokia NSeries Music Manager-->MsiExec.exe /I{CA585226-334C-4411-8F52-0C7F58BC932A}
Nokia NSeries One Touch Access 6.83.11-->msiexec /qn /x {89A33B7F-A5C2-4F18-AD71-AC29278507B7}
Nokia NSeries One Touch Access-->MsiExec.exe /I{89A33B7F-A5C2-4F18-AD71-AC29278507B7}
Nokia Nseries PC Suite-->MsiExec.exe /I{06A0A943-6ECF-4586-8EC7-58DF050B7CDB}
Nokia NSeries System Utilities 6.83.11-->msiexec /qn /x {97B21A40-E5B6-4887-9CC4-38FB416A2998}
Nokia NSeries System Utilities-->MsiExec.exe /X{97B21A40-E5B6-4887-9CC4-38FB416A2998}
Nokia Nseries Video Manager-->MsiExec.exe /X{2D21ECE3-8EC1-4315-AE4E-1970FB3AF17A}
Nokia Photos-->MsiExec.exe /I{100B729F-07A2-4A81-A28C-AE4A14FB4FB7}
Nokia Software Updater-->MsiExec.exe /X{FE5D756F-71E1-47C4-972A-D6775344B40B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
Oprava hotfix pro program Windows Media Player [Další informace viz Q828026.]-->C:\WINDOWS\$NtUninstallQ828026$\spuninst\spuninst.exe
Oprava Hotfix systému Windows XP (KB919880)-->"C:\WINDOWS\$NtUninstallKB919880$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB942288-v3)-->"C:\WINDOWS\$NtUninstallKB942288-v3$\spuninst\spuninst.exe"
ParadiseCasino - English-->D:\Programy\INSTAL~1\PARADI~2\UNWISE.EXE D:\Programy\INSTAL~1\PARADI~2\INSTALL.LOG
ParadisePoker-->D:\Programy\INSTAL~1\PARADI~1\UNWISE.EXE D:\Programy\INSTAL~1\PARADI~1\INSTALL.LOG
PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
PDFCreator-->D:\Programy\INstalovane\PDFCreator\unins000.exe
PowerISO-->"D:\Programy\INstalovane\PowerISO\uninstall.exe"
QIP 2005 8081-->"D:\Programy\INstalovane\QIP\unins000.exe"
Quake III Arena Point Release 1.32-->C:\WINDOWS\unvise32.exe e:\hry\quake3a\uninstal5.log
Quake III Arena-->C:\WINDOWS\IsUninst.exe -fe:\hry\quake3a\QIII.isu
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}
RealPlayer-->D:\Programy\INstalovane\Real Player\Update\r1puninst.exe RealNetworks|RealPlayer|12.0
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.exe -runfromtemp -l0x0005 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x5 -removeonly
RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
Registry Mechanic 9.0-->"D:\Programy\INstalovane\Registry Mechanic\unins000.exe" /Log
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x0005 -removeonly
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x0005 -removeonly
Samsung PC Studio 7-->C:\Profils\All Users\Data aplikací\Installations\{2958B04A-0905-4689-B8D8-2F511E03AEBA}\Samsung_PC_Studio_7_7.1.41.8.exe
Samsung PC Studio 7-->MsiExec.exe /I{2958B04A-0905-4689-B8D8-2F511E03AEBA}
Samsung Samples Installer-->"C:\Program Files\InstallShield Installation Information\{7AC15160-A49B-4A89-B181-D4619C025FFF}\setup.exe" -runfromtemp -l0x0005 -removeonly
SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25}
Search Settings v1.2.3-->MsiExec.exe /X{5F05C28D-DEA9-4AD6-A73A-064175988EAB}
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SolidWorks 2008 SP0-->MsiExec.exe /I{AA48705D-C811-4B1B-908F-C808D9896389}
Spybot - Search & Destroy-->"D:\Programy\INstalovane\Spybot - Search & Destroy\unins000.exe"
TeamSpeak 2 RC2-->D:\Programy\INstalovane\Teamspeak2_RC2\unins000.exe
TeamSpeak 3 Client-->"D:\Programy\INstalovane\TS3\uninstall.exe"
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
Tunatic-->"C:\WINDOWS\lsb_un20.exe" /C=UC /N=Tunatic
Tweak UI-->"C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
Unibet-->C:\MicroGaming\Poker\unibetpokerMPP\install.exe -uninstall
Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
upapp-->MsiExec.exe /I{4EF69D40-4DC9-485E-95D3-B1C22F218FC8}
Veetle TV 0.9.17-->D:\Programy\INstalovane\Veetle\UninstallVeetleTV.exe
Ventrilo-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Virtua Tennis(TM) 2009-->"C:\Program Files\InstallShield Installation Information\{9B63540D-D942-4C38-B42E-A48AE0145970}\setup.exe" -runfromtemp -l0x0009 -removeonly
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinRAR-->D:\Programy\INstalovane\Win Rar\uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Security center information======

AV: AVG Anti-Virus

======System event log======

Computer Name: RIP1
Event Code: 6005
Message: Služba Event Log byla spuštěna.

Record Number: 5
Source Name: EventLog
Time Written: 20101126213010.000000+060
Event Type: Informace
User:

Computer Name: RIP1
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 4
Source Name: EventLog
Time Written: 20101126213010.000000+060
Event Type: Informace
User:

Computer Name: RIP1
Event Code: 6006
Message: Služba Event Log byla zastavena.

Record Number: 3
Source Name: EventLog
Time Written: 20101126180931.000000+060
Event Type: Informace
User:

Computer Name: RIP1
Event Code: 6005
Message: Služba Event Log byla spuštěna.

Record Number: 2
Source Name: EventLog
Time Written: 20101126143139.000000+060
Event Type: Informace
User:

Computer Name: RIP1
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20101126143139.000000+060
Event Type: Informace
User:

=====Application event log=====

Computer Name: RIP1
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 5
Source Name: SecurityCenter
Time Written: 20071231230241.000000+060
Event Type: Informace
User:

Computer Name: RIP1
Event Code: 0
Message:
Record Number: 4
Source Name: gupdate
Time Written: 20071231230238.000000+060
Event Type: Informace
User:

Computer Name: RIP1
Event Code: 1
Message:
Record Number: 3
Source Name: avg8emc
Time Written: 20071231230222.000000+060
Event Type: Informace
User:

Computer Name: RIP1
Event Code: 0
Message:
Record Number: 2
Source Name: ICQ Service
Time Written: 20071231230155.000000+060
Event Type: Informace
User:

Computer Name: RIP1
Event Code: 0
Message:
Record Number: 1
Source Name: gupdate
Time Written: 20071231230148.000000+060
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\PC Connectivity Solution;C:\Program Files\NVIDIA Corporation\PhysX\Common;E:\Program Files\Nokia\PC Connectivity Solution;D:\Programy\INstalovane\QuickTime\QTSystem;D:\Programy\Mobil;C:\Program Files;C:\Program Files\Common Files\Autodesk Shared
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;D:\Programy\INstalovane\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=D:\Programy\INstalovane\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

#2 Příspěvek od **JaRon** » 21 čer 2011 16:40

start-spustit-services.msc <enter>
najdi a nastav typ spustenia na zakazane u sluzby:
CWAII
+
restart + odinstaluj Ad-aware a vycisti s CCleanerom

Blein · #3 Příspěvek od **Blein** » 21 čer 2011 17:06

Ještě jsem si stihl udělat kontrolu MBAM. Zde je log.

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13

22.6.2011 18:02:55
mbam-log-2011-06-22 (18-02-49).txt

Typ: Úplná kontrola (C:\|D:\|E:\|)
Kontrolované objekty: 302317
Uplynulý čas: 51 minut, 43 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 2
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 1
Infikované složky: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CURRENT_USER\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Z30KYPG3WS (Trojan.FakeAlert) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (PUM.Hijack.Help) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
d:\instalatory\ventrilo-2.1.4.exe (Trojan.Dropper) -> No action taken.
d:\Programy\instalovane\QIP\Users\293740867\rcvdfiles\245884379_r1pp3r\ventrilo-2.1.4.exe (Trojan.Dropper) -> No action taken.

#4 Příspěvek od **JaRon** » 22 čer 2011 06:38

najdene ZMAZ + doinstaluj SP3

VIRY.CZ

RSIT - kontrola logu

RSIT - kontrola logu

Re: RSIT - kontrola logu

Re: RSIT - kontrola logu

Re: RSIT - kontrola logu