Preventivka. Díky :)

Zpráva

ArchoX · #1 Příspěvek od **ArchoX** » 26 čer 2011 16:31

Nějak blbne net tak jestli náhodou to není kvůli nějakému viru. Za pomoc děkuji.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Barney at 2011-06-26 17:26:37
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 320 GB (67%) free of 477 GB
Total RAM: 3582 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:26:47, on 26.6.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Steam\Steam.exe
C:\Documents and Settings\Barney\Plocha\Download\RSIT (1).exe
C:\Program Files\trend micro\Barney.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\JMRaidSetup.exe boot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ProfilerU] C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
O4 - HKLM\..\Run: [SaiMfd] C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Barney\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3448010687
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - c:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 10287 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1454471165-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1454471165-725345543-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - c:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - c:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"JMB36X IDE Setup"=C:\WINDOWS\JM\JMInsIDE.exe [2006-10-31 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\JMRaidSetup.exe [2006-11-17 1953792]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-06 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"ProfilerU"=C:\Program Files\Saitek\SD6\Software\ProfilerU.exe [2009-06-03 237568]
"SaiMfd"=C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [2009-06-03 131072]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2219184]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-04-19 98304]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-11-04 136176]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-04-20 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Barney\Local Settings\Apps\2.0\B4ZA5KQO.KWM\62R9G8GJ.YZ3\coho..tion_4fdd38d166a17713_0001.0001_2ca76f7ef41ff4ef\CoHOLauncher.exe"="C:\Documents and Settings\Barney\Local Settings\Apps\2.0\B4ZA5KQO.KWM\62R9G8GJ.YZ3\coho..tion_4fdd38d166a17713_0001.0001_2ca76f7ef41ff4ef\CoHOLauncher.exe:*:Enabled:Company of Heroes Online Launcher (THQ)"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\Barney\Local Settings\Apps\2.0\B4ZA5KQO.KWM\62R9G8GJ.YZ3\coho..tion_4fdd38d166a17713_0001.0001_2ea3ae6aea32b9ef\CoHOLauncher.exe"="C:\Documents and Settings\Barney\Local Settings\Apps\2.0\B4ZA5KQO.KWM\62R9G8GJ.YZ3\coho..tion_4fdd38d166a17713_0001.0001_2ea3ae6aea32b9ef\CoHOLauncher.exe:*:Enabled:Company of Heroes Online (THQ)"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe"="C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe:*:Enabled:Assassin's Creed Brotherhood Multiplayer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\AVG\AVG10\avgmfapx.exe"="C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:Instalátor AVG"
"C:\Program Files\The Witcher 2\bin\witcher2.exe"="C:\Program Files\The Witcher 2\bin\witcher2.exe:*:Disabled:The Witcher 2: Assasins of Kings"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword"
"C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe"="C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Beyond the Sword\Civ4BeyondSword_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Beyond the Sword Pitboss"
"C:\Program Files\StarCraft II\StarCraft II.exe"="C:\Program Files\StarCraft II\StarCraft II.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Bohemia Interactive\ArmA 2 Free\arma2free.exe"="C:\Program Files\Bohemia Interactive\ArmA 2 Free\arma2free.exe:*:Enabled:ArmA 2 Free"
"C:\Program Files\Steam\steamapps\common\amd driver updater, xp, 32 bit\Setup.exe"="C:\Program Files\Steam\steamapps\common\amd driver updater, xp, 32 bit\Setup.exe:*:Enabled:AMD Driver Updater, XP, 32 bit"
"C:\Program Files\Steam\steamapps\archoxko\team fortress 2\hl2.exe"="C:\Program Files\Steam\steamapps\archoxko\team fortress 2\hl2.exe:*:Enabled:hl2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-06-23 18:20:23 ----D---- C:\Program Files\Bohemia Interactive
2011-06-20 20:03:33 ----A---- C:\Documents and Settings\Barney\Data aplikací\myMPQ.ini
2011-06-20 19:11:20 ----D---- C:\Program Files\StarCraft II
2011-06-20 19:11:20 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2011-06-20 19:11:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Blizzard Entertainment
2011-06-20 17:10:52 ----A---- C:\WINDOWS\ScUnin.pif
2011-06-20 17:10:52 ----A---- C:\WINDOWS\ScUnin.exe
2011-06-20 17:10:36 ----D---- C:\Program Files\Starcraft
2011-06-20 16:55:35 ----D---- C:\Program Files\Garena
2011-06-18 18:07:20 ----D---- C:\Program Files\Motiva
2011-06-18 11:09:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2492386$
2011-06-18 11:08:59 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2011-06-18 11:05:53 ----D---- C:\Program Files\Common Files\Java
2011-06-18 11:05:44 ----A---- C:\WINDOWS\system32\javaws.exe
2011-06-18 11:05:44 ----A---- C:\WINDOWS\system32\javaw.exe
2011-06-18 11:05:44 ----A---- C:\WINDOWS\system32\java.exe
2011-06-17 22:30:06 ----D---- C:\Documents and Settings\Barney\Data aplikací\Bitcoin
2011-06-16 16:19:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2011-06-16 16:19:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2503665$
2011-06-16 16:19:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2011-06-16 16:19:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276$
2011-06-16 12:07:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893$
2011-06-03 15:54:42 ----D---- C:\Documents and Settings\Barney\Data aplikací\InstallShield
2011-06-03 15:47:19 ----D---- C:\Program Files\Firaxis Games
2011-05-27 23:27:38 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2011-05-27 23:27:30 ----D---- C:\Program Files\DAEMON Tools Lite

======List of files/folders modified in the last 1 months======

2011-06-26 17:26:40 ----D---- C:\Program Files\trend micro
2011-06-26 17:03:57 ----D---- C:\WINDOWS\system32\CatRoot2
2011-06-26 17:03:39 ----D---- C:\Program Files\Steam
2011-06-26 15:55:26 ----D---- C:\WINDOWS\Temp
2011-06-26 13:15:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-06-26 11:35:33 ----D---- C:\WINDOWS\Prefetch
2011-06-26 11:29:14 ----D---- C:\WINDOWS
2011-06-25 23:12:41 ----D---- C:\Program Files\Mozilla Firefox
2011-06-25 11:15:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-06-24 22:24:38 ----D---- C:\WINDOWS\system32\drivers\etc
2011-06-24 19:34:44 ----RD---- C:\Program Files
2011-06-24 19:34:39 ----HD---- C:\Program Files\InstallShield Installation Information
2011-06-24 19:18:33 ----D---- C:\Program Files\Wolfire
2011-06-24 19:15:09 ----D---- C:\Program Files\DVDVideoSoft
2011-06-24 19:15:09 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-06-23 18:23:37 ----D---- C:\WINDOWS\system32\DirectX
2011-06-23 18:18:43 ----D---- C:\Documents and Settings\Barney\Data aplikací\uTorrent
2011-06-21 14:33:03 ----D---- C:\WINDOWS\system32\config
2011-06-20 19:27:10 ----D---- C:\Program Files\Common Files
2011-06-18 18:11:19 ----HD---- C:\WINDOWS\inf
2011-06-18 18:10:41 ----SHD---- C:\WINDOWS\Installer
2011-06-18 18:10:40 ----D---- C:\WINDOWS\WinSxS
2011-06-18 11:27:03 ----D---- C:\WINDOWS\Microsoft.NET
2011-06-18 11:17:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-18 11:17:27 ----D---- C:\WINDOWS\system32
2011-06-18 11:17:27 ----D---- C:\WINDOWS\AppPatch
2011-06-18 11:14:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-06-18 11:10:15 ----RSD---- C:\WINDOWS\assembly
2011-06-18 11:09:09 ----HD---- C:\WINDOWS\$hf_mig$
2011-06-18 11:08:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-06-18 11:05:42 ----D---- C:\Program Files\Java
2011-06-17 17:06:11 ----D---- C:\WINDOWS\Debug
2011-06-16 18:45:48 ----D---- C:\WINDOWS\SxsCaPendDel
2011-06-16 16:19:42 ----D---- C:\WINDOWS\system32\drivers
2011-06-16 16:19:26 ----D---- C:\Program Files\Internet Explorer
2011-06-16 12:07:29 ----A---- C:\WINDOWS\system32\MRT.exe
2011-06-04 13:25:28 ----D---- C:\WINDOWS\Minidump
2011-06-01 17:36:46 ----D---- C:\Documents and Settings\Barney\Data aplikací\vlc
2011-05-31 00:12:53 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JGOGO;JMicron Hot-Plug Driver; C:\WINDOWS\system32\DRIVERS\JGOGO.sys [2006-02-08 6912]
R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2006-11-21 43648]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-09-17 691696]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-05-27 218688]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-04-20 6537728]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 SaiMini;SaiMini; C:\WINDOWS\system32\DRIVERS\SaiMini.sys [2009-06-10 14080]
R3 SaiNtBus;SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [2009-06-10 36992]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
S3 catchme;catchme; \??\C:\DOCUME~1\Barney\LOCALS~1\Temp\catchme.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 SaiHFF32;SaiHFF32; C:\WINDOWS\system32\DRIVERS\SaiHFF32.sys [2007-09-13 136192]
S3 SaiIFF32;Immersion's HID USB Driver (FF32); C:\WINDOWS\system32\DRIVERS\SaiIFF32.sys [2007-09-13 16384]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-04-20 643072]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 JavaQuickStarterService;Java Quick Starter; c:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-03-26 75136]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2010-03-14 3613896]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

chodnik74 · #2 Příspěvek od **chodnik74** » 26 čer 2011 20:05

Dobrý večer

Používáte legální operační systém? Obrázek

Ten ESET je zakoupená licence?

Stáhneme si program CKScanner Obrázek

Spustíme stažený program CKScanner.exe
Klineme na tlačítko Search for files a počkáme
Po dokončení se nám ukáže log,klikneme na Save List to File
Ve stejném umístění jako je program CKScanner.exe najdeme soubor ckfiles.txt
Otevřeme soubor ckfiles.txt a jeho obsah vložíme sem na forum

Stáhněte a spusťte WVCheck.exe nebo WVCheck.zip

Stiskněte klávesu Enter
Program začne prohledávat váš PC,délka skenování je závislá na počtu souborů ve vašem PC (většinou do 5 minut)
Po dokončení skenování se vám zobrazí log,který mi sem zkopírujte (log najdete i na vaší Ploše)

ArchoX · #3 Příspěvek od **ArchoX** » 27 čer 2011 13:50

Windows je originál a u noda není zakoupená další licence pro aktualizaci.

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\garena\plugins\ui\avoidcrackplugin.dll
c:\program files\gimp-2.0\share\gimp\2.0\patterns\cracked.pat
scanner sequence 3.ZZ.11
----- EOF -----

Windows Validation Check
Version: 1.9.12.5
Log Created On: 1441_27-06-2011
-----------------------

Windows Information
-----------------------
Windows Version: Windows XP Service Pack 3
Windows Mode: Normal
Systemroot Path: C:\WINDOWS

WVCheck's Auto Update Check
-----------------------
Auto-Update Option: Download updates and install them automatically.
-----------------------
Last Success Time for Update Detection: 2011-06-27 10:09:34
Last Success Time for Update Download: 2011-06-18 08:58:42
Last Success Time for Update Installation: 2011-06-18 09:04:48

WVCheck's Registry Check Check
-----------------------
Antiwpa: Not Found
-----------------------
Chew7Hale: Not Found
-----------------------

WVCheck's File Dump
-----------------------
WVCheck found no known bad files.

WVCheck's Dir Dump
-----------------------
WVCheck found no known bad directories.

WVCheck's Missing File Check
-----------------------
WVCheck found no missing Windows files.

WVCheck's HOSTS File Check
-----------------------
WVCheck found no bad lines in the hosts file.

WVCheck's MD5 Check
EXPERIMENTAL!!
-----------------------
user32.dll - e16e0990967374e76f3e40cacafd3d53

-------- End of File, program close at 1441_27-06-2011 --------

chodnik74 · #4 Příspěvek od **chodnik74** » 27 čer 2011 21:29

Tak smažeme zbytečnosti po spuštění..Ten AV nahradíme?

co by jste řekl na Avast?

odinstalujte Spybot - Search & Destroy,nahradíme na závěr

Spustíme si HijackThis

Kód: Vybrat vše

C:\Program Files\trend micro\Barney.exe

(Pokud nenajdeme nebo nemáme,tak stáhneme ZDE )

Dále klikneme na tlačítko Do a system scan only

Najdeme a označíme následující položky:

Kód: Vybrat vše

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Barney\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c

klikneme na položku Fix checked a potvrdíme tlačítkem Ano

TFC

Stáhneme a spustíme program
Klikneme na Start a potvrdíme OK
Program začne uklízet,poté restartuje pc
po použití program smažte

jak se pc chová?

ArchoX · #5 Příspěvek od **ArchoX** » 27 čer 2011 22:40

Vypadá mnohem rychleji

Jinak proč mám spybot vymazat? Mně se zdá jako dobrý prográmek. (Nebo ho jdeme za něco vyměnit?)

Jinak díky za pomoc

chodnik74 · #6 Příspěvek od **chodnik74** » 27 čer 2011 22:45

Už má svá léta za sebou...nyní je ve špičce SUPERAntispyware

ten použíjte jako preventivní sken 1x14 dní

Rád jsem pomohl

JulietLove · #7 Příspěvek od **JulietLove** » 28 čer 2011 02:19

Jinak díky za pomoc

_______________________
Buy WOW Items|RS Gold|Rift Gold

chodnik74 · #8 Příspěvek od **chodnik74** » 28 čer 2011 05:48

Ještě proveďte údržbu pc

Údržba PC:

1)Čištění dočasných složek + neplatné registry

Ccleaner

Stáhneme a nainstalujeme program
Spustíme program
ČISTIČ
Windows zde necháme vše jak je (pokud používáme IE,tak odškrkneme jeho položky) a zaškrkneme položky Start Menu zástupci a Zástupci na ploše
Aplikace - necháme jak je,ale pokud používáme nějaký prohlížeč (Google chrome,Firefox,Opera..) tak odškrkneme jeho položky
>Stiskeneme tlačítko Analyzovat a poté Spustit Cleaner
Registry
>Stiskneme tlačítko Hledej problémy,program začne hledat neplatné registry..podé zvolíme Opravit vybrané problémy..
>Program se zeptá,zda chceme vytvořit zálohu registrů,zvolíme ano a uložíme si někde zálohu(kdyby byli po opravení registru s něčím problémy,tak zálohu
obnovíme tak,že spustíme uloženou zálohu a potvrdíme ano),dále zvolíme Opravit všechny problémy a Zavřít
>opakujte dokud nebude registr bez problémů
Program používáme 1x 14dní (záleží na používání pc,můžeme i jednou týdně)

2)Defragmentace disku

Defraggler

Stáhneme a nainstalujeme program
Spustíme program
Vybereme disk ( C:,D:..prostě který používáme)
Pokud je ve sloupci Fragmentace více než 5% dejte Defragmentovat
Proveďte se všemi používanými disky
Provádíme 1x za měsíc

3)Aktualizace programů

FileHippo.com Update Checker

Stáhneme a nainstalujeme program(Při instalaci odškrkneme volbu Run at Startup )
Spustíme program
Program vyhledá nainstalované programy v PC a zjistí dostupné aktualizace
Poté se vám otevře internetová stránka,kde budou nabídnuté aplikace k aktualizování
>X Updates Detected..to jsou dostupné aktualizace..
> klikneme na zelenou šipečku a stáhneme program,poté nainstalujeme jeho aktuální verzi
> X Beta Updates Detected..tyto aktualizace nestahujte,jedná se o betaverze,které jsou ve vývoji a jsou nestabilní
Provádíme 1x za 14 dní nebo jednou za měsíc

Rádo se stalo

hezký zbytek dne

VIRY.CZ

Preventivka. Díky :)

Preventivka. Díky :)

Re: Preventivka. Díky :)

Re: Preventivka. Díky :)

Re: Preventivka. Díky :)

Re: Preventivka. Díky :)

Re: Preventivka. Díky :)

Re: Preventivka. Díky :)

Re: Preventivka. Díky :)