VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Nero at 2011-09-14 15:29:35
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 243 GB (40%) free of 610 GB
Total RAM: 4094 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:29:39, on 14.9.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Gigabyte\ET6\GUI.exe
C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Nero.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {cb90f295-4524-4bd4-adb4-8dc333d67d6a} - (no file)
F2 - REG:system.ini: UserInit=%windows%\system32\userinit.exe,
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6D11834-E45F-458E-8017-671CA94ABAA4}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{EB8F7231-D44E-42D0-988D-1D83C69A35EB}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: ,c:\windows\syswow64\guard32.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HyperDesk's Custom Theme Enabler (HyperDeskCustomThemeEnabler) - Unknown owner - C:\Windows\Installer\MSIEAA2.tmp
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7959 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\Installer\MSIEAA2.tmp" -service
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe"
atieclxx
"C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe"
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe" /s "N360" /m "C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\diMaster.dll" /prefetch:1
"taskhost.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
WLIDSvcM.exe 2240
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Gigabyte\ET6\GUI.exe" -m
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe" /c /a /s UserSession
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-99e95c81-3678-45d5-b842-8a0eb27c2aaa -SystemEventPortName:HostProcess-f5ece8ea-b693-45bb-a42e-3e5cae5f52b5 -IoCancelEventPortName:HostProcess-5691521d-a8a1-406e-a345-307832f56796 -NonStateChangingEventPortName:HostProcess-e62eddb6-fad3-40b8-8357-50a4fb6c122a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:872c6b7c-afd3-4eb6-9531-dd629f9c36c7
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:1
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
"C:\Program Files\WinFast\WFDTV\WFWIZ.exe"
"C:\Program Files\WinFast\WFDTV\DTVSchdl.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe" /SILENT
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Users\Nero\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll [2011-04-29 436152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\IPS\IPSBHO.DLL [2011-03-31 210872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\coIEPlg.dll [2011-04-29 436152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-01-20 6963744]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-20 1833504]
"SaiVolume"=C:\Program Files\Saitek\CyborgKeyboard\SaiVolume.exe [2008-01-18 186880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-26 336384]
"EasyTuneVI"=C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [2007-07-26 20480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\windows\system32\guard64.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=60

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-09-14 15:24:37 ----D---- C:\rsit
2011-09-14 15:24:37 ----D---- C:\Program Files\trend micro
2011-09-14 10:19:31 ----D---- C:\Program Files (x86)\Trend Micro
2011-09-14 08:59:56 ----D---- C:\Program Files\Windows Doctor
2011-09-14 08:54:44 ----D---- C:\Program Files (x86)\Windows Doctor
2011-09-13 20:20:08 ----D---- C:\Program Files\IObit
2011-09-12 09:28:34 ----A---- C:\Windows\GVTDrv64.sys
2011-09-11 02:07:10 ----A---- C:\Windows\CRC.INI
2011-09-08 15:49:52 ----D---- C:\ProgramData\McAfee
2011-08-28 06:59:23 ----D---- C:\ProgramData\ArcSoft
2011-08-26 10:55:45 ----D---- C:\Program Files (x86)\Orban
2011-08-24 18:14:51 ----D---- C:\Program Files (x86)\AMD APP
2011-08-24 07:55:20 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-08-24 07:55:20 ----A---- C:\Windows\system32\tzres.dll
2011-08-23 12:36:00 ----HD---- C:\Windows\Icons
2011-08-23 08:48:55 ----D---- C:\ProgramData\The Skins Factory
2011-08-23 08:44:56 ----D---- C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
2011-08-23 08:16:24 ----D---- C:\Users\Nero\AppData\Roaming\Skinux
2011-08-23 08:13:15 ----A---- C:\Windows\SYSWOW64\sstunst3.exe
2011-08-21 18:24:45 ----RA---- C:\Windows\system32\drivers\SymIMV.sys
2011-08-20 08:34:52 ----DC---- C:\Windows\system32\DRVSTORE
2011-08-20 08:34:52 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-08-20 08:34:50 ----A---- C:\Windows\system32\drivers\SYMEVENT64x86.SYS
2011-08-20 08:34:49 ----D---- C:\Program Files\Symantec
2011-08-20 08:34:49 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-08-20 08:34:23 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2011-08-20 08:34:23 ----A---- C:\Windows\system32\GEARAspi64.dll
2011-08-20 08:34:15 ----D---- C:\Windows\system32\drivers\N360x64
2011-08-20 08:34:13 ----D---- C:\Program Files (x86)\Norton 360
2011-08-20 08:34:06 ----D---- C:\Program Files (x86)\NortonInstaller
2011-08-20 01:09:59 ----D---- C:\Program Files (x86)\DownVision
2011-08-20 00:50:25 ----D---- C:\Users\Nero\AppData\Roaming\eType
2011-08-16 19:17:10 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2011-08-16 15:18:27 ----SHD---- C:\ProgramData\DSS
2011-08-16 15:16:12 ----D---- C:\Users\Nero\AppData\Roaming\Lionhead Studios
2011-08-16 15:00:51 ----D---- C:\Program Files (x86)\Microsoft Games
2011-08-16 00:25:28 ----D---- C:\Unreal Commander
2011-08-15 13:28:21 ----D---- C:\Program Files\RegClean Pro
2011-08-15 13:27:15 ----D---- C:\Users\Nero\AppData\Roaming\Systweak
2011-08-15 13:27:13 ----A---- C:\Windows\system32\roboot64.exe

======List of files/folders modified in the last 1 month======

2011-09-14 15:24:37 ----RD---- C:\Program Files
2011-09-14 15:24:32 ----D---- C:\Windows\Temp
2011-09-14 15:07:55 ----D---- C:\Users\Nero\AppData\Roaming\Skype
2011-09-14 13:21:00 ----SHD---- C:\System Volume Information
2011-09-14 13:20:58 ----D---- C:\Windows\SysWOW64
2011-09-14 12:35:21 ----D---- C:\Windows\system32\config
2011-09-14 11:55:58 ----D---- C:\Windows
2011-09-14 11:42:56 ----D---- C:\Users\Nero\AppData\Roaming\uTorrent
2011-09-14 10:19:32 ----SHD---- C:\Windows\Installer
2011-09-14 10:19:32 ----SHD---- C:\Config.Msi
2011-09-14 10:19:31 ----SD---- C:\Users\Nero\AppData\Roaming\Microsoft
2011-09-14 10:19:31 ----RD---- C:\Program Files (x86)
2011-09-14 09:19:21 ----D---- C:\Users\Nero\AppData\Roaming\skypePM
2011-09-14 09:18:00 ----D---- C:\Program Files (x86)\Ashampoo
2011-09-14 09:14:49 ----D---- C:\Windows\debug
2011-09-14 08:18:01 ----D---- C:\Windows\winsxs
2011-09-14 08:17:43 ----D---- C:\Windows\system32\catroot
2011-09-14 08:16:26 ----A---- C:\Windows\system32\MRT.exe
2011-09-13 23:23:20 ----A---- C:\Windows\SYSWOW64\Dvbpws.dll
2011-09-13 23:21:26 ----HD---- C:\ProgramData
2011-09-13 23:21:25 ----D---- C:\Windows\system32\drivers
2011-09-13 22:46:22 ----D---- C:\Windows\system32\NDF
2011-09-13 20:22:34 ----D---- C:\ProgramData\IObit
2011-09-12 20:22:31 ----D---- C:\Windows\system32\catroot2
2011-09-12 15:46:07 ----D---- C:\Games
2011-09-12 15:34:33 ----RSD---- C:\Windows\assembly
2011-09-12 15:13:25 ----D---- C:\Windows\Logs
2011-09-12 09:03:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-09-12 09:03:33 ----D---- C:\Program Files (x86)\Gigabyte
2011-09-12 09:01:38 ----A---- C:\Windows\GSetup.ini
2011-09-11 02:06:23 ----D---- C:\Program Files (x86)\Comodo
2011-09-09 07:52:01 ----D---- C:\Windows\System32
2011-09-08 19:52:33 ----D---- C:\Windows\system32\Tasks
2011-09-05 14:44:30 ----D---- C:\Windows\Prefetch
2011-09-05 14:03:49 ----D---- C:\Windows\inf
2011-09-05 14:03:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-01 21:24:32 ----D---- C:\Windows\system32\DriverStore
2011-09-01 20:08:04 ----D---- C:\Program Files (x86)\Opera
2011-08-26 12:00:36 ----D---- C:\Windows\rescache
2011-08-24 07:56:12 ----D---- C:\Windows\SYSWOW64\sk-SK
2011-08-24 07:56:12 ----D---- C:\Windows\SYSWOW64\en-US
2011-08-24 07:56:12 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-08-24 07:56:12 ----D---- C:\Windows\system32\sk-SK
2011-08-24 07:56:12 ----D---- C:\Windows\system32\en-US
2011-08-24 07:56:12 ----D---- C:\Windows\system32\cs-CZ
2011-08-23 12:19:58 ----D---- C:\Users\Nero\AppData\Roaming\TuneUp Software
2011-08-23 12:14:42 ----D---- C:\Windows\Tasks
2011-08-23 11:24:34 ----SD---- C:\ProgramData\Microsoft
2011-08-23 09:13:17 ----A---- C:\Windows\system32\uxtheme.dll
2011-08-23 09:13:15 ----A---- C:\Windows\system32\themeui.dll
2011-08-23 09:13:08 ----A---- C:\Windows\system32\themeservice.dll
2011-08-23 09:00:15 ----D---- C:\Users\Nero\AppData\Roaming\XnView
2011-08-23 08:48:25 ----A---- C:\Windows\system32\imageres.dll
2011-08-22 21:19:45 ----D---- C:\Windows\LiveKernelReports
2011-08-20 08:42:49 ----D---- C:\ProgramData\Norton
2011-08-20 08:34:49 ----D---- C:\Program Files\Common Files
2011-08-19 23:14:06 ----HD---- C:\Windows\system32\GroupPolicy
2011-08-15 21:11:54 ----D---- C:\Program Files\WinRAR
2011-08-15 19:13:32 ----D---- C:\Users\Nero\AppData\Roaming\The First Templar
2011-08-15 16:48:50 ----D---- C:\Windows\Microsoft.NET
2011-08-15 16:34:19 ----D---- C:\Program Files (x86)\THQ
2011-08-15 12:38:44 ----D---- C:\Windows\system32\wfp
2011-08-15 12:38:42 ----D---- C:\Windows\system32\wbem
2011-08-15 12:37:02 ----D---- C:\Windows\registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\N360x64\0501000.01D\SYMDS64.SYS [2011-01-27 450680]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\N360x64\0501000.01D\SYMEFA64.SYS [2011-03-15 912504]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20110909.001\BHDrvx64.sys [2011-09-09 1152632]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2011-08-20 481912]
R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20110913.030\IDSvia64.sys [2011-08-23 488568]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 91568]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\N360x64\0501000.01D\SRTSPX64.SYS [2011-03-31 40568]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2011-03-31 43640]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\N360x64\0501000.01D\Ironx64.SYS [2011-01-27 171128]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\N360x64\0501000.01D\SYMNETS.SYS [2011-07-08 386168]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-07-29 9980416]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-07-28 309248]
R3 CX88VID;WinFast CX2388x AvStream Driver; C:\Windows\system32\drivers\pvr2000.sys [2007-09-19 469248]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-08-20 136824]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-09-14 24072]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2010-08-21 34152]
R3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2011-09-14 30528]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-01-20 1699744]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110913.017\ENG64.SYS [2011-08-20 117880]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20110913.017\EX64.SYS [2011-08-20 2048632]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2008-12-25 190496]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 SaiK0728;SaiK0728; C:\Windows\system32\DRIVERS\SaiK0728.sys [2008-02-18 129024]
R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\system32\drivers\N360x64\0501000.01D\SRTSP64.SYS [2011-03-31 744568]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2011-08-20 174200]
R4 atillk64;atillk64; \??\C:\Program Files (x86)\Gigabyte\ET6\atillk64.sys [2006-07-19 14608]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys []
S3 gMouUsb16;USB 16-bit Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb16.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AHDDC2;Ashampoo HDD Control 2 Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2011-04-05 1518976]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-07-28 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-26 354304]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
R2 HyperDeskCustomThemeEnabler;HyperDesk's Custom Theme Enabler; C:\Windows\Installer\MSIEAA2.tmp [2011-08-23 102400]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Engine\5.1.0.29\ccSvcHst.exe [2011-04-17 130008]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-28 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

Zdravim, pekny den preji a vitam vas u nas na foru

Prectete si prosim pravidla fora

Dejte log z RSIT http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 - je podrobnejsi nez HJT

Taky zdravím...díky za upozornění,editoval jsem příspěvek,vložil jsem tam výpis s RSIT..

Log vypada na havet cisty, jsou s PC nejake problemy

Díky za zkouknutí..
Z kompem nemám větší problémy,krom toho že už není tak rychlý jako byl krátce po instalaci (to by mohlo být tím že často zkouším různé programy,prostě-nainstaluji-vyzkouším-odinstaluji..a zkusím jiný,tak dlouho až najdu takový který mi nejvíce vyhovuje.)
Je tu ještě jeden problém,ale ten s viry a podobnou havětí zřejmě nesouvisí...při psaní textu (na internetu nebo v p.c na poznámkový blok) se mi stává že uprostřed psaní přestane klávesnice psát-jako bych klikl omylem myší na jiné okno (což jsem neudělal).Ale když na text kliknu,můžu psát dál.
Hlavní důvod proč jsem tady vložil ten výpis je že při testu firewallu na Ageritu mi to vypsalo varování,že nemám zabezpečené porty 80 a 443,tak jsem měl obavu jestli se tudy něco nedostalo do kompu.

Tak kouknem ci tam neco nekde neni

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

• Provedte aktualizaci
• Provedte uplny sken - nic nemazte
• MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Díky,hned jdu na to..předpokládám že bude stačit systémový disk,a zadat "úplná kontrola"...

Ted staci systemovy uplnou ale posleze bych radeji udelal i druhy pokud mate

Kontrola systémového hdd hotová-nalezeno 0 infekcí..
Tak počítám že to s největší pravděpodobností znamená že počítač mám čistý.
A protože se při brouzdání netem moc nehlídám,tak to vypadá že ten Norton 360 co mám je kvalitní a nic do počítače nepustil..

I log z RSITu vypada cisty

Díky za pomoc.Jinak ten norton používám jen chvíli,na zkoušku,doporučil mi ho jeden známý.Před ním jsem měl v počítači Comodo internet security,subjektivně jsem s ním byl spokojený,ale nikde jsem na internetu nenašel test antiviru,který je tam obsažen.Tak jsem si nebyl jistý nakolik je účinný...proto jsem přešel na ten Norton.

Comodo dela dobre firewally, s jeho antiviry je to uz horsi, Norton je dobra volba