VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by klub103 at 2012-04-13 12:10:59
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 6 GB (34%) free of 18 GB
Total RAM: 2015 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:11:11, on 13.4.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Mobile Partner\Mobile Partner.exe
C:\znovu\DiochiOnLine\Stredisko\SunSoft\SunLINE SDK Full\SunLINE Listener.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kerio\VPN Client\kvpnclient.exe
C:\znovu\DiochiOnLine\Stredisko\Stredisko.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\ZNOVU\DIOCHIONLINE\STREDISKO\SUNSOFT\SUNLINE SDK FULL\SunLINE Server.exe
C:\Documents and Settings\klub103\Desktop\RSIT.exe
C:\Program Files\trend micro\klub103.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [Kerio VPN Client] "C:\Program Files\Kerio\VPN Client\kvpnclient.exe" /tryauto
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Sun Line.lnk = C:\znovu\DiochiOnLine\Stredisko\SunSoft\SunLINE SDK Full\SunLINE Listener.exe
O4 - Startup: SunLINE Full.lnk = C:\Program Files\SunSoft\SunLINE SDK Full\SunLINE Listener.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 8826575245
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab
O21 - SSODL: mtkle - {BBC3AED4-C5BD-455A-7C85-50652A29E8D9} - C:\WINDOWS\System32\ggpgub32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: DCService.exe - Unknown owner - C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

--
End of file - 4916 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\klub103\Application Data\Mozilla\Firefox\Profiles\nhtznrey.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\System32\Macromed\Flash\NPSWF32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\klub103\Application Data\Mozilla\Firefox\Profiles\nhtznrey.default\extensions\
LogMeInClient@logmein.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AudioDeck"=C:\Program Files\VIAudioi\SBADeck\ADeck.exe [2004-07-13 7937024]
"Kerio VPN Client"=C:\Program Files\Kerio\VPN Client\kvpnclient.exe [2007-08-28 2646016]
""= []
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2011-09-16 63048]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StatusClient]
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]
C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]

C:\Documents and Settings\klub103\Start Menu\Programs\Startup
Sun Line.lnk - C:\znovu\DiochiOnLine\Stredisko\SunSoft\SunLINE SDK Full\SunLINE Listener.exe
SunLINE Full.lnk - C:\Program Files\SunSoft\SunLINE SDK Full\SunLINE Listener.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2012-01-31 87424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
mtkle - {BBC3AED4-C5BD-455A-7C85-50652A29E8D9} - C:\WINDOWS\System32\ggpgub32.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\znovu\DiochiOnLine\Stredisko\SunSoft\SunLINE SDK Full\SunLINE Listener.exe"="C:\znovu\DiochiOnLine\Stredisko\SunSoft\SunLINE SDK Full\SunLINE Listener.exe:*:Enabled:SunLINE Listener"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\SunSoft\SunLINE SDK Full\SunLINE Listener.exe"="C:\Program Files\SunSoft\SunLINE SDK Full\SunLINE Listener.exe:*:Enabled:SunLINE Listener"
"C:\Program Files\Kerio\VPN Client\kvpnclient.exe"="C:\Program Files\Kerio\VPN Client\kvpnclient.exe:*:Enabled:Kerio VPN Client"
"C:\znovu\DiochiOnLine\Stredisko\Stredisko.exe"="C:\znovu\DiochiOnLine\Stredisko\Stredisko.exe:*:Enabled:Stredisko"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Enabled:Plugin Container for Firefox"
"C:\Program Files\SunSoft\SunLINE SDK Full\SunLINE Server.exe"="C:\Program Files\SunSoft\SunLINE SDK Full\SunLINE Server.exe:*:Enabled:SunLINE Server"
"C:\znovu\DiochiOnLine\Stredisko\SunSoft\SunLINE SDK Full\SunLINE Server.exe"="C:\znovu\DiochiOnLine\Stredisko\SunSoft\SunLINE SDK Full\SunLINE Server.exe:*:Enabled:SunLINE Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2012-04-13 12:10:59 ----D---- C:\rsit
2012-04-13 12:10:59 ----D---- C:\Program Files\trend micro
2012-04-12 03:02:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2675157$
2012-04-12 03:00:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2012-03-14 18:30:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-03-14 18:29:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2621440$
2012-03-14 18:28:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2647518$

======List of files/folders modified in the last 1 month======

3427-09-28 15:29:01 ----D---- C:\WINDOWS\network diagnostic
2012-04-13 12:11:09 ----D---- C:\WINDOWS\Temp
2012-04-13 12:10:59 ----D---- C:\Program Files
2012-04-13 12:10:31 ----D---- C:\WINDOWS\Prefetch
2012-04-13 11:45:06 ----D---- C:\WINDOWS\system32\CatRoot2
2012-04-13 11:44:15 ----D---- C:\Program Files\Mozilla Firefox
2012-04-13 11:21:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-04-13 00:00:03 ----D---- C:\Documents and Settings\All Users\Application Data\LogMeIn
2012-04-12 03:19:12 ----D---- C:\WINDOWS
2012-04-12 03:18:42 ----D---- C:\WINDOWS\system32
2012-04-12 03:17:47 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2012-04-12 03:02:46 ----HD---- C:\WINDOWS\inf
2012-04-12 03:02:43 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-04-12 03:01:04 ----A---- C:\WINDOWS\system32\MRT.exe
2012-04-12 03:00:59 ----A---- C:\WINDOWS\imsins.BAK
2012-04-11 15:14:54 ----D---- C:\Program Files\OpenOffice.org1.1.3
2012-04-11 10:59:00 ----HD---- C:\WINDOWS\$hf_mig$
2012-04-10 14:27:34 ----SHD---- C:\WINDOWS\Installer
2012-04-10 14:27:21 ----D---- C:\Program Files\LogMeIn
2012-04-10 13:02:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-03-14 18:29:07 ----D---- C:\WINDOWS\system32\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ndisrd;ndisrd; C:\WINDOWS\system32\drivers\ndisrd.sys [2003-03-31 15338]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2003-07-01 27904]
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 37760]
R1 ehdrv;ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [2009-11-16 96408]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 eamon;eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\System32\drivers\LMIRfsDriver.sys []
R3 Dot4;MS IEEE-1284.4 Driver; C:\WINDOWS\System32\DRIVERS\Dot4.sys [2008-04-14 206976]
R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\System32\DRIVERS\dot4usb.sys [2001-08-17 23808]
R3 ew_usbenumfilter;huawei_CompositeFilter; C:\WINDOWS\System32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 11136]
R3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\System32\DRIVERS\ewusbnet.sys [2010-08-27 117504]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5bv.sys [2004-12-16 42496]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\DRIVERS\ew_jubusenum.sys [2010-07-27 72832]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\System32\DRIVERS\ewusbmdm.sys [2010-08-07 106496]
R3 kvpndev;Kerio VPN adapter; C:\WINDOWS\System32\DRIVERS\kvpndrv.sys [2007-08-28 65024]
R3 LMImirr;LMImirr; C:\WINDOWS\System32\DRIVERS\LMImirr.sys [2011-09-16 10144]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-03-31 5888]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2003-12-24 133632]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2004-06-18 152192]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\System32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SoC PC-Camera Service;Q-TEC WEBCAM 100 USB; C:\WINDOWS\System32\DRIVERS\pfc027.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\System32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\System32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\System32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 DCService.exe;DCService.exe; C:\Documents and Settings\All Users\Application Data\DatacardService\DCService.exe [2010-09-29 249856]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2012-01-31 374152]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2012-01-31 136584]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2011-09-16 390528]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-11-16 20680]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\HPZipm12.exe [2002-08-01 65536]

Zdravím.

To je jiný počítač, než byl minule. Copak to je zač, nějaká pracovní stanice nebo?

presne tak, druhy pc. taky kancelarsky

I ten předchozí byl pracovní? To se mi ale vůbec nelíbí, tos mě mírně řečeno naštval...

Podle pravidel fóra, v tomto případě hlavně bod č.6, se firemními PC nezybýváme.

6. Fórum viry.cz se nezabývá odvirováním firemních PC - na toto jsou ve firmách placení (a někdy až hodně nadstandardně) IT technici, případně si je firma může najmou. My jsme tu zdarma a ve svém volném čase, nehodláme dělat práci za někoho jiného, kdo si pak jen slízne smetánku a plat. Taktéž ani neposkytujeme poradenství v oblasti zabezpečení firemních sítí či nastavení firemních sítí. Zkrátka a jednoduše, naše fórum poskytuje podporu domácím uživatelům.

Takže zde poprosím moderátory o .

Ale ten bol sestrin, tento je mamin. Ona je zivnostnicka a nema zrovna zbitocne vydavky na zaplatenie it technika.

Zdravim

Pro tentokrate to kolega doresi, ale priste pekne technika...ono nejde jen o vydaje, ale jsou tam urcite i dulezita data (faktury, danovky, evidence nevim ceho) a my neneseme zodpovednostr za pripadnou ztratu, ale technik ano, jelikoz dela pod smlouvou...

Navic jeho faktura se da dat do nakladu na podnikani (omlouvam se pokud to nejsou presne ekonomicke vyrazy)

Takže jak psal kolega - pro tentokrát se na to podívám. A budu velice rád, když pro příště budeš respektovat pravidla tohoto fóra.



Fixni v HJT níže uvedené položky.

• Fixnout znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek.
• Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
• Položky, které v seznamu nenajdeš, prostě přeskoč.
• HJT najdeš zde: C:\Program Files\trend micro\klub103.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O21 - SSODL: mtkle - {BBC3AED4-C5BD-455A-7C85-50652A29E8D9} - C:\WINDOWS\System32\ggpgub32.dll (file missing)


Dále stáhni utilitu OTM z jednoho z těchto odkazů:

• http://oldtimer.geekstogo.com/OTM.exe
• http://oldtimer.geekstogo.com/OTM.com
• http://oldtimer.geekstogo.com/OTM.scr

Ulož ji na Plochu a dvojklikem spusť.

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script (pouze zelená písmenka v bílém poli!): Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\