VIRY.CZ

Zdravim, neviem preco ale od vcera mi ide strasne pomaly PC, prikladam RSIT log

Logfile of random's system information tool 1.09 (written by random/random)
Run by alan at 2012-08-04 19:35:27
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 73 GB (72%) free of 102 GB
Total RAM: 749 MB (6% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:36:39, on 4. 8. 2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Asus\Eee Docking\Eee Docking.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Users\alan\AppData\Local\Apps\2.0\1YAQ7RVA.TJ3\MDENW9P1.MGE\odme..tion_e50b86a32720a37b_0001.0000_4b65a94077fa5ee9\Odmenovac.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\alan\AppData\Local\Temp\TeamViewer\Version7\TeamViewer.exe
C:\windows\system32\DllHost.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\alan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\alan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\alan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\alan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\alan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\alan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\taskhost.exe
C:\Users\alan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\alan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\alan\Downloads\RSIT.exe
C:\Program Files\trend micro\alan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HotkeyMon] AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe
O4 - HKLM\..\Run: [HotkeyService] AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe
O4 - HKLM\..\Run: [SuperHybridEngine] AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe
O4 - HKLM\..\Run: [LiveUpdate] AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [CapsHook] AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe
O4 - HKLM\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\alan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\alan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Google Update] "C:\windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Google Update] "C:\windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'Default user')
O4 - Startup: Odmenovac.appref-ms
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F3D064D5-270E-4E0B-8394-888D90C65005}: NameServer = 188.123.97.2,188.123.106.66
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\system32\AsusService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 6976 bytes

======Scheduled tasks folder======

C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-129000434-3398209826-4184637606-1001Core.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-129000434-3398209826-4184637606-1001UA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-129000434-3398209826-4184637606-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-129000434-3398209826-4184637606-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-03-26 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-21 336384]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 548744]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-03-27 37296]
"HotkeyMon"=AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe []
"HotkeyService"=AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe []
"SuperHybridEngine"=AsusSender.exe C:\Program Files\ASUS\SHE\SuperHybridEngine.exe []
"LiveUpdate"=AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto []
"CapsHook"=AsusSender.exe C:\Program Files\ASUS\CapsHook\CapsHook.exe []
"Eee Docking"=C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2011-04-14 419504]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-01-18 10025576]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-09-22 3080264]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\alan\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-31 136176]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-01-24 3478336]
"Facebook Update"=C:\Users\alan\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe

C:\Users\alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odmenovac.appref-ms

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-08-04 19:35:34 ----D---- C:\Program Files\trend micro
2012-08-04 19:35:27 ----D---- C:\rsit
2012-08-04 19:28:47 ----D---- C:\Program Files\CCleaner
2012-08-04 19:05:15 ----D---- C:\Users\alan\AppData\Roaming\Wise Disk Cleaner
2012-08-04 19:04:59 ----D---- C:\Program Files\Wise Disk Cleaner
2012-08-04 18:21:09 ----D---- C:\Program Files\WinPcap
2012-08-03 20:38:12 ----D---- C:\Users\alan\AppData\Roaming\Mozilla
2012-08-03 20:38:09 ----D---- C:\Program Files\Conduit
2012-07-30 21:47:01 ----D---- C:\Users\alan\AppData\Roaming\Skype
2012-07-30 21:46:40 ----D---- C:\Program Files\Common Files\Skype
2012-07-30 21:46:35 ----RD---- C:\Program Files\Skype
2012-07-30 21:46:21 ----D---- C:\ProgramData\Skype
2012-07-26 15:21:18 ----D---- C:\Users\alan\AppData\Roaming\Sony Corporation
2012-07-11 10:33:30 ----A---- C:\windows\system32\mshtmled.dll
2012-07-11 10:33:28 ----A---- C:\windows\system32\ieui.dll
2012-07-11 10:33:28 ----A---- C:\windows\system32\iertutil.dll
2012-07-11 10:33:27 ----A---- C:\windows\system32\ieUnatt.exe
2012-07-11 10:33:26 ----A---- C:\windows\system32\wininet.dll
2012-07-11 10:33:26 ----A---- C:\windows\system32\jsproxy.dll
2012-07-11 10:33:25 ----A---- C:\windows\system32\jscript9.dll
2012-07-11 10:33:25 ----A---- C:\windows\system32\jscript.dll
2012-07-11 10:33:24 ----A---- C:\windows\system32\url.dll
2012-07-11 10:33:21 ----A---- C:\windows\system32\urlmon.dll
2012-07-11 10:33:19 ----A---- C:\windows\system32\mshtml.dll
2012-07-11 10:33:17 ----A---- C:\windows\system32\ieframe.dll
2012-07-11 10:29:47 ----A---- C:\windows\system32\win32k.sys
2012-07-11 07:41:55 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2012-07-11 07:41:55 ----A---- C:\windows\system32\drivers\cng.sys
2012-07-11 07:41:54 ----A---- C:\windows\system32\ncrypt.dll
2012-07-11 07:41:53 ----A---- C:\windows\system32\schannel.dll
2012-07-11 07:41:51 ----A---- C:\windows\system32\drivers\ksecdd.sys
2012-07-11 07:41:41 ----A---- C:\windows\system32\msxml6.dll
2012-07-11 07:41:37 ----A---- C:\windows\system32\msxml3r.dll
2012-07-11 07:41:37 ----A---- C:\windows\system32\msxml3.dll
2012-07-11 07:41:26 ----A---- C:\windows\system32\cdosys.dll
2012-07-11 07:40:48 ----A---- C:\windows\system32\shell32.dll
2012-07-06 10:03:26 ----A---- C:\windows\system32\browserchoice.exe

======List of files/folders modified in the last 1 month======

2012-08-04 19:36:26 ----D---- C:\windows\Temp
2012-08-04 19:35:34 ----RD---- C:\Program Files
2012-08-04 19:32:57 ----D---- C:\windows\system32\config
2012-08-04 19:32:02 ----D---- C:\Users\alan\AppData\Roaming\DAEMON Tools Lite
2012-08-04 19:32:01 ----D---- C:\windows\panther
2012-08-04 19:32:01 ----D---- C:\windows\ModemLogs
2012-08-04 19:32:01 ----D---- C:\windows\Logs
2012-08-04 19:32:01 ----D---- C:\windows\inf
2012-08-04 19:32:01 ----D---- C:\windows\debug
2012-08-04 19:32:01 ----D---- C:\Windows
2012-08-04 19:32:01 ----D---- C:\Users\alan\AppData\Roaming\TS3Client
2012-08-04 19:32:00 ----D---- C:\windows\Minidump
2012-08-04 19:29:01 ----D---- C:\windows\system32\Tasks
2012-08-04 19:03:17 ----SHD---- C:\windows\Installer
2012-08-04 19:03:14 ----HD---- C:\ExpressGateUtil
2012-08-04 19:02:20 ----SHD---- C:\System Volume Information
2012-08-04 18:21:16 ----D---- C:\windows\system32\drivers
2012-08-04 18:21:08 ----D---- C:\windows\System32
2012-08-03 22:15:47 ----D---- C:\Users\alan\AppData\Roaming\SoftGrid Client
2012-08-03 05:49:22 ----D---- C:\windows\system32\catroot2
2012-07-30 21:46:40 ----D---- C:\Program Files\Common Files
2012-07-30 21:46:21 ----HD---- C:\ProgramData
2012-07-26 23:47:04 ----D---- C:\windows\system32\catroot
2012-07-26 21:43:54 ----D---- C:\windows\system32\DriverStore
2012-07-26 21:40:48 ----DC---- C:\windows\system32\DRVSTORE
2012-07-15 10:45:56 ----D---- C:\windows\Prefetch
2012-07-14 20:06:52 ----D---- C:\windows\system32\drivers\UMDF
2012-07-14 17:33:23 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-07-12 05:53:30 ----D---- C:\windows\Tasks
2012-07-11 13:11:08 ----D---- C:\windows\winsxs
2012-07-11 13:09:19 ----D---- C:\windows\system32\migration
2012-07-11 13:09:18 ----D---- C:\Program Files\Internet Explorer
2012-07-11 10:30:11 ----A---- C:\windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\system32\drivers\amd_sata.sys [2010-11-04 64128]
R0 amd_xata;amd_xata; C:\windows\system32\drivers\amd_xata.sys [2010-11-04 32384]
R0 BtHidBus;Bluetooth HID Bus Service; C:\windows\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 AsIO;AsIO; C:\windows\system32\drivers\AsIO.sys [2010-06-28 11456]
R1 AsUpIO;AsUpIO; C:\windows\system32\drivers\AsUpIO.sys [2010-08-03 11832]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-04 242240]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 163424]
R2 epfwwfpr;epfwwfpr; C:\windows\system32\DRIVERS\epfwwfpr.sys [2011-08-04 103112]
R3 amdiox86;AMD IO Driver; C:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-07-21 7811072]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-07-21 245760]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2011-06-27 2191872]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW73.sys [2011-06-07 211984]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2010-07-21 102912]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2011-01-18 3378984]
R3 kbfiltr;Keyboard Filter; C:\windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x86.sys [2010-09-27 68208]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]
S2 NPF;WinPcap Packet Driver (NPF); C:\windows\system32\drivers\NPF.sys [2011-02-11 35088]
S2 Parvdm;Parvdm; C:\windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BT;Bluetooth PAN Network Adapter; C:\windows\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\windows\System32\Drivers\btcusb.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\windows\System32\Drivers\btnetBus.sys [2009-09-24 22528]
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\windows\System32\Drivers\IvtBtBus.sys [2009-08-26 25480]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VComm;Virtual Serial port driver; C:\windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\windows\System32\Drivers\VcommMgr.sys []
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-07-21 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-21 294400]
R2 AsusService;Asus Launcher Service; C:\windows\system32\AsusService.exe [2011-06-04 224680]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-09-22 974944]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]

-----------------EOF-----------------

Zdravim

Ono rvat windows 7 na pc s tak malou RAMkou, neni zrovna stastne reseni Total RAM: 749 MB (6% free)

Tohle znate? C:\Users\alan\AppData\Local\Apps\2.0\1YAQ7RVA.TJ3\MDENW9P1.MGE\odme..tion_e50b86a32720a37b_0001.0000_4b65a94077fa5ee9\Odmenovac.exe

Ten TeamViewer vam bezi zamerne?
C:\Users\alan\AppData\Local\Temp\TeamViewer\Version7\TeamViewer.exe

Udelejte !!!uplnou!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Tie 2 programy poznam, ale odmenovac som odinstaloval tak by to tam uz nemalo ukazovat, TW bezi zamerne. Log z MBAM hodim co najskor

OK, pockam si na nej

Malwarebytes Anti-Malware (Skúšobná verzia) 1.62.0.1300
www.malwarebytes.org

Verzia databázy: v2012.08.12.03

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
alan :: ALAN-PC [administrátor]

Ochrana: Zapnuté

12. 8. 2012 12:06:44
mbam-log-2012-08-12 (12-06-44).txt

Typ kontroly: Úplná kontrola (C:\|D:\|Q:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 265741
Uplynutý čas: 2 hod, 2 min, 38 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)
No neviem neviem

seanko píše:No neviem neviem

Co nevite? To je dobry vysledek, ne?

MBAM zase odinstalujte.

Najdete tento soubor C:\Program Files\trend micro\alan.exe , kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Kliknete na Main menu a na Do a system scan only
U techto radku dejte vlevo zatrzitko

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Google Update] "C:\windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Google Update] "C:\windows\system32\config\systemprofile\AppData\Local\Google\Update\GoogleUpdate.exe" /c (User 'Default user')
O4 - Startup: Odmenovac.appref-ms

Kliknete na nápis Fix checked a potvrdte

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]

:services
SkypeUpdate

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-129000434-3398209826-4184637606-1001Core.job
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-129000434-3398209826-4184637606-1001UA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-129000434-3398209826-4184637606-1001Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-129000434-3398209826-4184637606-1001UA.job
C:\Program Files\Conduit
C:\Users\alan\AppData\Local\Apps\2.0\1YAQ7RVA.TJ3\MDENW9P1.MGE\odme..tion_e50b86a32720a37b_0001.0000_4b65a94077fa5ee9\Odmenovac.exe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"DAEMON Tools Lite"=-
"Facebook Update"=-
"Skype"=-

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

tu to je:
//PC uz ide rychlejsie

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: alan
->Temp folder emptied: 20388641 bytes
->Temporary Internet Files folder emptied: 431899 bytes
->Google Chrome cache emptied: 9285156 bytes
->Flash cache emptied: 216 bytes

User: All Users

User: Default
->Temp folder emptied: 121064 bytes
->Temporary Internet Files folder emptied: 327990 bytes
->Flash cache emptied: 410 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8849189 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 325742 bytes
RecycleBin emptied: 522240 bytes

Total Files Cleaned = 38,00 mb

[EMPTYFLASH]

User: alan
->Flash cache emptied: 0 bytes

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== SERVICES/DRIVERS ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
========== FILES ==========
File/Folder C:\windows\system32\*.tmp.dll not found.
File/Folder C:\windows\system32\SET*.tmp not found.
File/Folder C:\windows\*.tmp not found.
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-129000434-3398209826-4184637606-1001Core.job moved successfully.
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-129000434-3398209826-4184637606-1001UA.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-129000434-3398209826-4184637606-1001Core.job moved successfully.
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-129000434-3398209826-4184637606-1001UA.job moved successfully.
C:\Program Files\Conduit\Community Alerts folder moved successfully.
C:\Program Files\Conduit folder moved successfully.
C:\Users\alan\AppData\Local\Apps\2.0\1YAQ7RVA.TJ3\MDENW9P1.MGE\odme..tion_e50b86a32720a37b_0001.0000_4b65a94077fa5ee9\Odmenovac.exe moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\StartCCC deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Skype deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 08182012_185001

Files moved on Reboot...
File C:\Users\alan\AppData\Local\Temp\TeamViewer\Version7\tv_w32.dll not found!
C:\windows\temp\HS.log moved successfully.

Registry entries deleted on Reboot...

To jsem rad

Tak jeste uklidime. CCleaner v logu vidim, ale stejne ho tam napisu

Vsechny tyto programy - vcetne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar, jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete

Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk
Stahnete napriklad program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci

No a pokud bude pc slapat bez problemu, bude to vse

Vše je tedy v pořádku?

Dobrý den,
pro neaktivitu je toto téma uzamknuto.
Pokud ho budete chtít odemknout, kontaktujte mě na email nebo některého z mých kolegů.
Děkujeme za pochopení

VIRY.CZ

RSIT- pomaly PC od vcera

RSIT- pomaly PC od vcera

Re: RSIT- pomaly PC od vcera

Re: RSIT- pomaly PC od vcera

Re: RSIT- pomaly PC od vcera

Re: RSIT- pomaly PC od vcera

Re: RSIT- pomaly PC od vcera

Re: RSIT- pomaly PC od vcera

Re: RSIT- pomaly PC od vcera

Re: RSIT- pomaly PC od vcera

Re: RSIT- pomaly PC od vcera