VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
icrosoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (46%) free of 15 GB
Total RAM: 1015 MB (37% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:25:23, on 1.6.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Elantech\ETDDect.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Documents and Settings\Danula Krátká\Plocha\RSIT.exe
C:\Program Files\trend micro\Danula Krátká.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eeepc.asus.com/global
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [ETDWareDetect] C:\Program Files\Elantech\ETDDect.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutoRun OSCleaner.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5012189984
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 7524 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Danula Krátká\Data aplikací\Mozilla\Firefox\Profiles\qrghihhf.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-04-02 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-04-02 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-09-17 106496]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-09-16 593920]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2008-05-21 94208]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2008-09-03 335872]
"ETDWareDetect"=C:\Program Files\Elantech\ETDDect.exe [2008-08-22 204800]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-03-21 5078504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AutoRun OSCleaner.lnk - C:\Program Files\ASUS\Asus OS Cleaner\AsOSCleaner.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-08-11 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2030-10-03 11:25:41 ----D---- C:\Program Files\Sun
2030-10-03 11:19:08 ----D---- C:\Program Files\Eee Storage
2030-10-03 11:18:30 ----D---- C:\Program Files\Atheros
2030-10-03 11:18:30 ----A---- C:\WINDOWS\system32\drivers\athw.sys
2030-10-03 11:18:30 ----A---- C:\WINDOWS\system32\athw.sys
2030-10-03 11:18:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Atheros
2030-10-03 11:14:24 ----A---- C:\WINDOWS\system32\igfxres.dll
2030-10-03 11:12:06 ----D---- C:\Program Files\Elantech
2030-10-03 11:09:33 ----A---- C:\WINDOWS\oemver.txt
2030-10-03 11:09:07 ----A---- C:\WINDOWS\sr.VBS
2030-10-03 11:09:07 ----A---- C:\WINDOWS\INSTALLEEE.EXE
2030-10-03 11:09:07 ----A---- C:\WINDOWS\HW.VBS
2030-10-03 11:09:07 ----A---- C:\WINDOWS\AUTO.BAT
2030-10-03 11:08:56 ----A---- C:\WINDOWS\system32\IVIresizeW7.dll
2030-10-03 11:08:56 ----A---- C:\WINDOWS\system32\IVIresizePX.dll
2030-10-03 11:08:56 ----A---- C:\WINDOWS\system32\IVIresizeP6.dll
2030-10-03 11:08:56 ----A---- C:\WINDOWS\system32\IVIresizeM6.dll
2030-10-03 11:08:56 ----A---- C:\WINDOWS\system32\IVIresizeA6.dll
2030-10-03 11:08:56 ----A---- C:\WINDOWS\system32\IVIresize.dll
2030-10-03 11:08:41 ----D---- C:\Program Files\InterVideo
2030-10-03 11:08:25 ----D---- C:\Program Files\Common Files\InterVideo
2030-10-03 11:08:09 ----A---- C:\Program Files\U1 Setup.exe
2030-10-03 11:07:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\WLInstaller
2030-10-03 11:07:35 ----D---- C:\Program Files\Microsoft Office
2030-10-03 11:06:56 ----D---- C:\Program Files\Microsoft Works
2030-10-03 11:06:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2030-10-03 11:05:55 ----D---- C:\Program Files\Common Files\Adobe
2030-10-03 11:05:07 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2030-10-03 11:04:51 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2030-10-03 11:04:51 ----A---- C:\WINDOWS\system32\wups2.dll
2030-10-03 11:03:43 ----D---- C:\Program Files\ASUS
2030-10-03 11:03:10 ----A---- C:\WINDOWS\system32\drivers\btwusb.sys
2030-10-03 11:03:10 ----A---- C:\WINDOWS\system32\drivers\btwsecfl.sys
2030-10-03 11:03:10 ----A---- C:\WINDOWS\system32\drivers\btwdndis.sys
2030-10-03 11:03:10 ----A---- C:\WINDOWS\system32\drivers\btport.sys
2030-10-03 11:03:10 ----A---- C:\WINDOWS\system32\drivers\btkrnl.sys
2030-10-03 11:03:10 ----A---- C:\WINDOWS\system32\drivers\btaudio.sys
2030-10-03 11:03:10 ----A---- C:\WINDOWS\system32\btw_ci.dll
2030-10-03 11:03:05 ----D---- C:\Program Files\WIDCOMM
2030-10-03 11:02:50 ----D---- C:\Program Files\RALINK
2030-10-03 11:02:25 ----D---- C:\Program Files\EeePC
2030-10-03 11:02:25 ----A---- C:\WINDOWS\system32\drivers\ASUSACPI.SYS
2030-10-03 11:02:09 ----D---- C:\WINDOWS\system32\Atheros_L1e
2030-10-03 11:01:40 ----A---- C:\WINDOWS\system32\igxprd32.dll
2030-10-03 11:01:40 ----A---- C:\WINDOWS\system32\igfxtray.exe
2030-10-03 11:01:40 ----A---- C:\WINDOWS\system32\igfxpers.exe
2030-10-03 11:01:40 ----A---- C:\WINDOWS\system32\igfxexps.dll
2030-10-03 11:01:39 ----A---- C:\WINDOWS\system32\igxpgd32.dll
2030-10-03 11:01:39 ----A---- C:\WINDOWS\system32\igxpdv32.dll
2030-10-03 11:01:39 ----A---- C:\WINDOWS\system32\iglicd32.dll
2030-10-03 11:01:39 ----A---- C:\WINDOWS\system32\igldev32.dll
2030-10-03 11:01:39 ----A---- C:\WINDOWS\system32\igfxzoom.exe
2030-10-03 11:01:39 ----A---- C:\WINDOWS\system32\igfxsrvc.exe
2030-10-03 11:01:39 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
2030-10-03 11:01:39 ----A---- C:\WINDOWS\system32\igfxext.exe
2030-10-03 11:01:39 ----A---- C:\WINDOWS\system32\igfxcfg.exe
2030-10-03 11:01:39 ----A---- C:\WINDOWS\system32\hccutils.dll
2030-10-03 11:01:39 ----A---- C:\WINDOWS\system32\drivers\igxpmp32.sys
2030-10-03 11:01:38 ----A---- C:\WINDOWS\system32\igxpdx32.dll
2030-10-03 11:01:38 ----A---- C:\WINDOWS\system32\igfxress.dll
2030-10-03 11:01:38 ----A---- C:\WINDOWS\system32\igfxpph.dll
2030-10-03 11:01:38 ----A---- C:\WINDOWS\system32\igfxdo.dll
2030-10-03 11:01:38 ----A---- C:\WINDOWS\system32\igfxdev.dll
2030-10-03 11:01:38 ----A---- C:\WINDOWS\system32\igfxCoIn_v4906.dll
2030-10-03 11:01:38 ----A---- C:\WINDOWS\system32\hkcmd.exe
2030-10-03 11:01:37 ----D---- C:\WINDOWS\system32\Lang
2030-10-03 11:01:37 ----A---- C:\WINDOWS\system32\igxpun.exe
2030-10-03 11:01:37 ----A---- C:\WINDOWS\system32\difxapi.dll
2030-10-03 11:00:53 ----D---- C:\WINDOWS\system32\ReinstallBackups
2030-10-03 11:00:52 ----DC---- C:\WINDOWS\system32\DRVSTORE
2030-10-03 11:00:51 ----D---- C:\Program Files\Intel
2030-10-03 11:00:51 ----A---- C:\WINDOWS\system32\CSVer.dll
2030-10-03 11:00:43 ----D---- C:\Intel
2030-10-03 11:00:40 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2030-10-03 11:00:38 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2030-10-03 11:00:37 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2030-10-03 11:00:35 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2030-10-03 11:00:34 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2030-10-03 11:00:32 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2030-10-03 11:00:32 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2030-10-03 11:00:30 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2030-10-03 11:00:24 ----D---- C:\WINDOWS\system32\RTCOM
2030-10-03 11:00:18 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2030-10-03 11:00:18 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2030-10-03 11:00:13 ----A---- C:\WINDOWS\system32\drivers\SamSfPa.dat
2030-10-03 11:00:12 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2030-10-03 11:00:12 ----A---- C:\WINDOWS\SkyTel.exe
2030-10-03 11:00:11 ----A---- C:\WINDOWS\RtlUpd.exe
2030-10-03 11:00:08 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2030-10-03 11:00:08 ----A---- C:\WINDOWS\RTLCPL.EXE
2030-10-03 11:00:07 ----A---- C:\WINDOWS\RTHDCPL.EXE
2030-10-03 11:00:06 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys
2030-10-03 11:00:06 ----A---- C:\WINDOWS\MicCal.exe
2030-10-03 11:00:04 ----HD---- C:\Program Files\InstallShield Installation Information
2030-10-03 11:00:04 ----D---- C:\Program Files\Realtek
2030-10-03 11:00:04 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys
2030-10-03 11:00:04 ----A---- C:\WINDOWS\ALCWZRD.EXE
2030-10-03 11:00:04 ----A---- C:\WINDOWS\ALCMTR.EXE
2030-10-03 11:00:00 ----A---- C:\WINDOWS\RtlExUpd.dll
2030-10-03 11:00:00 ----A---- C:\WINDOWS\HideWin.exe
2030-10-03 10:59:56 ----D---- C:\Program Files\Common Files\InstallShield
2030-10-03 10:57:22 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2030-10-03 10:55:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2030-10-03 10:55:03 ----N---- C:\WINDOWS\system32\spmsg.dll
2030-10-03 10:51:17 ----RSD---- C:\WINDOWS\assembly
2030-10-03 10:51:17 ----D---- C:\WINDOWS\Microsoft.NET
2030-10-03 10:51:16 ----D---- C:\WINDOWS\system32\URTTemp
2030-10-03 10:49:16 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2030-10-03 10:49:13 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2030-10-03 10:46:49 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2030-10-03 10:46:47 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2030-10-03 10:46:46 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2030-10-03 10:46:44 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2030-10-03 10:46:42 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2030-10-03 10:46:39 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2030-10-03 10:46:37 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2030-10-03 10:46:35 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2030-10-03 10:46:34 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2030-10-03 10:46:32 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2030-10-03 10:46:22 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2030-10-03 10:46:22 ----A---- C:\WINDOWS\system32\ksuser.dll
2030-10-03 10:46:22 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys
2030-10-03 10:46:16 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2030-10-03 10:46:15 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2013-06-01 12:24:55 ----D---- C:\Program Files\trend micro
2013-06-01 12:24:53 ----D---- C:\rsit
2013-06-01 11:33:48 ----A---- C:\AdwCleaner[R1].txt
2013-05-27 18:02:16 ----SHD---- C:\RECYCLER
2013-05-27 17:10:22 ----A---- C:\Boot.bak
2013-05-27 17:07:20 ----RASHD---- C:\cmdcons
2013-05-27 16:57:34 ----D---- C:\Qoobox
2013-05-27 16:55:40 ----D---- C:\WINDOWS\erdnt
2013-05-18 10:04:29 ----D---- C:\Program Files\Mozilla Firefox
2013-05-05 14:45:55 ----D---- C:\Documents and Settings\Danula Krátká\Data aplikací\Malwarebytes
2013-05-05 14:45:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-05-05 14:45:06 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2013-05-05 14:45:05 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-05-05 10:04:03 ----D---- C:\Program Files\Microsoft Silverlight
2013-05-05 09:45:06 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys

======List of files/folders modified in the last 1 month======

2030-10-03 11:23:05 ----D---- C:\Documents and Settings\Danula Krátká\Data aplikací\Sun
2030-10-03 11:03:10 ----SD---- C:\WINDOWS\system32\Microsoft
2030-10-03 11:02:43 ----D---- C:\Documents and Settings\Danula Krátká\Data aplikací\InstallShield
2030-10-03 10:55:50 ----D---- C:\Program Files\Messenger
2030-10-03 10:51:22 ----D---- C:\WINDOWS\system32\mui
2013-06-01 12:25:01 ----D---- C:\WINDOWS\Prefetch
2013-06-01 12:24:55 ----RD---- C:\Program Files
2013-06-01 12:05:03 ----D---- C:\WINDOWS\system32\drivers
2013-06-01 11:41:58 ----D---- C:\WINDOWS\Temp
2013-06-01 11:30:34 ----D---- C:\Program Files\PowerArchiver
2013-06-01 11:16:40 ----D---- C:\WINDOWS
2013-06-01 11:03:11 ----D---- C:\WINDOWS\system32
2013-06-01 11:02:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-06-01 10:52:32 ----D---- C:\WINDOWS\system32\config
2013-06-01 10:51:38 ----D---- C:\WINDOWS\system32\wbem
2013-06-01 10:51:34 ----D---- C:\WINDOWS\Registration
2013-06-01 10:42:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-06-01 10:30:57 ----D---- C:\WINDOWS\system32\Restore
2013-06-01 10:18:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-06-01 09:55:54 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-29 15:54:45 ----HD---- C:\WINDOWS\inf
2013-05-27 17:47:59 ----A---- C:\WINDOWS\system.ini
2013-05-27 17:44:25 ----D---- C:\WINDOWS\system32\drivers\etc
2013-05-27 17:31:21 ----D---- C:\WINDOWS\AppPatch
2013-05-27 17:31:18 ----D---- C:\Program Files\Common Files
2013-05-27 17:10:24 ----RASH---- C:\boot.ini
2013-05-18 11:29:43 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-05-16 12:04:28 ----SHD---- C:\WINDOWS\Installer
2013-05-15 18:19:05 ----D---- C:\WINDOWS\Debug
2013-05-15 18:06:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-05-15 18:03:06 ----D---- C:\Program Files\Internet Explorer
2013-05-15 17:48:11 ----A---- C:\WINDOWS\system32\MRT.exe
2013-05-15 14:06:12 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-05-07 06:22:16 ----A---- C:\WINDOWS\system32\mshtml.dll
2013-05-05 09:56:54 ----D---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2013-01-10 161368]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-01-10 122240]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2013-02-14 62512]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2013-01-10 150080]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-09-18 1326528]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-05-30 534568]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-08-19 991656]
R3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-24 156816]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-08-19 47272]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2013-01-10 40376]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-09-18 4816896]
R3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-08-24 26112]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-09-02 346720]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-03-21 1341664]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-04-02 170912]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-05-18 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

Zdravím, tyhle zbytečnosti fixni v HJT :

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

HJT najdeš zde :

C:\Program Files\trend micro\Danula Krátká.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Jinak nic špatného nevidím, je tedy nějaký problém s PC ?

Provedeno.
Je cely zpomaleny, pomalu se nacitaji stranky a seka se NET.

Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem spusť,

objeví se okno kde vlevo dole klikni na Search.

Po té proběhne sken a po jeho skončení na Tebe vypadne log, který mi sem zkopíruj.

# AdwCleaner v2.301 - Log vytvooen 02/06/2013 v 18:02:08
# Aktualizováno 16/05/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Danula Krátká - YOUR-KJ47669B12
# Spuštin systém : Normální
# Spuštino z : C:\Documents and Settings\Danula Krátká\Plocha\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****


***** [Registry] *****


***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v21.0 (cs)

Soubor : C:\Documents and Settings\Danula Krátká\Data aplikací\Mozilla\Firefox\Profiles\xb1cmfii.default-1370160087031\prefs.js

[OK] Soubor je eistý.

*************************

AdwCleaner[R4].txt - [884 octets] - [02/06/2013 17:59:41]
AdwCleaner[R5].txt - [816 octets] - [02/06/2013 18:02:08]

########## EOF - C:\AdwCleaner[R5].txt - [875 octets] ##########

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1015.642 [GMT 2:00]
Spuštěný z: c:\documents and settings\Danula Krátká\Plocha\ComboFix.exe
AV: ESET Smart Security 6.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-04 do 2013-06-04 )))))))))))))))))))))))))))))))
.
.
2030-10-03 09:25 . 2030-10-03 09:25 -------- d-----w- c:\program files\Sun
2030-10-03 09:19 . 2030-10-03 09:19 -------- d-----w- c:\program files\Eee Storage
2030-10-03 09:18 . 2030-10-03 09:18 -------- d-----w- c:\program files\Atheros
2030-10-03 09:18 . 2008-09-18 17:44 1326528 ----a-w- c:\windows\system32\drivers\athw.sys
2030-10-03 09:18 . 2008-09-18 17:44 1326528 ----a-w- c:\windows\system32\athw.sys
2030-10-03 09:18 . 2030-10-03 09:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Atheros
2030-10-03 09:14 . 2007-12-19 15:11 176128 ----a-w- c:\windows\system32\igfxres.dll
2030-10-03 09:12 . 2030-10-03 09:12 -------- d-----w- c:\program files\Elantech
2030-10-03 09:09 . 2008-07-02 07:48 37 ----a-w- c:\windows\AUTO.BAT
2030-10-03 09:09 . 2008-02-19 09:42 256 ----a-w- c:\windows\RUN.REG
2030-10-03 09:09 . 2008-01-24 14:17 124 ----a-w- c:\windows\HW.VBS
2030-10-03 09:09 . 2007-12-14 23:00 49152 ----a-w- c:\windows\INSTALLEEE.EXE
2030-10-03 09:09 . 2007-06-13 14:39 1162 ----a-w- c:\windows\sr.VBS
2030-10-03 09:08 . 2002-11-22 00:57 204800 ----a-w- c:\windows\system32\IVIresizeW7.dll
2030-10-03 09:08 . 2002-11-22 00:57 200704 ----a-w- c:\windows\system32\IVIresizeA6.dll
2030-10-03 09:08 . 2002-11-22 00:57 192512 ----a-w- c:\windows\system32\IVIresizeP6.dll
2030-10-03 09:08 . 2002-11-22 00:57 192512 ----a-w- c:\windows\system32\IVIresizeM6.dll
2030-10-03 09:08 . 2002-11-22 00:57 188416 ----a-w- c:\windows\system32\IVIresizePX.dll
2030-10-03 09:08 . 2002-11-22 00:57 20480 ----a-w- c:\windows\system32\IVIresize.dll
2030-10-03 09:08 . 2030-10-03 09:08 -------- d-----w- c:\program files\InterVideo
2030-10-03 09:08 . 2030-10-03 09:08 -------- d-----w- c:\program files\Common Files\InterVideo
2030-10-03 09:08 . 2008-05-07 08:34 15523560 ----a-w- c:\program files\U1 Setup.exe
2030-10-03 09:07 . 2030-10-03 09:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\WLInstaller
2030-10-03 09:06 . 2013-04-02 20:05 -------- d-----w- c:\program files\Microsoft Works
2030-10-03 09:05 . 2030-10-03 09:06 -------- d-----w- c:\program files\Common Files\Adobe
2030-10-03 09:05 . 2030-10-03 09:05 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2030-10-03 09:04 . 2012-06-02 13:19 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2030-10-03 09:04 . 2012-06-02 13:19 45080 ----a-w- c:\windows\system32\wups2.dll
2030-10-03 09:04 . 2012-06-02 13:19 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2030-10-03 09:04 . 2012-06-02 13:19 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2030-10-03 09:04 . 2012-06-02 13:19 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2030-10-03 09:03 . 2030-10-03 09:04 -------- d-----w- c:\program files\ASUS
2030-10-03 09:03 . 2008-08-19 14:16 991656 ----a-w- c:\windows\system32\drivers\btkrnl.sys
2030-10-03 09:03 . 2008-08-19 14:16 47272 ----a-w- c:\windows\system32\drivers\btwusb.sys
2030-10-03 09:03 . 2008-07-24 09:37 156816 ----a-w- c:\windows\system32\drivers\btwdndis.sys
2030-10-03 09:03 . 2008-06-11 06:14 89896 ----a-w- c:\windows\system32\drivers\btwsecfl.sys
2030-10-03 09:03 . 2008-05-30 03:46 534568 ----a-w- c:\windows\system32\drivers\btaudio.sys
2030-10-03 09:03 . 2008-02-04 09:57 37160 ----a-w- c:\windows\system32\drivers\btport.sys
2030-10-03 09:03 . 2007-09-20 03:59 106557 ----a-w- c:\windows\system32\btw_ci.dll
2030-10-03 09:03 . 2030-10-03 09:03 -------- d-----w- c:\program files\WIDCOMM
2030-10-03 09:02 . 2030-10-03 09:02 -------- d-----w- c:\program files\RALINK
2030-10-03 09:02 . 2030-10-03 09:02 -------- d-----w- c:\program files\EeePC
2030-10-03 09:02 . 2008-04-08 13:59 10752 ----a-w- c:\windows\system32\drivers\ASUSACPI.SYS
2030-10-03 09:02 . 2030-10-03 09:02 -------- d-----w- c:\windows\system32\Atheros_L1e
2030-10-03 09:00 . 2030-10-03 09:02 -------- dc----w- c:\windows\system32\DRVSTORE
2030-10-03 08:59 . 2030-10-03 09:04 -------- d-----w- c:\program files\Common Files\InstallShield
2030-10-03 08:57 . 2008-06-14 17:35 272128 -c--a-w- c:\windows\system32\dllcache\bthport.sys
2030-10-03 08:57 . 2008-06-14 17:35 272128 ----a-w- c:\windows\system32\drivers\bthport.sys
2030-10-03 08:51 . 2030-10-03 08:51 -------- d-----w- c:\windows\system32\URTTemp
2030-10-03 08:49 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2030-10-03 08:49 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2030-10-03 08:49 . 2008-04-13 22:15 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2030-10-03 08:49 . 2008-04-13 22:15 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2013-06-01 10:24 . 2013-06-01 10:25 -------- d-----w- c:\program files\trend micro
2013-06-01 08:51 . 2013-06-01 08:51 -------- d-----w- c:\windows\system32\wbem\Repository
2013-05-15 12:06 . 2013-05-15 12:06 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 12:06 . 2013-04-02 19:09 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 12:06 . 2013-04-02 19:09 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-16 22:26 . 2008-05-07 21:58 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:26 . 2008-05-07 21:57 43520 ------w- c:\windows\system32\licmgr10.dll
2013-04-16 22:26 . 2008-05-07 21:57 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2008-05-07 21:57 385024 ------w- c:\windows\system32\html.iec
2013-04-12 14:01 . 2008-05-07 21:58 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 12:50 . 2013-05-05 12:45 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-02 15:55 . 2013-04-02 15:56 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-02 15:55 . 2013-04-02 15:56 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-04-02 15:55 . 2013-04-02 15:56 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-04-02 15:55 . 2013-04-02 15:56 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-08 08:36 . 2008-05-07 21:58 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2008-04-14 08:06 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-07 15:56 . 2008-04-14 08:06 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-12-19 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-12-19 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-12-19 131072]
"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-09-17 106496]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-09-16 593920]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-20 94208]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2008-09-03 335872]
"ETDWareDetect"="c:\program files\Elantech\ETDDect.exe" [2008-08-22 204800]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2013-03-21 5078504]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
AutoRun OSCleaner.lnk - c:\program files\ASUS\Asus OS Cleaner\AsOSCleaner.exe [2030-10-3 118784]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-9-2 604776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2007-10-18 09:34 5724184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2013-01-10 122240]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2013-03-21 1341664]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-02 12:06]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eeepc.asus.com/global
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 94.74.192.252 94.74.192.244
FF - ProfilePath - c:\documents and settings\Danula Krátká\Data aplikací\Mozilla\Firefox\Profiles\xb1cmfii.default-1370160087031\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-04 20:01
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3168)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
.
Celkový čas: 2013-06-04 20:10:38
ComboFix-quarantined-files.txt 2013-06-04 18:10
.
Před spuštěním: 7 096 684 544
Po spuštění: 7 081 422 848
.
- - End Of File - - ECF40FA834D7B531CDC7DA9BA35B6435

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Defragmentuj disk buď integrovaným windows nástrojem,

nebo jinou aplikací, například Defragglerem


Pak dej vědět jaký je stav PC.

Provedeno. Bohužel pořád stejný.

No šmejdy tam nemáš, tak že chyba bude jinde.

V první řadě restartuj modem (na minutku ho odpoj z elektřiny)

Dále přes Start >> Ovládací panely >> Přidat nebo odebrat odinstaluj Mbam (Malwarebytes)

Potom se podívej na systémový čas, protože tohle :

2030-10-03 11:25:41

je trochu zvláštní datum.

Pak dej zase vědět, protože pokud se stav nezlepší tak jsou de facto dvě varianty které by to mohli zapříčinit :

první věc - nakopnutý systém

duhá věc - problém s hardware (HDD, RAM)

Nakonec je to problem HDD, bude muset byt znovu vymenen, nastesti byl jeste v zaruce.

krtecek36 píše:Nakonec je to problem HDD, bude muset byt znovu vymenen, nastesti byl jeste v zaruce.

Aha tak že vyřešeno a můžu to tu zamknout ?