VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Dříve zavirovaný stolní PC, prosím o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=131699

Stránka 1 z 1

Dříve zavirovaný stolní PC, prosím o kontrolu

Napsal: 25 črc 2013 19:26
od ŠtěpánkaP
Dobrý den,

měla jsem zavirovaný stolní, prosím o kontrolu. Vše fungovalo OK, ale po instalaci Esetu to našlo spoustu virů a PC celkově už byl delší dobu šíleně pomalý.

Děkuji.


Logfile of random's system information tool 1.09 (written by random/random)
Run by Vlastník at 2013-07-25 20:23:40
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 14 GB (12%) free of 114 GB
Total RAM: 511 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:23:45, on 25.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.21342)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Bezdrátová klávesnice a myš Labtec\MulMouse.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Bezdrátová klávesnice a myš Labtec\OSD.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Vlastník\Plocha\Domča\RSIT.exe
C:\Program Files\trend micro\Vlastník.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: Povolit program Bezdrátová klávesnice a myš Labtec.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 4749765218
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 2476 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Vlastník\Data aplikací\Mozilla\Firefox\Profiles\ea535dyl.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
ShockwavePlugin.class
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml

C:\Documents and Settings\Vlastník\Data aplikací\Mozilla\Firefox\Profiles\ea535dyl.default\searchplugins\
icq-search.xml
icqplugin.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
yahoo-zugo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-10-29 4620288]
"DWQueuedReporting"=c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2007-03-13 39264]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-04-19 18678376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"OOD2000"=2
"MozillaMaintenance"=3
"McComponentHostService"=3
"JavaQuickStarterService"=2
"idsvc"=3
"IDriverT"=3
"gupdatem"=3
"gupdate"=2
"FirebirdServerDefaultInstance"=3
"FirebirdGuardianDefaultInstance"=2
"AdobeFlashPlayerUpdateSvc"=3
"BlueSoleil Hid Service"=2
"WMPNetworkSvc"=3
"Updater Service for StartNow Toolbar"=2
"W32Time"=2
"Browser"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Povolit program Bezdrátová klávesnice a myš Labtec.lnk - C:\Program Files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-02-14 567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoDriveAutoRun"=67108863
"NoInstrumentation"=1
"HonorAutorunSetting"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.l3codec"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=serwvdrv.dll
"vidc.tscc"=tsccvid.dll
"wave4"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.X264"=x264vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm

======List of files/folders created in the last 1 month======

2013-07-25 20:23:41 ----D---- C:\Program Files\trend micro
2013-07-25 20:23:40 ----D---- C:\rsit
2013-07-25 20:18:25 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-25 20:02:05 ----D---- C:\WINDOWS\system32\MRT
2013-07-25 19:03:25 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2013-07-25 19:03:24 ----D---- C:\WINDOWS\system32\winrm
2013-07-25 19:03:21 ----HD---- C:\WINDOWS\$968930Uinstall_KB968930$
2013-07-25 19:03:13 ----D---- C:\Documents and Settings\Vlastník\Data aplikací\Windows Desktop Search
2013-07-25 19:02:34 ----D---- C:\Program Files\Windows Desktop Search
2013-07-25 19:02:33 ----D---- C:\WINDOWS\system32\GroupPolicy
2013-07-25 19:02:20 ----HD---- C:\WINDOWS\$NtUninstallKB940157$
2013-07-25 15:45:23 ----D---- C:\Program Files\Yamicsoft
2013-07-25 15:31:10 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2013-07-25 15:31:10 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2013-07-25 15:31:10 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2013-07-25 15:31:10 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2013-07-25 15:31:08 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2013-07-25 15:31:08 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2013-07-25 15:31:08 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2013-07-25 15:31:07 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2013-07-25 15:31:06 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2013-07-25 15:31:06 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2013-07-25 15:31:05 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2013-07-25 15:31:05 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2013-07-25 15:31:04 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2013-07-25 15:31:04 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2013-07-25 15:31:03 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2013-07-25 15:31:03 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2013-07-25 15:31:02 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2013-07-25 15:31:01 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2013-07-25 15:31:01 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2013-07-25 15:30:57 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2013-07-25 15:30:57 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2013-07-25 15:30:55 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2013-07-25 15:30:52 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2013-07-25 15:30:52 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2013-07-25 15:30:51 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2013-07-25 15:30:50 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2013-07-25 15:30:49 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2013-07-25 15:30:49 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2013-07-25 15:30:48 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2013-07-25 15:30:47 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2013-07-25 15:30:47 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2013-07-25 15:30:47 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2013-07-25 15:30:46 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2013-07-25 15:30:46 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2013-07-25 15:30:46 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2013-07-25 15:30:44 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2013-07-25 15:30:43 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2013-07-25 15:30:43 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2013-07-25 15:30:43 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2013-07-25 15:30:41 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2013-07-25 15:30:41 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2013-07-25 15:30:40 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2013-07-25 15:30:40 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2013-07-25 15:30:39 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2013-07-25 15:30:39 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2013-07-25 15:30:37 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2013-07-25 15:30:36 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2013-07-25 15:30:35 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2013-07-25 15:30:35 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2013-07-25 15:30:34 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2013-07-25 15:30:34 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2013-07-25 15:30:32 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2013-07-25 15:30:30 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2013-07-25 15:30:29 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2013-07-25 15:30:29 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2013-07-25 15:30:27 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2013-07-25 15:30:25 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2013-07-25 15:30:24 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2013-07-25 15:30:24 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2013-07-25 15:30:23 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2013-07-25 15:30:22 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2013-07-25 15:30:22 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2013-07-25 15:30:22 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2013-07-25 15:30:22 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2013-07-25 15:30:21 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2013-07-25 15:30:19 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2013-07-25 15:30:15 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2013-07-25 15:30:07 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2013-07-25 15:30:07 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2013-07-25 15:30:03 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2013-07-25 15:30:02 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2013-07-25 15:30:02 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2013-07-25 15:30:02 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2013-07-25 15:30:02 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2013-07-25 15:30:02 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2013-07-25 15:30:02 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2013-07-25 15:30:01 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2013-07-25 15:30:01 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2013-07-25 15:30:01 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2013-07-25 15:30:01 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2013-07-25 15:30:01 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2013-07-25 15:29:59 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2013-07-25 15:29:58 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2013-07-25 15:29:58 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2013-07-25 15:29:58 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2013-07-25 15:29:58 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2013-07-25 15:29:58 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2013-07-25 15:29:57 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2013-07-25 15:29:57 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2013-07-25 15:29:57 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2013-07-25 15:29:55 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2013-07-25 15:27:40 ----D---- C:\WINDOWS\Logs
2013-07-25 13:19:16 ----A---- C:\WINDOWS\system32\javaws.exe
2013-07-25 13:18:56 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-07-25 13:18:56 ----A---- C:\WINDOWS\system32\javaw.exe
2013-07-25 13:18:56 ----A---- C:\WINDOWS\system32\java.exe
2013-07-25 12:45:38 ----D---- C:\Documents and Settings\Vlastník\Data aplikací\Malwarebytes
2013-07-25 12:45:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-07-25 12:45:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-07-25 12:45:25 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2013-06-26 12:09:04 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2013-07-25 19:47:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-25 14:54:48 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-07-25 13:39:54 ----RASH---- C:\boot.ini
2013-07-25 13:39:54 ----A---- C:\WINDOWS\win.ini
2013-07-25 13:39:54 ----A---- C:\WINDOWS\system.ini
2013-07-25 13:18:18 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2013-07-25 13:18:18 ----A---- C:\WINDOWS\system32\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2005-02-10 43488]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2003-03-27 11776]
R1 moufiltr;Mouse Filter Driver; C:\WINDOWS\system32\drivers\moufiltr.sys [2003-01-23 9548]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-11-13 391680]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-11-13 481596]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-08-31 20480]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2005-08-31 20480]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-07-29 11988]
R3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\system32\DRIVERS\el90Xbc5.SYS [2002-08-13 74338]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-11-08 989696]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2006-11-08 257408]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-10-29 2826944]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-11-08 730112]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 SpyEmrg;Spy Emergency Driver; C:\WINDOWS\System32\Drivers\spyemrg.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-09-29 9696]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-07-29 23000]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-06-07 10305280]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VHidMinidrv;Bluetooth HID Device Service; C:\WINDOWS\system32\drivers\VHIDMini.sys [2005-07-29 11736]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-10-29 127043]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S4 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

Re: Dříve zavirovaný stolní PC, prosím o kontrolu

Napsal: 25 črc 2013 20:18
od Rudy
Zdravím!
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Re: Dříve zavirovaný stolní PC, prosím o kontrolu

Napsal: 26 črc 2013 14:08
od ŠtěpánkaP
Rudy píše:Zdravím!
Dejte log ComboFix:
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.
ZDravím,

aplikaci jsem pouštěla 2x. Poprvé jsem jí spustila a po hodině to ještě běželo, pak jsem šla od PC a vypad nám proud. Tak jsem aplikaci spustila znovu a přikládám log. Běželo to cca 1,5 hodiny.

Jak to vypadá?

Děkuji.
¨úComboFix 13-07-25.02 - Vlastník 26.07.2013 13:19:00.2.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.177 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vlastník\Plocha\Domča\ComboFix.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-26 do 2013-07-26 )))))))))))))))))))))))))))))))
.
.
2013-07-26 08:46 . 2013-07-26 08:46 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2013-07-26 07:48 . 2013-07-26 07:48 -------- d-sh--w- c:\documents and settings\Vlastník\PrivacIE
2013-07-25 19:23 . 2013-07-25 19:23 -------- d-sh--w- c:\documents and settings\Vlastník\IETldCache
2013-07-25 18:56 . 2013-06-07 21:53 522240 ------w- c:\windows\system32\dllcache\jsdbgui.dll
2013-07-25 18:55 . 2011-08-16 10:45 6144 ------w- c:\windows\system32\dllcache\iecompat.dll
2013-07-25 18:54 . 2013-06-07 21:53 630272 ------w- c:\windows\system32\dllcache\msfeeds.dll
2013-07-25 18:54 . 2013-06-07 21:53 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2013-07-25 18:54 . 2013-06-07 21:54 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2013-07-25 18:54 . 2013-06-07 21:53 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2013-07-25 18:54 . 2013-06-07 21:53 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2013-07-25 18:54 . 2013-06-07 21:53 2005504 ------w- c:\windows\system32\dllcache\iertutil.dll
2013-07-25 18:54 . 2013-06-07 21:53 11112960 ------w- c:\windows\system32\dllcache\ieframe.dll
2013-07-25 18:48 . 2013-07-25 18:48 -------- d--h--w- c:\windows\ie8
2013-07-25 18:23 . 2013-07-25 18:23 -------- d-----w- c:\program files\trend micro
2013-07-25 18:23 . 2013-07-25 18:23 -------- d-----w- C:\rsit
2013-07-25 18:02 . 2013-07-25 18:02 -------- d-----w- c:\windows\system32\MRT
2013-07-25 17:03 . 2013-07-25 17:03 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Adobe
2013-07-25 17:03 . 2013-07-25 17:03 -------- d-----w- c:\windows\system32\winrm
2013-07-25 17:03 . 2013-07-25 17:03 -------- d--h--w- c:\windows\$968930Uinstall_KB968930$
2013-07-25 17:03 . 2013-07-25 17:03 -------- d-----w- c:\documents and settings\Vlastník\Data aplikací\Windows Desktop Search
2013-07-25 17:02 . 2013-07-25 17:02 -------- d-----w- c:\program files\Windows Desktop Search
2013-07-25 17:02 . 2013-07-25 17:02 -------- d-----w- c:\windows\system32\GroupPolicy
2013-07-25 17:02 . 2008-03-07 17:02 98304 ------w- c:\windows\system32\dllcache\nlhtml.dll
2013-07-25 17:02 . 2008-03-07 17:02 29696 ------w- c:\windows\system32\dllcache\mimefilt.dll
2013-07-25 17:02 . 2008-03-07 17:02 192000 ------w- c:\windows\system32\dllcache\offfilt.dll
2013-07-25 16:58 . 2011-03-11 14:10 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2013-07-25 16:36 . 2013-07-25 16:36 -------- d-----w- c:\documents and settings\Vlastník\Local Settings\Data aplikací\PCHealth
2013-07-25 13:45 . 2013-07-25 13:45 -------- d-----w- c:\program files\Yamicsoft
2013-07-25 13:30 . 2009-03-09 13:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2013-07-25 13:29 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2013-07-25 13:27 . 2013-07-25 13:27 -------- d-----w- c:\windows\Logs
2013-07-25 11:18 . 2013-07-25 11:18 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-07-25 10:56 . 2012-06-02 13:19 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2013-07-25 10:45 . 2013-07-25 10:45 -------- d-----w- c:\documents and settings\Vlastník\Data aplikací\Malwarebytes
2013-07-25 10:45 . 2013-07-25 10:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-07-25 10:45 . 2013-07-25 10:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-07-25 10:45 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-25 12:54 . 2013-03-22 16:10 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-25 12:54 . 2011-12-23 17:25 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-07-25 11:18 . 2012-08-22 17:38 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-07-25 11:18 . 2012-08-22 17:38 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-07-25 11:18 . 2010-12-20 14:30 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-08 01:24 . 1979-12-31 22:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-06-07 21:53 . 1979-12-31 22:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-06-07 21:53 . 1979-12-31 22:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-06-07 18:25 . 1979-12-31 22:00 385024 ------w- c:\windows\system32\html.iec
2013-06-05 09:08 . 1979-12-31 22:00 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 07:23 . 1979-12-31 22:00 563712 ----a-w- c:\windows\system32\qedit.dll
2013-05-08 09:58 . 2006-10-18 19:47 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-05-03 05:38 . 2004-08-17 13:45 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-03 05:38 . 2004-08-17 13:45 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-04-19 18678376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-10-29 4620288]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Povolit program Bezdrátová klávesnice a myš Labtec.lnk - c:\program files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe [2004-12-17 258048]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe /startup [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"OOD2000"=2 (0x2)
"MozillaMaintenance"=3 (0x3)
"McComponentHostService"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"gupdatem"=3 (0x3)
"gupdate"=2 (0x2)
"FirebirdServerDefaultInstance"=3 (0x3)
"FirebirdGuardianDefaultInstance"=2 (0x2)
"AdobeFlashPlayerUpdateSvc"=3 (0x3)
"BlueSoleil Hid Service"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"Updater Service for StartNow Toolbar"=2 (0x2)
"W32Time"=2 (0x2)
"Browser"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [17.12.2004 16:20 11776]
S1 SpyEmrg;Spy Emergency Driver;c:\windows\system32\Drivers\spyemrg.sys --> c:\windows\system32\Drivers\spyemrg.sys [?]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [28.2.2013 18:45 161384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-13 05:39 1173456 ----a-w- c:\program files\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
TCP: DhcpNameServer = 81.92.146.5 212.24.128.8
FF - ProfilePath - c:\documents and settings\Vlastník\Data aplikací\Mozilla\Firefox\Profiles\ea535dyl.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2013-07-25 14:53; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\documents and settings\Vlastník\Data aplikací\Mozilla\Firefox\Profiles\ea535dyl.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-07-25 15:05; {c36177c0-224a-11da-8cd6-0800200c9a91}; c:\documents and settings\Vlastník\Data aplikací\Mozilla\Firefox\Profiles\ea535dyl.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Microsoft .NET Framework 4 Client Profile - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe
AddRemove-Microsoft .NET Framework 4 Extended - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe
AddRemove-{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2487367 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
AddRemove-{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2604121 - c:\windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-26 13:27
Windows 5.1.2600 Service Pack 3 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3088)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2013-07-26 13:29:40
ComboFix-quarantined-files.txt 2013-07-26 11:29
.
Před spuštěním: Volných bajtů: 13 164 118 016
Po spuštění: Volných bajtů: 13 117 849 600
.
- - End Of File - - 45A49E6883FF72911E45A8C748932C60
413FC2A0C716421B3158746D63736515

Re: Dříve zavirovaný stolní PC, prosím o kontrolu

Napsal: 26 črc 2013 16:54
od Rudy
CF žádný šmejd už nenašel. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Re: Dříve zavirovaný stolní PC, prosím o kontrolu

Napsal: 26 črc 2013 18:41
od ŠtěpánkaP
Rudy píše:CF žádný šmejd už nenašel. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Vlastník at 2013-07-26 19:39:29
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 12 GB (10%) free of 114 GB
Total RAM: 511 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:39:48, on 26.7.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Bezdrátová klávesnice a myš Labtec\MulMouse.exe
C:\Program Files\Bezdrátová klávesnice a myš Labtec\OSD.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Vlastník\Plocha\Domča\RSIT.exe
C:\Program Files\trend micro\Vlastník.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Povolit program Bezdrátová klávesnice a myš Labtec.lnk = ?
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 4749765218
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 3122 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Vlastník\Data aplikací\Mozilla\Firefox\Profiles\ea535dyl.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
ShockwavePlugin.class
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml

C:\Documents and Settings\Vlastník\Data aplikací\Mozilla\Firefox\Profiles\ea535dyl.default\searchplugins\
icq-search.xml
icqplugin.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
yahoo-zugo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-10-29 4620288]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-03-21 5078504]
"DWQueuedReporting"=c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe [2007-03-13 39264]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-06-21 19875432]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"OOD2000"=2
"MozillaMaintenance"=3
"McComponentHostService"=3
"JavaQuickStarterService"=2
"idsvc"=3
"IDriverT"=3
"gupdatem"=3
"gupdate"=2
"FirebirdServerDefaultInstance"=3
"FirebirdGuardianDefaultInstance"=2
"AdobeFlashPlayerUpdateSvc"=3
"BlueSoleil Hid Service"=2
"WMPNetworkSvc"=3
"Updater Service for StartNow Toolbar"=2
"W32Time"=2
"Browser"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Povolit program Bezdrátová klávesnice a myš Labtec.lnk - C:\Program Files\Bezdrátová klávesnice a myš Labtec\MagicKey.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-02-14 567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoInstrumentation"=1
"HonorAutorunSetting"=1
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.l3codec"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=serwvdrv.dll
"vidc.tscc"=tsccvid.dll
"wave4"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.XVID"=xvidvfw.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"VIDC.X264"=x264vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm

======List of files/folders created in the last 1 month======

2013-07-26 19:23:44 ----D---- C:\_OTM
2013-07-26 15:10:28 ----SHD---- C:\Recycled
2013-07-26 13:29:42 ----D---- C:\WINDOWS\temp
2013-07-26 13:29:41 ----A---- C:\ComboFix.txt
2013-07-26 10:38:14 ----A---- C:\Boot.bak
2013-07-26 10:38:08 ----RASHD---- C:\cmdcons
2013-07-26 10:15:29 ----A---- C:\WINDOWS\zip.exe
2013-07-26 10:15:29 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-07-26 10:15:29 ----A---- C:\WINDOWS\SWSC.exe
2013-07-26 10:15:29 ----A---- C:\WINDOWS\SWREG.exe
2013-07-26 10:15:29 ----A---- C:\WINDOWS\sed.exe
2013-07-26 10:15:29 ----A---- C:\WINDOWS\PEV.exe
2013-07-26 10:15:29 ----A---- C:\WINDOWS\NIRCMD.exe
2013-07-26 10:15:29 ----A---- C:\WINDOWS\MBR.exe
2013-07-26 10:15:29 ----A---- C:\WINDOWS\grep.exe
2013-07-26 10:15:20 ----D---- C:\Qoobox
2013-07-26 10:15:04 ----D---- C:\WINDOWS\erdnt
2013-07-25 21:23:09 ----HD---- C:\Program Files\Uninstall Information
2013-07-25 21:03:16 ----HD---- C:\WINDOWS\$NtUninstallKB2808679$
2013-07-25 20:55:11 ----D---- C:\WINDOWS\ie8updates
2013-07-25 20:48:50 ----HD---- C:\WINDOWS\ie8
2013-07-25 20:30:55 ----A---- C:\WINDOWS\imsins.BAK
2013-07-25 20:30:50 ----HD---- C:\WINDOWS\$NtUninstallKB963093$
2013-07-25 20:23:41 ----D---- C:\Program Files\trend micro
2013-07-25 20:23:40 ----D---- C:\rsit
2013-07-25 20:18:25 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2013-07-25 20:02:05 ----D---- C:\WINDOWS\system32\MRT
2013-07-25 19:03:25 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2013-07-25 19:03:24 ----D---- C:\WINDOWS\system32\winrm
2013-07-25 19:03:21 ----HD---- C:\WINDOWS\$968930Uinstall_KB968930$
2013-07-25 19:03:13 ----D---- C:\Documents and Settings\Vlastník\Data aplikací\Windows Desktop Search
2013-07-25 19:02:34 ----D---- C:\Program Files\Windows Desktop Search
2013-07-25 19:02:33 ----D---- C:\WINDOWS\system32\GroupPolicy
2013-07-25 19:02:20 ----HD---- C:\WINDOWS\$NtUninstallKB940157$
2013-07-25 15:45:23 ----D---- C:\Program Files\Yamicsoft
2013-07-25 15:31:10 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2013-07-25 15:31:10 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2013-07-25 15:31:10 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2013-07-25 15:31:10 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2013-07-25 15:31:08 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2013-07-25 15:31:08 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2013-07-25 15:31:08 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2013-07-25 15:31:07 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2013-07-25 15:31:06 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2013-07-25 15:31:06 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2013-07-25 15:31:05 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2013-07-25 15:31:05 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2013-07-25 15:31:04 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2013-07-25 15:31:04 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2013-07-25 15:31:03 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2013-07-25 15:31:03 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2013-07-25 15:31:02 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2013-07-25 15:31:01 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2013-07-25 15:31:01 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2013-07-25 15:30:57 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2013-07-25 15:30:57 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2013-07-25 15:30:55 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2013-07-25 15:30:52 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2013-07-25 15:30:52 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2013-07-25 15:30:51 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2013-07-25 15:30:50 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2013-07-25 15:30:49 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2013-07-25 15:30:49 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2013-07-25 15:30:48 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2013-07-25 15:30:47 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2013-07-25 15:30:47 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2013-07-25 15:30:47 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2013-07-25 15:30:46 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2013-07-25 15:30:46 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2013-07-25 15:30:46 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2013-07-25 15:30:44 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2013-07-25 15:30:43 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2013-07-25 15:30:43 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2013-07-25 15:30:43 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2013-07-25 15:30:41 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2013-07-25 15:30:41 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2013-07-25 15:30:40 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2013-07-25 15:30:40 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2013-07-25 15:30:39 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2013-07-25 15:30:39 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2013-07-25 15:30:37 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2013-07-25 15:30:36 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2013-07-25 15:30:35 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2013-07-25 15:30:35 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2013-07-25 15:30:34 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2013-07-25 15:30:34 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2013-07-25 15:30:32 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2013-07-25 15:30:30 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2013-07-25 15:30:29 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2013-07-25 15:30:29 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2013-07-25 15:30:27 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2013-07-25 15:30:25 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2013-07-25 15:30:24 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2013-07-25 15:30:24 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2013-07-25 15:30:23 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2013-07-25 15:30:22 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2013-07-25 15:30:22 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2013-07-25 15:30:22 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2013-07-25 15:30:22 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2013-07-25 15:30:21 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2013-07-25 15:30:19 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2013-07-25 15:30:15 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2013-07-25 15:30:07 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2013-07-25 15:30:07 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2013-07-25 15:30:03 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2013-07-25 15:30:02 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2013-07-25 15:30:02 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2013-07-25 15:30:02 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2013-07-25 15:30:02 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2013-07-25 15:30:02 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2013-07-25 15:30:02 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2013-07-25 15:30:01 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2013-07-25 15:30:01 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2013-07-25 15:30:01 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2013-07-25 15:30:01 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2013-07-25 15:30:01 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2013-07-25 15:29:59 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2013-07-25 15:29:58 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2013-07-25 15:29:58 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2013-07-25 15:29:58 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2013-07-25 15:29:58 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2013-07-25 15:29:58 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2013-07-25 15:29:57 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2013-07-25 15:29:57 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2013-07-25 15:29:57 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2013-07-25 15:29:55 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2013-07-25 15:27:40 ----D---- C:\WINDOWS\Logs
2013-07-25 13:19:16 ----A---- C:\WINDOWS\system32\javaws.exe
2013-07-25 13:18:56 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-07-25 13:18:56 ----A---- C:\WINDOWS\system32\javaw.exe
2013-07-25 13:18:56 ----A---- C:\WINDOWS\system32\java.exe
2013-07-25 12:45:38 ----D---- C:\Documents and Settings\Vlastník\Data aplikací\Malwarebytes
2013-07-25 12:45:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2013-07-25 12:45:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-07-25 12:45:25 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

======List of files/folders modified in the last 1 month======

2013-07-26 18:44:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-07-26 13:27:30 ----A---- C:\WINDOWS\system.ini
2013-07-26 10:38:16 ----RASH---- C:\boot.ini
2013-07-25 14:54:48 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-07-25 13:39:54 ----A---- C:\WINDOWS\win.ini
2013-07-25 13:18:18 ----A---- C:\WINDOWS\system32\npdeployJava1.dll
2013-07-25 13:18:18 ----A---- C:\WINDOWS\system32\deployJava1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2005-02-10 43488]
R1 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2013-01-10 161368]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2013-01-10 122240]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2013-02-14 62512]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2003-03-27 11776]
R1 moufiltr;Mouse Filter Driver; C:\WINDOWS\system32\drivers\moufiltr.sys [2003-01-23 9548]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2013-01-10 150080]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-11-13 391680]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-11-13 481596]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-08-31 20480]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2005-08-31 20480]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-07-29 11988]
R3 EL90Xbc;3Com 3C90X-BC Family PCI EtherLink Adapter; C:\WINDOWS\system32\DRIVERS\el90Xbc5.SYS [2002-08-13 74338]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2013-01-10 40376]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-04-26 988032]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2007-04-26 267520]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-10-29 2826944]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-04-26 731136]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 SpyEmrg;Spy Emergency Driver; C:\WINDOWS\System32\Drivers\spyemrg.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-09-29 9696]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-07-29 23000]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\VLASTNÍK\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-06-07 10305280]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VHidMinidrv;Bluetooth HID Device Service; C:\WINDOWS\system32\drivers\VHIDMini.sys [2005-07-29 11736]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2013-03-21 1341664]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-10-29 127043]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-21 162408]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-04-18 754856]
S4 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

Re: Dříve zavirovaný stolní PC, prosím o kontrolu

Napsal: 26 črc 2013 18:45
od Rudy
Log je již OK. Nastala nějaká změna?

Re: Dříve zavirovaný stolní PC, prosím o kontrolu

Napsal: 26 črc 2013 19:57
od ŠtěpánkaP
Rudy píše:Log je již OK. Nastala nějaká změna?
Již se to zdá vše v pořádku. Moc děkujeme :)

Re: Dříve zavirovaný stolní PC, prosím o kontrolu

Napsal: 26 črc 2013 20:29
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz