Dobrý den,prosím vás o kontrolu log. Po včerejší aktualizaci Adobe Flash mám problém s internetem. Odmítá načítat stránky,strašně pomalý.Jen chviličkama jede OK. Microsoft na mě "řval" že se v souboru MpSigDwn.dll (který jsem načel v Defenderu) je potenciálně nebezpečný software! Moc děkuji za kontrolu a případnou radu.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Miki at 2010-01-22 16:34:27
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 11 GB (35%) free of 30 GB
Total RAM: 1917 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:34:47, on 22.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Windows\vsnpstd3.exe
C:\Windows\tsnpstd3.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Teplota\Core Temp.exe
C:\Program Files\LeechGet 2009\LeechGet.exe
C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\FireTrust\MailWasher Free\MailWasher.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitor.exe
C:\Program Files\uTorrent\utorrent.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Leech\RSIT.exe
C:\Program Files\trend micro\Miki.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QFX Software KeyScrambler - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [Core Temp] "C:\Program Files\Teplota\Core Temp.exe"
O4 - HKCU\..\Run: [LeechGet] "C:\Program Files\LeechGet 2009\LeechGet.exe" -intray
O4 - HKCU\..\Run: [DiskMonitorAdmin] "C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitor.exe" hide
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: CCC.lnk = ?
O4 - Startup: MailWasherFree.lnk = C:\Program Files\FireTrust\MailWasher Free\MailWasher.exe
O8 - Extra context menu item: Analyzovat LeechGetem - file://C:\Program Files\LeechGet 2009\\Parser.html
O8 - Extra context menu item: Download LeechGetem - file://C:\Program Files\LeechGet 2009\\AddUrl.html
O8 - Extra context menu item: Download s průvodcem LeechGetu - file://C:\Program Files\LeechGet 2009\\Wizard.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra 'Tools' menuitem: &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Active@ Disk Monitor - LSoft Technologies Inc - C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\BurnAware Free\NMSAccess32.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
--
End of file - 7690 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\AutoSmartDefrag.job
C:\Windows\tasks\Wise Disk Cleaner 4.job
C:\Windows\tasks\Wise Registry Cleaner 4.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2B9F5787-88A5-4945-90E7-C4B18563BC5E}]
KeyScramblerBHO Class - C:\Program Files\KeyScrambler\KeyScramblerIE.dll [2009-10-09 796400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C920E44A-7F78-4E64-BDD7-A57026E7FEB7}]
WOT Helper - C:\Program Files\WOT\WOT.dll [2009-04-15 1262240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-15 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{71576546-354D-41c9-AAE8-31F2EC22BF0D} - WOT - C:\Program Files\WOT\WOT.dll [2009-04-15 1262240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-22 630784]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-23 2615624]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-23 906648]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2007-10-23 140568]
"OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-14 2374464]
"OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2009-04-14 428032]
"snpstd3"=C:\Windows\vsnpstd3.exe [2006-09-19 827392]
"tsnpstd3"=C:\Windows\tsnpstd3.exe [2007-03-10 270336]
"MSSE"=c:\Program Files\Microsoft Security Essentials\msseces.exe [2009-09-13 1048392]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"Core Temp"=C:\Program Files\Teplota\Core Temp.exe [2009-08-05 378384]
"LeechGet"=C:\Program Files\LeechGet 2009\LeechGet.exe [2009-02-08 2134016]
"DiskMonitorAdmin"=C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitor.exe [2009-04-23 3835384]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2009-12-21 1803064]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]
C:\Users\Miki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
MailWasherFree.lnk - C:\Program Files\FireTrust\MailWasher Free\MailWasher.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~1\agnitum\outpos~1\wl_hook.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{213f867c-f06a-11de-8a34-00030d6a40d2}]
shell\AutoRun\command - F:\Toshiba\Launcher\start.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-01-22 16:34:27 ----D---- C:\rsit
2010-01-22 16:34:27 ----D---- C:\Program Files\trend micro
2010-01-11 16:17:18 ----D---- C:\Windows\Auslogics Disk Defrag Screensaver
2010-01-11 16:17:18 ----D---- C:\Program Files\Auslogics
2010-01-01 13:10:21 ----D---- C:\ProgramData\QuickMediaConverter
2010-01-01 13:10:09 ----D---- C:\Users\Miki\AppData\Roaming\CocoonSoftware
2010-01-01 13:09:53 ----D---- C:\Program Files\QuickMediaConverter
2010-01-01 12:49:53 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-01-01 12:49:46 ----SHD---- C:\Config.Msi
2009-12-29 17:34:27 ----D---- C:\Program Files\WOT
2009-12-28 23:51:55 ----D---- C:\Program Files\Windows Portable Devices
2009-12-28 23:46:28 ----A---- C:\Windows\system32\tzres.dll
2009-12-28 23:45:54 ----A---- C:\Windows\system32\UIAnimation.dll
2009-12-28 23:45:53 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-12-28 23:45:53 ----A---- C:\Windows\system32\UIRibbon.dll
2009-12-28 23:45:16 ----A---- C:\Windows\system32\WMPhoto.dll
2009-12-28 23:45:15 ----A---- C:\Windows\system32\cdd.dll
2009-12-28 23:45:14 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-12-28 23:45:14 ----A---- C:\Windows\system32\d3d10warp.dll
2009-12-28 23:45:13 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-12-28 23:45:13 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-12-28 23:45:13 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-12-28 23:45:13 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-12-28 23:45:13 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-12-28 23:45:13 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-12-28 23:45:13 ----A---- C:\Windows\system32\dxdiagn.dll
2009-12-28 23:45:13 ----A---- C:\Windows\system32\dxdiag.exe
2009-12-28 23:45:13 ----A---- C:\Windows\system32\d2d1.dll
2009-12-28 23:45:12 ----A---- C:\Windows\system32\xpsservices.dll
2009-12-28 23:45:12 ----A---- C:\Windows\system32\XpsPrint.dll
2009-12-28 23:45:12 ----A---- C:\Windows\system32\OpcServices.dll
2009-12-28 23:45:12 ----A---- C:\Windows\system32\FntCache.dll
2009-12-28 23:45:12 ----A---- C:\Windows\system32\dxgi.dll
2009-12-28 23:45:12 ----A---- C:\Windows\system32\DWrite.dll
2009-12-28 23:45:12 ----A---- C:\Windows\system32\d3d11.dll
2009-12-28 23:45:12 ----A---- C:\Windows\system32\d3d10level9.dll
2009-12-28 23:45:12 ----A---- C:\Windows\system32\d3d10core.dll
2009-12-28 23:45:12 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-12-28 23:45:12 ----A---- C:\Windows\system32\d3d10_1.dll
2009-12-28 23:45:11 ----A---- C:\Windows\system32\d3d10.dll
2009-12-28 23:44:38 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-12-28 23:44:38 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-12-28 23:44:38 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-12-28 23:44:34 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-12-28 23:44:32 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-12-28 23:44:32 ----A---- C:\Windows\system32\wpdshext.dll
2009-12-28 23:44:32 ----A---- C:\Windows\system32\wpd_ci.dll
2009-12-28 23:44:32 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-12-28 23:44:32 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-12-28 23:44:31 ----A---- C:\Windows\system32\WPDSp.dll
2009-12-28 23:44:31 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-12-28 23:44:31 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-12-28 23:43:35 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-12-28 23:43:35 ----A---- C:\Windows\system32\oleaccrc.dll
2009-12-28 23:43:35 ----A---- C:\Windows\system32\oleacc.dll
2009-12-28 23:41:52 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-28 23:41:47 ----A---- C:\Windows\system32\httpapi.dll
2009-12-28 23:37:34 ----A---- C:\Windows\system32\mshtml.dll
2009-12-28 23:37:33 ----A---- C:\Windows\system32\ieframe.dll
2009-12-28 23:37:32 ----A---- C:\Windows\system32\wininet.dll
2009-12-28 23:37:32 ----A---- C:\Windows\system32\urlmon.dll
2009-12-28 23:37:32 ----A---- C:\Windows\system32\occache.dll
2009-12-28 23:37:32 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-28 23:37:32 ----A---- C:\Windows\system32\iertutil.dll
2009-12-28 23:37:31 ----A---- C:\Windows\system32\ieui.dll
2009-12-28 23:37:31 ----A---- C:\Windows\system32\iepeers.dll
2009-12-28 23:37:31 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-28 23:37:30 ----A---- C:\Windows\system32\msfeedssync.exe
2009-12-28 23:37:30 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-12-28 23:37:30 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-28 23:37:30 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-28 23:37:30 ----A---- C:\Windows\system32\iesysprep.dll
2009-12-28 23:37:30 ----A---- C:\Windows\system32\iesetup.dll
2009-12-28 23:37:30 ----A---- C:\Windows\system32\iernonce.dll
2009-12-28 23:37:30 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-28 23:37:10 ----A---- C:\Windows\system32\winhttp.dll
2009-12-28 23:37:08 ----A---- C:\Windows\system32\msxml6.dll
2009-12-28 23:37:07 ----A---- C:\Windows\system32\msxml3.dll
2009-12-28 23:36:09 ----A---- C:\Windows\system32\rastls.dll
2009-12-28 23:35:05 ----A---- C:\Windows\system32\WSDApi.dll
2009-12-27 16:59:39 ----D---- C:\ProgramData\Alex Gordon
2009-12-27 16:44:38 ----D---- C:\Users\Miki\AppData\Roaming\V-Games
2009-12-26 13:51:50 ----D---- C:\Users\Miki\AppData\Roaming\Friday's games
2009-12-26 12:05:51 ----D---- C:\Users\Miki\AppData\Roaming\TMInc
======List of files/folders modified in the last 1 months======
2010-01-22 16:34:36 ----D---- C:\Windows\Temp
2010-01-22 16:34:27 ----RD---- C:\Program Files
2010-01-22 16:34:20 ----D---- C:\Users\Miki\AppData\Roaming\uTorrent
2010-01-22 16:10:24 ----D---- C:\Windows\Prefetch
2010-01-22 15:49:05 ----D---- C:\Windows
2010-01-22 15:48:56 ----AD---- C:\ProgramData\TEMP
2010-01-22 15:48:23 ----D---- C:\Users\Miki\AppData\Roaming\MailWasherFree
2010-01-22 15:48:03 ----D---- C:\Program Files\Teplota
2010-01-22 15:46:31 ----SHD---- C:\System Volume Information
2010-01-21 15:14:40 ----HD---- C:\ProgramData
2010-01-21 15:14:18 ----D---- C:\Windows\Downloaded Program Files
2010-01-18 19:42:20 ----D---- C:\Windows\System32
2010-01-18 19:42:20 ----D---- C:\Windows\inf
2010-01-18 19:42:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-17 20:27:36 ----D---- C:\Program Files\FreeRapid-0.83u1
2010-01-17 16:19:29 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-17 16:19:25 ----D---- C:\Windows\system32\drivers
2010-01-16 14:13:22 ----D---- C:\Program Files\Mozilla Thunderbird
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-11 16:17:22 ----D---- C:\Windows\system32\Tasks
2010-01-04 17:04:16 ----D---- C:\Users\Miki\AppData\Roaming\Skype
2010-01-04 16:57:12 ----D---- C:\Users\Miki\AppData\Roaming\skypePM
2010-01-04 15:53:03 ----D---- C:\Windows\system32\catroot2
2010-01-01 13:04:22 ----D---- C:\Program Files\JetAudio
2010-01-01 13:04:21 ----D---- C:\Program Files\Common Files\COWON
2010-01-01 12:50:30 ----SHD---- C:\Windows\Installer
2010-01-01 12:50:25 ----D---- C:\Program Files\SUPERAntiSpyware
2010-01-01 12:50:23 ----D---- C:\Users\Miki\AppData\Roaming\SUPERAntiSpyware.com
2010-01-01 12:49:53 ----D---- C:\Program Files\Common Files
2009-12-29 17:53:18 ----D---- C:\Users\Miki\AppData\Roaming\Mozilla
2009-12-29 10:05:12 ----D---- C:\Windows\rescache
2009-12-29 10:00:12 ----D---- C:\Windows\winsxs
2009-12-29 09:51:23 ----D---- C:\Windows\Debug
2009-12-29 09:49:27 ----D---- C:\Windows\system32\catroot
2009-12-28 23:51:56 ----D---- C:\Windows\system32\cs-CZ
2009-12-28 23:51:55 ----D---- C:\Windows\system32\wbem
2009-12-28 23:51:54 ----D---- C:\Windows\system32\zh-TW
2009-12-28 23:51:54 ----D---- C:\Windows\system32\zh-HK
2009-12-28 23:51:54 ----D---- C:\Windows\system32\uk-UA
2009-12-28 23:51:54 ----D---- C:\Windows\system32\tr-TR
2009-12-28 23:51:54 ----D---- C:\Windows\system32\th-TH
2009-12-28 23:51:54 ----D---- C:\Windows\system32\sv-SE
2009-12-28 23:51:54 ----D---- C:\Windows\system32\sr-Latn-CS
2009-12-28 23:51:54 ----D---- C:\Windows\system32\sl-SI
2009-12-28 23:51:54 ----D---- C:\Windows\system32\sk-SK
2009-12-28 23:51:54 ----D---- C:\Windows\system32\pt-PT
2009-12-28 23:51:54 ----D---- C:\Windows\system32\pt-BR
2009-12-28 23:51:54 ----D---- C:\Windows\system32\pl-PL
2009-12-28 23:51:54 ----D---- C:\Windows\system32\nl-NL
2009-12-28 23:51:54 ----D---- C:\Windows\system32\lv-LV
2009-12-28 23:51:54 ----D---- C:\Windows\system32\lt-LT
2009-12-28 23:51:54 ----D---- C:\Windows\system32\ko-KR
2009-12-28 23:51:54 ----D---- C:\Windows\system32\it-IT
2009-12-28 23:51:54 ----D---- C:\Windows\system32\hu-HU
2009-12-28 23:51:54 ----D---- C:\Windows\system32\hr-HR
2009-12-28 23:51:54 ----D---- C:\Windows\system32\he-IL
2009-12-28 23:51:54 ----D---- C:\Windows\system32\fr-FR
2009-12-28 23:51:54 ----D---- C:\Windows\system32\fi-FI
2009-12-28 23:51:54 ----D---- C:\Windows\system32\es-ES
2009-12-28 23:51:54 ----D---- C:\Windows\system32\el-GR
2009-12-28 23:51:54 ----D---- C:\Windows\system32\bg-BG
2009-12-28 23:51:53 ----D---- C:\Windows\system32\zh-CN
2009-12-28 23:51:53 ----D---- C:\Windows\system32\ru-RU
2009-12-28 23:51:53 ----D---- C:\Windows\system32\ro-RO
2009-12-28 23:51:53 ----D---- C:\Windows\system32\nb-NO
2009-12-28 23:51:53 ----D---- C:\Windows\system32\migration
2009-12-28 23:51:53 ----D---- C:\Windows\system32\ja-JP
2009-12-28 23:51:53 ----D---- C:\Windows\system32\et-EE
2009-12-28 23:51:53 ----D---- C:\Windows\system32\en-US
2009-12-28 23:51:53 ----D---- C:\Windows\system32\de-DE
2009-12-28 23:51:53 ----D---- C:\Windows\system32\da-DK
2009-12-28 23:51:53 ----D---- C:\Windows\system32\ar-SA
2009-12-28 23:51:53 ----D---- C:\Program Files\Windows Mail
2009-12-28 23:51:53 ----D---- C:\Program Files\Internet Explorer
2009-12-28 19:55:24 ----D---- C:\Program Files\ICQ6.5
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 afw;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys [2009-02-18 29208]
R1 AMD64CA;AMD64CA; \??\C:\Windows\System32\Drivers\AMD64CAx86.sys [2009-12-01 8368]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R1 SandBox;SandBox; \??\C:\Windows\system32\drivers\SandBox.sys [2009-04-06 704384]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2009-12-16 9968]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2009-12-16 74480]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2009-04-12 44384]
R3 afwcore;afwcore; C:\Windows\system32\drivers\afwcore.sys [2009-02-10 307224]
R3 ALSysIO;ALSysIO; \??\C:\Users\Miki\AppData\Local\Temp\ALSysIO.sys []
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
R3 KeyScrambler;KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [2009-10-04 115312]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-02-02 2385920]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-11-16 216576]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-12-16 7408]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-22 982272]
S1 ntiomin;ntiomin; C:\Windows\system32\drivers\ntiomin.sys []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys [2006-12-20 97920]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2007-03-26 10252544]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2007-10-23 427288]
R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-14 1195008]
R2 Active@ Disk Monitor;Active@ Disk Monitor; C:\Program Files\LSoft Technologies Inc\Active@ Hard Disk Monitor\DiskMonitorService.exe [2009-04-23 1123784]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-02-02 565248]
R2 MsMpSvc;@c:\Program Files\Microsoft Security Essentials\MpAsDesc.dll,-241; c:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2009-07-02 17904]
R2 NMSAccess;NMSAccess; C:\Program Files\BurnAware Free\NMSAccess32.exe [2009-01-12 71096]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-23 495832]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119314
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu
Udělejte sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?