VIRY.CZ

Dobrý večer, prosil bych o kontrolu logu. Poslední dobou se mi PC nějak zasekává a taky se mi zdá pomalejší než předtím.
Tady je log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by User at 2010-04-11 21:28:42
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 389 GB (82%) free of 477 GB
Total RAM: 3327 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:28:52, on 11.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\User\Plocha\RSIT.exe
C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se6087.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 5154 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-03-21 1953792]
"CTHelper"=C:\WINDOWS\CTHELPER.EXE [2006-05-24 17920]
"AudioDrvEmulator"=C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [2005-11-04 49152]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
"Samsung PanelMgr"=C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2008-02-11 536576]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\EFS]
C:\WINDOWS\system32\sclgntfy.dll [2008-04-14 22016]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoViewOnDrive"=64

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\nvsvc32.exe"="C:\WINDOWS\system32\nvsvc32.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\wbem\wmiprvse.exe"="C:\WINDOWS\system32\wbem\wmiprvse.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\PROGRA~1\COMMON~1\MICROS~1\DW\DW20.EXE"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\DW20.EXE:*:Enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\MagicTune Premium\MagicTune.exe"="C:\Program Files\MagicTune Premium\MagicTune.exe:*:Enabled:MagicTune"
"C:\Program Files\Steam\steam.exe"="C:\Program Files\Steam\steam.exe:*:Enabled:Steam 732897"
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe"="C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe"="C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:@xpsp2res.dll,-22019"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\nvsvc32.exe"="C:\WINDOWS\system32\nvsvc32.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\wbem\wmiprvse.exe"="C:\WINDOWS\system32\wbem\wmiprvse.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\PROGRA~1\COMMON~1\MICROS~1\DW\DW20.EXE"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\DW20.EXE:*:Enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-04-11 21:28:42 ----D---- C:\rsit
2010-04-11 21:26:17 ----D---- C:\Program Files\trend micro
2010-04-11 18:54:04 ----RD---- C:\Program Files\Steam
2010-04-05 17:30:03 ----D---- C:\WINDOWS\Minidump
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\wvc1dmod.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\sipr3260.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\Pncrt.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\drv43260.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\drv33260.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\drv23260.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\cook3260.dll
2010-03-28 17:51:38 ----RD---- C:\Program Files\VSO
2010-03-21 19:22:34 ----RD---- C:\Program Files\EA Sports
2010-03-20 16:22:42 ----RA---- C:\WINDOWS\system32\MafiaSetup.exe

======List of files/folders modified in the last 1 months======

2010-04-11 21:27:32 ----D---- C:\WINDOWS\temp
2010-04-11 21:26:27 ----D---- C:\WINDOWS\Prefetch
2010-04-11 21:26:17 ----RD---- C:\Program Files
2010-04-11 21:11:30 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-11 21:06:14 ----D---- C:\WINDOWS
2010-04-11 20:17:48 ----RD---- C:\WINDOWS\Web
2010-04-11 20:16:38 ----A---- C:\WINDOWS\ODBCINST.INI
2010-04-11 20:15:28 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-11 20:14:44 ----D---- C:\WINDOWS\system32\ias
2010-04-11 19:34:38 ----SHD---- C:\System Volume Information
2010-04-11 19:34:38 ----D---- C:\WINDOWS\system32\Restore
2010-04-11 18:54:07 ----SHD---- C:\WINDOWS\Installer
2010-04-11 18:53:51 ----D---- C:\WINDOWS\system32\DirectX
2010-04-11 18:53:50 ----HD---- C:\WINDOWS\inf
2010-04-11 18:53:10 ----RSD---- C:\WINDOWS\assembly
2010-04-11 17:36:00 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-11 17:02:16 ----D---- C:\WINDOWS\LastGood
2010-04-11 14:07:49 ----RD---- C:\Program Files\SUPERAntiSpyware
2010-04-11 14:03:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-11 14:03:06 ----D---- C:\WINDOWS\Help
2010-04-11 13:05:15 ----RD---- C:\Program Files\Windows Live Safety Center
2010-04-10 21:51:56 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-04-07 17:25:58 ----D---- C:\Documents and Settings\User\Data aplikací\OpenOffice.org2
2010-04-06 18:42:07 ----D---- C:\WINDOWS\system32
2010-04-06 18:39:25 ----D---- C:\WINDOWS\system32\drivers
2010-04-06 18:29:43 ----RD---- C:\Program Files\ICQ7.0
2010-04-04 18:17:36 ----D---- C:\WINDOWS\system32\config
2010-04-04 17:53:29 ----RD---- C:\Program Files\CCleaner
2010-04-04 17:21:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-04-04 17:09:34 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2010-04-04 16:58:47 ----A---- C:\WINDOWS\system.ini
2010-03-31 12:09:11 ----RD---- C:\Program Files\Internet Explorer
2010-03-31 12:07:09 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-30 13:45:11 ----RD---- C:\Program Files\Fraps
2010-03-28 18:59:40 ----D---- C:\Documents and Settings\User\Data aplikací\Vso
2010-03-28 17:52:00 ----A---- C:\Documents and Settings\User\Data aplikací\inst.exe
2010-03-28 17:25:37 ----D---- C:\Documents and Settings\User\Data aplikací\ICQ
2010-03-28 13:44:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-24 20:35:12 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-03-20 18:31:51 ----A---- C:\WINDOWS\CDex.INI
2010-03-14 14:18:03 ----D---- C:\WINDOWS\Debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-02-06 93336]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/02 23:53:41]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 38656]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2006-05-24 502272]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2006-05-24 499584]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2006-05-24 7168]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2006-05-24 143872]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2006-05-24 78336]
R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-05-24 1110016]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-25 25280]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2006-05-24 116224]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-12-02 47360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2009-01-13 19336]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2009-01-13 49160]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S3 a8j2i5ds;a8j2i5ds; C:\WINDOWS\system32\drivers\a8j2i5ds.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-11-10 340704]
S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys [2008-10-24 13184]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2009-01-13 29192]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2009-01-13 14728]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-06-21 75064]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-11-24 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-11-24 360192]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216]

-----------------EOF-----------------

Zdravím

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

Spusťte program, poté klikněte na Prohledat
Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Tady je log z OTL.Txt:

OTL logfile created on: 11.4.2010 22:02:43 - Run 4
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Documents and Settings\User\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 81,00% Memory free
5,00 Gb Paging File | 5,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): c:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 380,26 Gb Free Space | 81,64% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: USER-9DE226B0D7
Current User Name: User
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.04.11 22:02:37 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Plocha\OTL.exe
PRC - [2009.11.24 14:55:58 | 000,603,904 | ---- | M] (TuneUp Software) -- C:\WINDOWS\system32\TUProgSt.exe
PRC - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2009.02.06 14:23:12 | 002,021,400 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2008.04.14 05:22:22 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.02.11 02:43:40 | 000,536,576 | ---- | M] () -- C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
PRC - [2006.05.24 06:20:41 | 000,017,920 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\CTHELPER.EXE
PRC - [2005.11.04 18:07:56 | 000,049,152 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe

========== Modules (SafeList) ==========

MOD - [2010.04.11 22:02:37 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Plocha\OTL.exe

========== Win32 Services (SafeList) ==========

SRV - [2009.11.24 14:55:58 | 000,603,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2009.11.24 14:55:56 | 000,360,192 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.06.02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.02.06 14:27:06 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2009.02.06 14:23:36 | 000,727,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2008.12.11 14:31:36 | 000,027,904 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008.07.29 20:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2006.04.14 10:04:54 | 000,087,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)

========== Driver Services (SafeList) ==========

DRV - [2010.01.12 12:03:34 | 010,276,768 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2009.04.28 11:33:44 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009.04.28 11:33:42 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009.04.28 11:33:40 | 000,072,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2009.03.25 17:54:45 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.02.28 20:40:18 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/12/02 23:53:41] [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009.02.06 14:24:24 | 000,093,336 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2009.02.06 14:23:18 | 000,106,208 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2009.02.06 14:19:52 | 000,113,448 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2009.01.13 20:13:52 | 000,049,160 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009.01.13 20:13:44 | 000,014,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009.01.13 20:13:28 | 000,029,192 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009.01.13 20:13:20 | 000,019,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2008.10.24 18:55:22 | 000,013,184 | ---- | M] (Samsung Electronics, Inc. ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MTiCtwl.sys -- (MagicTune)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.10 20:53:14 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 20:40:30 | 000,096,512 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007.03.26 21:21:06 | 004,395,008 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.03.24 13:20:24 | 000,046,208 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID)
DRV - [2007.03.15 16:12:02 | 000,038,656 | R--- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2007.01.31 07:48:51 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV - [2006.05.24 05:41:07 | 000,007,168 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2006.05.24 05:41:04 | 000,499,584 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2006.05.24 05:40:21 | 001,110,016 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ha20x2k.sys -- (ha20x2k)
DRV - [2006.05.24 05:38:30 | 000,116,224 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2006.05.24 05:38:08 | 000,143,872 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2006.05.24 05:38:01 | 000,078,336 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2006.05.24 05:37:44 | 000,502,272 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006.02.07 21:52:58 | 000,006,912 | R--- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO)
DRV - [2005.11.10 11:06:04 | 000,340,704 | R--- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2004.08.13 20:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004.04.30 09:37:02 | 000,160,640 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\a347bus.sys -- (a347bus)
DRV - [2004.04.30 09:33:00 | 000,005,248 | ---- | M] ( ) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\a347scsi.sys -- (a347scsi)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.seznam.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultScope = {A3B1A68E-51A6-4355-BBD8-4F9F33248A0A}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2009.06.28 19:33:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.05.26 14:13:37 | 000,000,000 | ---D | M]

[2009.06.30 21:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Mozilla\Extensions
[2009.06.30 21:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\User\Data aplikací\Mozilla\Extensions\MediaCoder

O1 HOSTS File: ([2010.04.11 20:19:15 | 000,000,761 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\CTHELPER.EXE (Creative Technology Ltd)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 64
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe (ICQ, LLC.)
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://cdn.scan.onecare.live.com/resour ... se6087.cab (Windows Live Safety Center Base Module)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\User\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\User\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.04.11 22:02:23 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Plocha\OTL.exe
[2010.04.11 21:28:42 | 000,000,000 | ---D | C] -- C:\rsit
[2010.04.11 21:26:17 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.04.11 21:05:47 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\User\Recent
[2010.04.11 18:54:04 | 000,000,000 | R--D | C] -- C:\Program Files\Steam
[2010.04.05 17:30:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010.03.28 17:51:44 | 001,184,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wvc1dmod.dll
[2010.03.28 17:51:44 | 000,626,688 | ---- | C] (On2.com) -- C:\WINDOWS\System32\vp7vfw.dll
[2010.03.28 17:51:44 | 000,273,408 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\Pncrt.dll
[2010.03.28 17:51:44 | 000,217,127 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv43260.dll
[2010.03.28 17:51:44 | 000,208,935 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv33260.dll
[2010.03.28 17:51:44 | 000,176,165 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\drv23260.dll
[2010.03.28 17:51:44 | 000,102,439 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\sipr3260.dll
[2010.03.28 17:51:44 | 000,065,602 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\cook3260.dll
[2010.03.28 17:51:38 | 000,000,000 | R--D | C] -- C:\Program Files\VSO
[2010.03.21 19:50:27 | 000,000,000 | R--D | C] -- C:\Documents and Settings\User\Dokumenty\FIFA 10
[2010.03.21 19:22:34 | 000,000,000 | R--D | C] -- C:\Program Files\EA Sports
[2009.12.26 22:42:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.08.11 17:39:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\ESET
[2009.05.24 19:53:59 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2009.05.24 19:53:59 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2009.05.24 19:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2009.04.19 20:36:21 | 000,160,640 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347bus.sys
[2009.04.19 20:36:21 | 000,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\a347scsi.sys
[2009.04.07 19:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Xfire
[2008.10.29 19:23:51 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\User\Data aplikací\pcouffin.sys
[2006.05.24 06:38:39 | 000,033,792 | R--- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.11 22:02:37 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Plocha\OTL.exe
[2010.04.11 21:19:11 | 000,781,909 | ---- | M] () -- C:\Documents and Settings\User\Plocha\RSIT.exe
[2010.04.11 20:19:43 | 000,064,900 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000002-00001102-00000005-002C1102}.rfx
[2010.04.11 20:19:43 | 000,054,332 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000002-00001102-00000005-002C1102}.rfx
[2010.04.11 20:19:43 | 000,054,332 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000002-00001102-00000005-002C1102}.rfx
[2010.04.11 20:19:43 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settingsbkup.sfm
[2010.04.11 20:19:43 | 000,001,080 | ---- | M] () -- C:\WINDOWS\System32\settings.sfm
[2010.04.11 20:16:38 | 000,004,249 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010.04.11 20:12:24 | 000,268,391 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2010.04.11 20:12:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.11 20:12:19 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.11 17:36:00 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.11 15:32:31 | 000,000,155 | ---- | M] () -- C:\Documents and Settings\User\default.pls
[2010.04.11 15:11:49 | 009,961,472 | ---- | M] () -- C:\Documents and Settings\User\ntuser.dat
[2010.04.10 21:51:51 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\User\ntuser.ini
[2010.04.10 20:50:11 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.09 19:17:27 | 000,108,032 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.04 18:17:43 | 009,961,472 | ---- | M] () -- C:\Documents and Settings\User\ntuser.dat.rcbak
[2010.04.04 17:09:34 | 000,000,151 | ---- | M] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010.04.04 17:00:06 | 000,269,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.04.04 16:58:47 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.03.31 14:03:58 | 002,057,330 | -H-- | M] () -- C:\Documents and Settings\User\Local Settings\Data aplikací\IconCache.db
[2010.03.30 13:45:11 | 000,000,638 | ---- | M] () -- C:\Documents and Settings\User\Plocha\Fraps.lnk
[2010.03.28 19:10:40 | 000,001,189 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\vso_ts_preview.xml
[2010.03.28 17:52:00 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\inst.exe
[2010.03.28 17:52:00 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\User\Data aplikací\pcouffin.sys
[2010.03.28 17:52:00 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\pcouffin.cat
[2010.03.28 17:52:00 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\pcouffin.inf
[2010.03.28 17:51:59 | 000,000,859 | ---- | M] () -- C:\Documents and Settings\User\Plocha\ConvertXtoDVD 4.lnk
[2010.03.28 13:44:50 | 001,045,986 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.28 13:44:50 | 000,440,820 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 13:44:50 | 000,437,336 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.28 13:44:50 | 000,082,642 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.28 13:44:50 | 000,071,138 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.20 18:31:51 | 000,002,707 | ---- | M] () -- C:\WINDOWS\CDex.INI
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.04.11 21:19:07 | 000,781,909 | ---- | C] () -- C:\Documents and Settings\User\Plocha\RSIT.exe
[2010.03.30 13:45:11 | 000,000,638 | ---- | C] () -- C:\Documents and Settings\User\Plocha\Fraps.lnk
[2010.03.28 17:51:59 | 000,000,859 | ---- | C] () -- C:\Documents and Settings\User\Plocha\ConvertXtoDVD 4.lnk
[2010.03.20 16:22:42 | 000,319,488 | R--- | C] () -- C:\WINDOWS\System32\MafiaSetup.exe
[2010.01.31 16:11:37 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\SecSNMP.dll
[2010.01.31 16:11:37 | 000,022,723 | ---- | C] () -- C:\WINDOWS\System32\cl35cl3.dll
[2009.12.02 19:38:10 | 000,001,189 | ---- | C] () -- C:\Documents and Settings\User\Data aplikací\vso_ts_preview.xml
[2009.12.01 19:24:07 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\User\ntuser.dat.rctemp.LOG
[2009.11.09 11:27:53 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\C02060F643.sys
[2009.11.09 11:27:52 | 000,002,828 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
[2009.08.09 16:19:36 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\User\ntuser.dat_TU_18539.LOG
[2009.08.02 16:02:21 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\User\ntuser.dat_TU_52884.LOG
[2009.07.27 21:15:16 | 000,585,768 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2009.06.21 16:45:17 | 000,138,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.06.07 13:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll
[2009.04.15 13:36:52 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2009.01.01 16:01:34 | 000,000,120 | ---- | C] () -- C:\WINDOWS\disney.ini
[2008.12.21 18:12:52 | 000,000,143 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2008.11.27 14:27:39 | 000,000,124 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Data aplikací\fusioncache.dat
[2008.10.29 19:55:14 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\User\Data aplikací\PnkBstrK.sys
[2008.10.29 19:23:51 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\User\Data aplikací\inst.exe
[2008.10.29 19:23:51 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\User\Data aplikací\pcouffin.cat
[2008.10.29 19:23:51 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\User\Data aplikací\pcouffin.inf
[2008.10.27 22:29:54 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\User\Data aplikací\pcouffin.log
[2008.10.26 18:46:14 | 009,961,472 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat.rcbak
[2008.10.26 18:46:14 | 009,961,472 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat
[2008.10.26 18:46:14 | 005,505,024 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_75598
[2008.10.26 18:46:14 | 005,505,024 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_52884
[2008.10.26 18:46:14 | 005,505,024 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_19717
[2008.10.26 18:46:14 | 005,505,024 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_18539
[2008.10.26 18:46:14 | 005,242,880 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_94510
[2008.10.26 18:46:14 | 005,242,880 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_45390
[2008.10.26 18:46:14 | 005,242,880 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_40821
[2008.10.26 18:46:14 | 005,242,880 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_30261
[2008.10.26 18:46:14 | 005,242,880 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_15720
[2008.10.26 18:46:14 | 004,980,736 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_97878
[2008.10.26 18:46:14 | 004,980,736 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_26758
[2008.10.26 18:46:14 | 004,718,592 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_88306
[2008.10.26 18:46:14 | 004,718,592 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_66278
[2008.10.26 18:46:14 | 004,718,592 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_63043
[2008.10.26 18:46:14 | 004,718,592 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_57573
[2008.10.26 18:46:14 | 004,718,592 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_34737
[2008.10.26 18:46:14 | 004,456,448 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_63314
[2008.10.26 18:46:14 | 004,456,448 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_57646
[2008.10.26 18:46:14 | 004,456,448 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_42441
[2008.10.26 18:46:14 | 004,456,448 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_41545
[2008.10.26 18:46:14 | 004,194,304 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_99945
[2008.10.26 18:46:14 | 004,194,304 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_71496
[2008.10.26 18:46:14 | 004,194,304 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_39310
[2008.10.26 18:46:14 | 004,194,304 | ---- | C] () -- C:\Documents and Settings\User\ntuser.dat_BAK_25638
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.08.29 19:18:32 | 000,000,039 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008.08.10 20:53:13 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2008.08.06 18:19:51 | 000,000,635 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2008.07.18 16:34:02 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\User\.rnd
[2008.07.08 19:44:01 | 000,002,707 | ---- | C] () -- C:\WINDOWS\CDex.INI
[2008.05.24 00:25:05 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2008.04.29 18:58:00 | 000,000,155 | ---- | C] () -- C:\Documents and Settings\User\default.pls
[2008.04.29 18:38:53 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2008.04.27 17:35:30 | 000,108,032 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.04.26 22:07:29 | 000,005,114 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2008.04.26 22:07:24 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2008.04.24 15:28:18 | 000,000,067 | ---- | C] () -- C:\WINDOWS\Easy Avi Divx Xvid to DVD Burner.INI
[2008.04.24 14:46:16 | 000,002,452 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2008.04.18 20:35:04 | 000,262,144 | ---- | C] () -- C:\Documents and Settings\All Users\ntuser.dat
[2008.04.18 20:35:04 | 000,001,024 | -H-- | C] () -- C:\Documents and Settings\All Users\ntuser.dat.LOG
[2008.04.18 19:41:54 | 000,086,445 | R--- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2008.04.18 19:41:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\CTXFIRES.DLL
[2008.04.18 19:41:54 | 000,000,191 | R--- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2008.04.18 17:45:53 | 000,015,446 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2008.04.18 17:30:53 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2008.04.18 17:30:52 | 000,015,121 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2008.04.18 17:30:43 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2008.04.18 17:03:24 | 000,028,672 | -H-- | C] () -- C:\Documents and Settings\User\ntuser.dat.LOG
[2008.04.18 17:03:24 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\User\ntuser.ini
[2008.04.18 17:03:23 | 003,932,160 | ---- | C] () -- C:\Documents and Settings\User\NTUSER.DAT_BAK_37682
[2008.04.18 17:03:23 | 003,670,016 | ---- | C] () -- C:\Documents and Settings\User\NTUSER.DAT_BAK_87220
[2008.04.18 17:03:23 | 003,670,016 | ---- | C] () -- C:\Documents and Settings\User\NTUSER.DAT_BAK_50106
[2008.04.18 17:03:23 | 003,670,016 | ---- | C] () -- C:\Documents and Settings\User\NTUSER.DAT_BAK_37067
[2008.04.18 17:03:23 | 003,670,016 | ---- | C] () -- C:\Documents and Settings\User\NTUSER.DAT_BAK_33423
[2008.04.18 17:03:23 | 003,407,872 | ---- | C] () -- C:\Documents and Settings\User\NTUSER.DAT_BAK_65539
[2008.04.18 17:03:23 | 002,621,440 | ---- | C] () -- C:\Documents and Settings\User\NTUSER.DAT_BAK_17697
[2008.04.18 17:03:23 | 002,097,152 | -H-- | C] () -- C:\Documents and Settings\User\NTUSER.DAT_BAK_79452
[2007.12.04 19:41:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006.05.24 07:00:48 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\CTBURST.DLL
[2006.03.02 14:00:00 | 000,096,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\atapi.sys
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2005.10.14 12:56:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2005.10.14 11:56:50 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005.07.26 23:13:12 | 000,000,214 | ---- | C] () -- C:\WINDOWS\System32\KILL.INI
[2005.06.07 15:10:50 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\CTMMACTL.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9
< End of report >

Ten druhý se nevytvořil.

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2010.04.09 19:17:27 | 000,108,032 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.28 17:52:00 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\User\Data aplikací\inst.exe
@Alternate Data Stream - 98 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9
[2009.11.09 11:27:53 | 000,000,088 | RHS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\C02060F643.sys

:Commands
[PURITY] 
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]
[REBOOT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

Obrázek

Tohle otestujte na http://www.virustotal.com/cs/
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys

(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)

Log z OTL:

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
C:\WINDOWS\LastGood.Tmp\INF folder deleted successfully.
C:\WINDOWS\LastGood.Tmp folder deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.
C:\Documents and Settings\User\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\Documents and Settings\User\Data aplikací\inst.exe moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:CB0AACC9 deleted successfully.
C:\Documents and Settings\All Users\Data aplikací\C02060F643.sys moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 431257 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: User
->Temp folder emptied: 326774 bytes
->Temporary Internet Files folder emptied: 594159 bytes
->Flash cache emptied: 2499 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 40145 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: User
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.1.1 log created on 04122010_110635

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF2AF0.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF2B29.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF2CEF.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF2CFC.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF3449.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF3501.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF36B5.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF36FD.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF3756.tmp not found!
File\Folder C:\Documents and Settings\User\Local Settings\Temp\~DF3768.tmp not found!
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\98BF3JSQ\viewtopic[1].htm moved successfully.
C:\Documents and Settings\User\Local Settings\Temporary Internet Files\Content.IE5\3SEXA1PO\afr[1].htm moved successfully.

Registry entries deleted on Reboot...

Výsledky z VirusTotalu:

File size: 2828 bytes
MD5...: 8c628f2f16da6a8e63292c6813c844b5
SHA1..: 7e2c54f51fbce290c68812c465e513e796b0efa5
SHA256: deb144910304c002eb1a44df69b5f8eb1dc943eab979527e604c0b418d03c0b3
ssdeep: 48:xzhSBXpyupSkir4BQtn+FpW4uQ5FfAOD/W2kR8zDYwcjQbspsjnGspYE0:RhS
dAiBVFpW4YG/WwwQbljnL+

PEiD..: -
PEInfo: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

Odkaz na výsledek testu: http://www.virustotal.com/cs/analisis/d ... 1271064269

Jak to vypadá s PC

Už lépe. Pokud už tam nic neni, tak by neměl být problém. Ale pro jistotu posílám ještě jeden log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by User at 2010-04-13 00:41:25
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 389 GB (82%) free of 477 GB
Total RAM: 3327 MB (84% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:41:37, on 13.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\User\Plocha\RSIT.exe
C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se6087.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 5154 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-03-21 1953792]
"CTHelper"=C:\WINDOWS\CTHELPER.EXE [2006-05-24 17920]
"AudioDrvEmulator"=C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe [2005-11-04 49152]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
"Samsung PanelMgr"=C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe [2008-02-11 536576]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoViewOnDrive"=64

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\nvsvc32.exe"="C:\WINDOWS\system32\nvsvc32.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\wbem\wmiprvse.exe"="C:\WINDOWS\system32\wbem\wmiprvse.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\PROGRA~1\COMMON~1\MICROS~1\DW\DW20.EXE"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\DW20.EXE:*:Enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\MagicTune Premium\MagicTune.exe"="C:\Program Files\MagicTune Premium\MagicTune.exe:*:Enabled:MagicTune"
"C:\Program Files\Steam\steam.exe"="C:\Program Files\Steam\steam.exe:*:Enabled:Steam 732897"
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe"="C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe"="C:\Program Files\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:@xpsp2res.dll,-22019"
"\??\C:\WINDOWS\system32\winlogon.exe"="\??\C:\WINDOWS\system32\winlogon.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\nvsvc32.exe"="C:\WINDOWS\system32\nvsvc32.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\wbem\wmiprvse.exe"="C:\WINDOWS\system32\wbem\wmiprvse.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:@xpsp2res.dll,-22019"
"C:\PROGRA~1\COMMON~1\MICROS~1\DW\DW20.EXE"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\DW20.EXE:*:Enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-04-13 00:41:25 ----D---- C:\rsit
2010-04-13 00:41:25 ----D---- C:\Program Files\trend micro
2010-04-12 11:45:36 ----D---- C:\WINDOWS\LastGood
2010-04-12 11:06:35 ----D---- C:\_OTL
2010-04-11 18:54:04 ----RD---- C:\Program Files\Steam
2010-04-05 17:30:03 ----D---- C:\WINDOWS\Minidump
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\wvc1dmod.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\sipr3260.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\Pncrt.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\drv43260.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\drv33260.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\drv23260.dll
2010-03-28 17:51:44 ----A---- C:\WINDOWS\system32\cook3260.dll
2010-03-28 17:51:38 ----RD---- C:\Program Files\VSO
2010-03-21 19:22:34 ----RD---- C:\Program Files\EA Sports
2010-03-20 16:22:42 ----RA---- C:\WINDOWS\system32\MafiaSetup.exe

======List of files/folders modified in the last 1 months======

2010-04-13 00:41:29 ----D---- C:\WINDOWS\Prefetch
2010-04-13 00:41:26 ----D---- C:\WINDOWS\temp
2010-04-13 00:41:25 ----RD---- C:\Program Files
2010-04-13 00:35:47 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-12 14:04:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-12 11:46:25 ----HD---- C:\WINDOWS\inf
2010-04-12 11:45:48 ----D---- C:\WINDOWS
2010-04-12 11:45:45 ----RSD---- C:\WINDOWS\assembly
2010-04-12 11:45:16 ----D---- C:\WINDOWS\system32\DirectX
2010-04-12 11:45:11 ----SHD---- C:\WINDOWS\Installer
2010-04-12 11:06:43 ----SHD---- C:\System Volume Information
2010-04-12 11:06:43 ----D---- C:\WINDOWS\system32\Restore
2010-04-11 20:17:48 ----RD---- C:\WINDOWS\Web
2010-04-11 20:16:38 ----A---- C:\WINDOWS\ODBCINST.INI
2010-04-11 20:15:28 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-11 20:14:44 ----D---- C:\WINDOWS\system32\ias
2010-04-11 17:36:00 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-11 17:02:16 ----D---- C:\WINDOWS\LastGood.Tmp
2010-04-11 14:07:49 ----RD---- C:\Program Files\SUPERAntiSpyware
2010-04-11 14:03:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-11 14:03:06 ----D---- C:\WINDOWS\Help
2010-04-11 13:05:15 ----RD---- C:\Program Files\Windows Live Safety Center
2010-04-07 17:25:58 ----D---- C:\Documents and Settings\User\Data aplikací\OpenOffice.org2
2010-04-06 18:42:07 ----D---- C:\WINDOWS\system32
2010-04-06 18:39:25 ----D---- C:\WINDOWS\system32\drivers
2010-04-06 18:29:43 ----RD---- C:\Program Files\ICQ7.0
2010-04-04 18:17:36 ----D---- C:\WINDOWS\system32\config
2010-04-04 17:53:29 ----RD---- C:\Program Files\CCleaner
2010-04-04 17:21:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-04-04 17:09:34 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2010-04-04 16:58:47 ----A---- C:\WINDOWS\system.ini
2010-03-31 12:09:11 ----RD---- C:\Program Files\Internet Explorer
2010-03-31 12:07:09 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-30 13:45:11 ----RD---- C:\Program Files\Fraps
2010-03-28 18:59:40 ----D---- C:\Documents and Settings\User\Data aplikací\Vso
2010-03-28 17:25:37 ----D---- C:\Documents and Settings\User\Data aplikací\ICQ
2010-03-28 13:44:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-24 20:35:12 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-03-20 18:31:51 ----A---- C:\WINDOWS\CDex.INI
2010-03-14 14:18:03 ----D---- C:\WINDOWS\Debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-02-06 93336]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/02 23:53:41]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller; C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 38656]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2006-05-24 502272]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2006-05-24 499584]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2006-05-24 7168]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2006-05-24 143872]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2006-05-24 78336]
R3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-05-24 1110016]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-25 25280]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2006-05-24 116224]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-12-02 47360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2009-01-13 19336]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2009-01-13 49160]
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S3 ar8fp6ad;ar8fp6ad; C:\WINDOWS\system32\drivers\ar8fp6ad.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2005-11-10 340704]
S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys [2008-10-24 13184]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2009-01-13 29192]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2009-01-13 14728]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-06-21 75064]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-11-24 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-11-24 360192]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216]

-----------------EOF-----------------

Stáhněte a použijte http://oldtimer.geekstogo.com/TFC.exe

Obrázek

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

Spusťte.
Klikněte na "CleanUp!". Potvrďte hlášky stiskem "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478

Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

Záložka Čistič
Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

Záložka Registry
Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít

V logu nevidím firewall, doinstalujte

Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

Vše provedeno. Jinak CCleaner používám pravidelně. Nainstaloval jsem ten firewall Sunbelt Kerio Personal Firewall a chtěl jsem se zeptat, jestli tam musím v konfiguraci něco nastavovat, nebo to mám nechat tak jak to je přednastavené. Jinak, mám poslat ještě jeden log pro kontrolu?

Podívejte se sem: http://www.viry.cz/forum/viewforum.php?f=41 Nový log není třeba.

OK. V tom případě Vám děkuji za pomoc.

Mějte se.

Nemáte zač

VIRY.CZ

Prosím o kontrolu. Děkuji.

Prosím o kontrolu. Děkuji.

Re: Prosím o kontrolu. Děkuji.

Re: Prosím o kontrolu. Děkuji.

Re: Prosím o kontrolu. Děkuji.

Re: Prosím o kontrolu. Děkuji.

Re: Prosím o kontrolu. Děkuji.

Re: Prosím o kontrolu. Děkuji.

Re: Prosím o kontrolu. Děkuji.

Re: Prosím o kontrolu. Děkuji.

Re: Prosím o kontrolu. Děkuji.

Re: Prosím o kontrolu. Děkuji.

Re: Prosím o kontrolu. Děkuji.

Re: Prosím o kontrolu. Děkuji.