Pomaly internet - virus ?

Zpráva

chup44 · #1 Příspěvek od **chup44** » 01 kvě 2011 11:49

Dobry den v piatok mi nejak zacal blbnut internet,videa na youtube idu hrozne pomaly(skoro vobec),download stale okolo 15kB/s (normalne "taha" aj 250kB/s...) a co je zvlastne ze stranky idu otvarat uplne normalne,rychlo len ten download je pomaly...Cely PC som dvakrat skontroloval ESETom,defragmentoval,preinstaloval ovladace sietovky,vymenil antenu a stale nic pritom signal je skoro plny (byvam oproti vysielacu,internet mam od jedneho sukromnika cez Wi-fi)...Stale neviem co stym je myslim si ze chyba je v PC pretoze internet uz mam 3 roky a toto sa deje uz 2 dni...Dakujem Vam za rady...

mifoIV · #2 Příspěvek od **mifoIV** » 01 kvě 2011 12:26

Dobrý deň, síce som neni radca, ale viem že najskôr treba vložiť log z RSIT http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 na základe ktorého ti budú môcť radcovia pomôcť.

chup44 · #3 Příspěvek od **chup44** » 01 kvě 2011 12:31

Dakujem za upozornenie...

Logfile of random's system information tool 1.08 (written by random/random)
Run by NEXT at 2011-05-01 13:28:27
Microsoft Windows 7 Ultimate
System drive C: has 115 GB (19%) free of 607 GB
Total RAM: 3327 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:29:01, on 1. 5. 2011
Platform: Windows 7 (WinNT 6.00.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TP-LINK\TWCU\TWCU.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Razer\Diamondback 3G\razerhid.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Razer\Diamondback 3G\razertra.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Razer\Diamondback 3G\razerofa.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Defraggler\Defraggler.exe
C:\Users\NEXT\Desktop\RSIT.exe
C:\Program Files\trend micro\NEXT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback 3G\razerhid.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\NEXT\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\Windows\system32\acs.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\System32\bgsvcgen.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe

--
End of file - 8059 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3150069584-2737004767-2401210282-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3150069584-2737004767-2401210282-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-07-31 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2009-03-10 2079256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2009-03-10 2079256]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TWCU"=C:\Program Files\TP-LINK\TWCU\TWCU.exe [2006-03-29 364544]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"TaskTray"= []
"Diamondback"=C:\Program Files\Razer\Diamondback 3G\razerhid.exe [2010-04-28 228352]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-09 336384]
"reset"=regedit /s reset.reg []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-01-12 2219184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-22 1174016]
"Google Update"=C:\Users\NEXT\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-03 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-16 1164584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
C:\Program Files\Logitech\Logitech Vid\vid.exe [2009-07-16 5458704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2008-07-31 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2011-04-10 399736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Windows.old\Program Files\Winamp\winampa.exe [2008-04-01 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 4.0 HD Edition.lnk]
C:\PROGRA~1\PANASO~1\PHOTOF~1.0HD\AUTOST~1.EXE [2009-10-01 146360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^NEXT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrácia výrobku.lnk]
C:\PROGRA~1\Logitech\LOGITE~1\eReg.exe [2009-10-14 517384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll [2009-04-22 236032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"NoResolveTrack"=1
"NoDriveTypeAutoRun"=145
"NoSMBalloonTip"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-05-01 11:43:04 ----D---- C:\Program Files\trend micro
2011-05-01 11:43:03 ----D---- C:\rsit
2011-05-01 00:06:06 ----D---- C:\Qoobox
2011-04-30 23:57:14 ----D---- C:\Program Files\Yamicsoft
2011-04-30 23:44:56 ----D---- C:\Program Files\Defraggler
2011-04-30 23:31:37 ----A---- C:\Windows\system32\drivers\athr.sys
2011-04-30 23:31:37 ----A---- C:\Windows\system32\athr.sys
2011-04-30 23:31:15 ----D---- C:\ProgramData\TP-LINK
2011-04-22 21:36:56 ----D---- C:\ProgramData\Solidshield
2011-04-21 14:19:55 ----D---- C:\Program Files\Magical Jelly Bean
2011-04-17 09:22:16 ----D---- C:\Program Files\ESET
2011-04-16 16:17:05 ----D---- C:\Users\NEXT\AppData\Roaming\ESET
2011-04-16 15:39:13 ----D---- C:\Symbols
2011-04-16 15:14:16 ----D---- C:\ProgramData\Windows Genuine Advantage
2011-04-11 22:36:57 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2011-04-10 22:26:36 ----D---- C:\ProgramData\ATI
2011-04-10 22:26:04 ----D---- C:\Program Files\AMD APP
2011-04-10 22:13:24 ----D---- C:\Users\NEXT\AppData\Roaming\Leadertech
2011-04-10 22:09:12 ----A---- C:\Windows\system32\LVUI2RC.dll
2011-04-10 22:09:12 ----A---- C:\Windows\system32\LVUI2.dll
2011-04-10 22:09:12 ----A---- C:\Windows\system32\lvcoinst.ini
2011-04-10 22:09:12 ----A---- C:\Windows\system32\LVCodec2.dll
2011-04-10 22:09:12 ----A---- C:\Windows\system32\lvci1201278.dll
2011-04-10 22:09:12 ----A---- C:\Windows\system32\drivers\lvrs.sys
2011-04-10 22:09:11 ----A---- C:\Windows\system32\drivers\lv302af.sys
2011-04-10 22:08:31 ----D---- C:\ProgramData\LogiShrd
2011-04-10 22:08:30 ----D---- C:\Program Files\Logitech
2011-04-10 22:05:39 ----D---- C:\Program Files\Intel
2011-04-10 22:05:39 ----A---- C:\Windows\system32\CSVer.dll
2011-04-10 22:02:32 ----D---- C:\Windows\system32\nn-NO
2011-04-10 22:02:32 ----D---- C:\Program Files\Atheros
2011-04-10 22:02:32 ----A---- C:\Windows\system32\athihvui.dll
2011-04-10 22:02:32 ----A---- C:\Windows\system32\athihvs.dll
2011-04-10 22:02:10 ----D---- C:\ProgramData\Atheros
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RtkHDMI.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RTEEP32H.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RTEEL32H.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RTEEG32H.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RTEED32H.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RHDMIExt.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RHCoInst.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RH3DHT32.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RH3DAA32.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\drivers\RtHDMIV.sys
2011-04-10 21:51:56 ----A---- C:\Windows\DIFxAPI.dll
2011-04-10 21:51:53 ----A---- C:\Windows\system32\RtkAPO.dll
2011-04-10 21:51:44 ----D---- C:\Program Files\Realtek
2011-04-10 21:51:41 ----A---- C:\Windows\RtlExUpd.dll
2011-04-10 21:49:30 ----D---- C:\Windows\system32\Atheros_L1e
2011-04-09 17:20:41 ----D---- C:\Program Files\Driver-Soft
2011-04-08 16:42:21 ----D---- C:\Users\NEXT\AppData\Roaming\Command & Conquer 3 Kane's Wrath
2011-04-08 12:20:14 ----D---- C:\tmpDownload
2011-04-08 12:20:14 ----D---- C:\Download
2011-04-08 12:20:12 ----D---- C:\YoutubeMusicDownloader
2011-04-03 16:08:49 ----D---- C:\Windows\pss
2011-04-03 11:25:22 ----D---- C:\Program Files\Google

======List of files/folders modified in the last 1 months======

2011-05-01 13:29:01 ----D---- C:\Windows\Temp
2011-05-01 12:30:24 ----D---- C:\Windows\system32\config
2011-05-01 12:13:28 ----D---- C:\Windows\System32
2011-05-01 12:13:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-01 11:43:04 ----RD---- C:\Program Files
2011-05-01 11:27:04 ----SHD---- C:\Windows\Installer
2011-05-01 11:21:45 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 8
2011-05-01 11:21:45 ----D---- C:\Program Files\Mozilla Firefox
2011-05-01 10:43:39 ----D---- C:\Windows
2011-05-01 00:06:33 ----D---- C:\Windows\system32\drivers
2011-04-30 23:58:15 ----SHD---- C:\System Volume Information
2011-04-30 23:57:22 ----D---- C:\Config.Msi
2011-04-30 23:57:16 ----SD---- C:\Users\NEXT\AppData\Roaming\Microsoft
2011-04-30 23:32:46 ----D---- C:\Windows\Prefetch
2011-04-30 23:32:29 ----D---- C:\Windows\inf
2011-04-30 23:32:25 ----D---- C:\Windows\system32\catroot
2011-04-30 23:32:24 ----D---- C:\Windows\system32\DriverStore
2011-04-30 23:31:37 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-30 23:31:15 ----HD---- C:\ProgramData
2011-04-30 22:54:46 ----D---- C:\sysreset
2011-04-30 22:37:50 ----D---- C:\Users\NEXT\AppData\Roaming\Skype
2011-04-30 19:04:20 ----D---- C:\Users\NEXT\AppData\Roaming\skypePM
2011-04-30 16:25:44 ----D---- C:\Windows\system32\catroot2
2011-04-30 14:38:45 ----D---- C:\Program Files\Acez 3D Pic Cube Screen Saver 2.0
2011-04-30 13:51:59 ----A---- C:\Windows\NeroDigital.ini
2011-04-26 14:58:31 ----D---- C:\Program Files\SpeedFan
2011-04-24 19:05:40 ----D---- C:\Users\NEXT\AppData\Roaming\uTorrent
2011-04-22 22:33:41 ----D---- C:\Program Files\Sega
2011-04-22 22:31:21 ----D---- C:\Program Files\Codemasters
2011-04-22 21:38:17 ----D---- C:\Program Files\Electronic Arts
2011-04-21 23:18:30 ----D---- C:\Program Files\Microsoft Silverlight
2011-04-21 17:44:23 ----A---- C:\Windows\system32\PnkBstrB.exe
2011-04-17 18:08:24 ----D---- C:\Program Files\NVIDIA Corporation
2011-04-17 18:08:23 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-04-16 16:16:12 ----D---- C:\ProgramData\ESET
2011-04-16 15:22:16 ----D---- C:\ZALOHA!!!§
2011-04-16 14:23:22 ----D---- C:\Windows\winsxs
2011-04-16 14:12:13 ----D---- C:\ProgramData\Microsoft Help
2011-04-10 22:29:58 ----D---- C:\Program Files\Java
2011-04-10 22:25:40 ----D---- C:\Program Files\ATI Technologies
2011-04-10 22:10:26 ----D---- C:\Program Files\Common Files\logishrd
2011-04-10 22:02:32 ----D---- C:\Windows\system32\zh-TW
2011-04-10 22:02:32 ----D---- C:\Windows\system32\zh-CN
2011-04-10 22:02:32 ----D---- C:\Windows\system32\tr-TR
2011-04-10 22:02:32 ----D---- C:\Windows\system32\sv-SE
2011-04-10 22:02:32 ----D---- C:\Windows\system32\ru-RU
2011-04-10 22:02:32 ----D---- C:\Windows\system32\pt-PT
2011-04-10 22:02:32 ----D---- C:\Windows\system32\pl-PL
2011-04-10 22:02:32 ----D---- C:\Windows\system32\nl-NL
2011-04-10 22:02:32 ----D---- C:\Windows\system32\ko-KR
2011-04-10 22:02:32 ----D---- C:\Windows\system32\ja-JP
2011-04-10 22:02:32 ----D---- C:\Windows\system32\it-IT
2011-04-10 22:02:32 ----D---- C:\Windows\system32\hu-HU
2011-04-10 22:02:32 ----D---- C:\Windows\system32\fr-FR
2011-04-10 22:02:32 ----D---- C:\Windows\system32\fi-FI
2011-04-10 22:02:32 ----D---- C:\Windows\system32\es-ES
2011-04-10 22:02:32 ----D---- C:\Windows\system32\en-US
2011-04-10 22:02:32 ----D---- C:\Windows\system32\el-GR
2011-04-10 22:02:32 ----D---- C:\Windows\system32\de-DE
2011-04-10 22:02:32 ----D---- C:\Windows\system32\da-DK
2011-04-10 22:02:32 ----D---- C:\Windows\system32\cs-CZ
2011-04-09 17:27:17 ----D---- C:\Program Files\Valve
2011-04-09 17:26:48 ----D---- C:\Program Files\Futuremark
2011-04-09 14:01:13 ----D---- C:\Program Files\Ubisoft
2011-04-09 14:01:05 ----D---- C:\ProgramData\Media Center Programs
2011-04-03 11:25:27 ----D---- C:\Windows\Tasks
2011-04-03 11:25:27 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 mv61xx;mv61xx; C:\Windows\system32\DRIVERS\mv61xx.sys [2011-02-09 159536]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-04-22 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-04-22 173648]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-07-02 721904]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-04-22 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2009-02-10 82320]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-04-22 48128]
R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-12-21 137144]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-12-21 134000]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-12-21 41336]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-22 117248]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-09 7723008]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-09 239616]
R3 athr;Extensible Wireless LAN device driver for Windows 7; C:\Windows\system32\DRIVERS\athr.sys [2010-05-27 1227776]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-12-21 33120]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x86.sys [2010-03-29 55848]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2009-05-01 265496]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-08-19 47360]
R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2009-05-01 13976]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2009-05-01 2687512]
R3 Razerlow;Diamondback 3G USB Filter Driver; C:\Windows\System32\Drivers\DB3G.sys [2005-04-24 13225]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2010-11-23 263464]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-04-22 8704]
S3 a20xjodn;a20xjodn; C:\Windows\system32\drivers\a20xjodn.sys []
S3 ahs0vpp5;ahs0vpp5; C:\Windows\system32\drivers\ahs0vpp5.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-04-22 70736]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-04-22 53328]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-09 7723008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-04-22 229888]
S3 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x32.sys [2009-03-27 12672]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-04-22 27672]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-01-24 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-01-24 25512]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2007-11-06 34064]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-04-22 133120]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\Windows\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\Windows\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\Windows\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-04-22 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-04-22 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-04-22 28240]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-04-22 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-04-22 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-04-22 52736]
S3 vmbus;vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [2009-04-22 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-04-22 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-04-22 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-09 176128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\System32\bgsvcgen.exe [2007-06-15 145504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-01-12 810144]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-07-26 66872]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 ACS;TP-LINK Configuration Service; C:\Windows\system32\acs.exe [2005-12-30 36864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-03 136176]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-04-04 32104]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 33584]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-12-14 128928]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-07-14 66056]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-21 1343400]

-----------------EOF-----------------

#4 Příspěvek od **Márty84** » 01 kvě 2011 13:18

Zdravim

Taky nejsem radce, ale abych vam usetril cas, neco vam poradim. Krom potvurky jde v logu videt i nastroj, ktery se pouziva napriklad k nelegalnimu prodluzovani licence Esetu. Takze dotaz radce bude nasledujici. Mate Eset legalne? Pokud ne, odinstalujte ho a nainstalujte free antivir, nejlepe Avast, nebo Aviru a dejte novy log RSIT

Preji hezky den

chup44 · #5 Příspěvek od **chup44** » 01 kvě 2011 13:40

Nech sa páči

Logfile of random's system information tool 1.08 (written by random/random)
Run by NEXT at 2011-05-01 14:39:15
Microsoft Windows 7 Ultimate
System drive C: has 122 GB (20%) free of 607 GB
Total RAM: 3327 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:39:45, on 1. 5. 2011
Platform: Windows 7 (WinNT 6.00.3004)
MSIE: Internet Explorer v8.00 (8.00.7100.0000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\TP-LINK\TWCU\TWCU.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Razer\Diamondback 3G\razerhid.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Razer\Diamondback 3G\razertra.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Razer\Diamondback 3G\razerofa.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
E:\Software\Bezpečnosť\Spyware Terminator 2.3.0.507\SpywareTerminator.exe
C:\Users\NEXT\AppData\Local\Temp\is-6BA43.tmp\SpywareTerminator.tmp
C:\program files\avira\antivir personaledition classic\avcenter.exe
C:\Users\NEXT\Desktop\RSIT.exe
C:\Program Files\trend micro\NEXT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback 3G\razerhid.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\NEXT\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\Windows\system32\acs.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\Windows\System32\bgsvcgen.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe

--
End of file - 8310 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3150069584-2737004767-2401210282-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3150069584-2737004767-2401210282-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-07-31 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2009-03-10 2079256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfree.dll [2009-03-10 2079256]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TWCU"=C:\Program Files\TP-LINK\TWCU\TWCU.exe [2006-03-29 364544]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"TaskTray"= []
"Diamondback"=C:\Program Files\Razer\Diamondback 3G\razerhid.exe [2010-04-28 228352]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-09 336384]
"reset"=regedit /s reset.reg []
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-22 1174016]
"Google Update"=C:\Users\NEXT\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-03 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-16 1164584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
C:\Program Files\Logitech\Logitech Vid\vid.exe [2009-07-16 5458704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2008-07-31 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2011-04-10 399736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Windows.old\Program Files\Winamp\winampa.exe [2008-04-01 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 4.0 HD Edition.lnk]
C:\PROGRA~1\PANASO~1\PHOTOF~1.0HD\AUTOST~1.EXE [2009-10-01 146360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^NEXT^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrácia výrobku.lnk]
C:\PROGRA~1\Logitech\LOGITE~1\eReg.exe [2009-10-14 517384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll [2009-04-22 236032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
"NoResolveTrack"=1
"NoDriveTypeAutoRun"=145
"NoSMBalloonTip"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-05-01 14:34:01 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2011-05-01 14:34:00 ----D---- C:\ProgramData\Avira
2011-05-01 14:34:00 ----D---- C:\Program Files\Avira
2011-05-01 14:34:00 ----A---- C:\Windows\system32\drivers\avipbb.sys
2011-05-01 11:43:04 ----D---- C:\Program Files\trend micro
2011-05-01 11:43:03 ----D---- C:\rsit
2011-05-01 00:06:06 ----D---- C:\Qoobox
2011-04-30 23:57:14 ----D---- C:\Program Files\Yamicsoft
2011-04-30 23:44:56 ----D---- C:\Program Files\Defraggler
2011-04-30 23:31:37 ----A---- C:\Windows\system32\drivers\athr.sys
2011-04-30 23:31:37 ----A---- C:\Windows\system32\athr.sys
2011-04-30 23:31:15 ----D---- C:\ProgramData\TP-LINK
2011-04-22 21:36:56 ----D---- C:\ProgramData\Solidshield
2011-04-21 14:19:55 ----D---- C:\Program Files\Magical Jelly Bean
2011-04-16 16:17:05 ----D---- C:\Users\NEXT\AppData\Roaming\ESET
2011-04-16 15:39:13 ----D---- C:\Symbols
2011-04-16 15:14:16 ----D---- C:\ProgramData\Windows Genuine Advantage
2011-04-11 22:36:57 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2011-04-10 22:26:36 ----D---- C:\ProgramData\ATI
2011-04-10 22:26:04 ----D---- C:\Program Files\AMD APP
2011-04-10 22:13:24 ----D---- C:\Users\NEXT\AppData\Roaming\Leadertech
2011-04-10 22:09:12 ----A---- C:\Windows\system32\LVUI2RC.dll
2011-04-10 22:09:12 ----A---- C:\Windows\system32\LVUI2.dll
2011-04-10 22:09:12 ----A---- C:\Windows\system32\lvcoinst.ini
2011-04-10 22:09:12 ----A---- C:\Windows\system32\LVCodec2.dll
2011-04-10 22:09:12 ----A---- C:\Windows\system32\lvci1201278.dll
2011-04-10 22:09:12 ----A---- C:\Windows\system32\drivers\lvrs.sys
2011-04-10 22:09:11 ----A---- C:\Windows\system32\drivers\lv302af.sys
2011-04-10 22:08:31 ----D---- C:\ProgramData\LogiShrd
2011-04-10 22:08:30 ----D---- C:\Program Files\Logitech
2011-04-10 22:05:39 ----D---- C:\Program Files\Intel
2011-04-10 22:05:39 ----A---- C:\Windows\system32\CSVer.dll
2011-04-10 22:02:32 ----D---- C:\Windows\system32\nn-NO
2011-04-10 22:02:32 ----D---- C:\Program Files\Atheros
2011-04-10 22:02:32 ----A---- C:\Windows\system32\athihvui.dll
2011-04-10 22:02:32 ----A---- C:\Windows\system32\athihvs.dll
2011-04-10 22:02:10 ----D---- C:\ProgramData\Atheros
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RtkHDMI.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RTEEP32H.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RTEEL32H.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RTEEG32H.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RTEED32H.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RHDMIExt.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RHCoInst.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RH3DHT32.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\RH3DAA32.dll
2011-04-10 21:59:25 ----A---- C:\Windows\system32\drivers\RtHDMIV.sys
2011-04-10 21:51:56 ----A---- C:\Windows\DIFxAPI.dll
2011-04-10 21:51:53 ----A---- C:\Windows\system32\RtkAPO.dll
2011-04-10 21:51:44 ----D---- C:\Program Files\Realtek
2011-04-10 21:51:41 ----A---- C:\Windows\RtlExUpd.dll
2011-04-10 21:49:30 ----D---- C:\Windows\system32\Atheros_L1e
2011-04-09 17:20:41 ----D---- C:\Program Files\Driver-Soft
2011-04-08 16:42:21 ----D---- C:\Users\NEXT\AppData\Roaming\Command & Conquer 3 Kane's Wrath
2011-04-08 12:20:14 ----D---- C:\tmpDownload
2011-04-08 12:20:14 ----D---- C:\Download
2011-04-08 12:20:12 ----D---- C:\YoutubeMusicDownloader
2011-04-03 16:08:49 ----D---- C:\Windows\pss
2011-04-03 11:25:22 ----D---- C:\Program Files\Google

======List of files/folders modified in the last 1 months======

2011-05-01 14:38:29 ----D---- C:\Windows\Temp
2011-05-01 14:36:47 ----D---- C:\Windows\system32\config
2011-05-01 14:34:01 ----D---- C:\Windows\system32\drivers
2011-05-01 14:34:00 ----RD---- C:\Program Files
2011-05-01 14:34:00 ----HD---- C:\ProgramData
2011-05-01 14:33:41 ----SHD---- C:\System Volume Information
2011-05-01 14:24:00 ----D---- C:\Program Files\Mozilla Firefox
2011-05-01 14:23:02 ----D---- C:\Config.Msi
2011-05-01 14:20:10 ----SHD---- C:\Windows\Installer
2011-05-01 14:20:00 ----D---- C:\ProgramData\ESET
2011-05-01 14:19:54 ----D---- C:\Windows\system32\DriverStore
2011-05-01 14:19:54 ----D---- C:\Windows\system32\catroot
2011-05-01 14:19:53 ----D---- C:\Windows\inf
2011-05-01 14:14:42 ----D---- C:\Program Files\SpeedFan
2011-05-01 12:13:28 ----D---- C:\Windows\System32
2011-05-01 12:13:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-01 11:21:45 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 8
2011-05-01 10:43:39 ----D---- C:\Windows
2011-04-30 23:57:16 ----SD---- C:\Users\NEXT\AppData\Roaming\Microsoft
2011-04-30 23:32:46 ----D---- C:\Windows\Prefetch
2011-04-30 23:31:37 ----HD---- C:\Program Files\InstallShield Installation Information
2011-04-30 22:54:46 ----D---- C:\sysreset
2011-04-30 22:37:50 ----D---- C:\Users\NEXT\AppData\Roaming\Skype
2011-04-30 19:04:20 ----D---- C:\Users\NEXT\AppData\Roaming\skypePM
2011-04-30 16:25:44 ----D---- C:\Windows\system32\catroot2
2011-04-30 14:38:45 ----D---- C:\Program Files\Acez 3D Pic Cube Screen Saver 2.0
2011-04-30 13:51:59 ----A---- C:\Windows\NeroDigital.ini
2011-04-24 19:05:40 ----D---- C:\Users\NEXT\AppData\Roaming\uTorrent
2011-04-22 22:33:41 ----D---- C:\Program Files\Sega
2011-04-22 22:31:21 ----D---- C:\Program Files\Codemasters
2011-04-22 21:38:17 ----D---- C:\Program Files\Electronic Arts
2011-04-21 23:18:30 ----D---- C:\Program Files\Microsoft Silverlight
2011-04-21 17:44:23 ----A---- C:\Windows\system32\PnkBstrB.exe
2011-04-17 18:08:24 ----D---- C:\Program Files\NVIDIA Corporation
2011-04-17 18:08:23 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-04-16 15:22:16 ----D---- C:\ZALOHA!!!§
2011-04-16 14:23:22 ----D---- C:\Windows\winsxs
2011-04-16 14:12:13 ----D---- C:\ProgramData\Microsoft Help
2011-04-10 22:29:58 ----D---- C:\Program Files\Java
2011-04-10 22:25:40 ----D---- C:\Program Files\ATI Technologies
2011-04-10 22:10:26 ----D---- C:\Program Files\Common Files\logishrd
2011-04-10 22:02:32 ----D---- C:\Windows\system32\zh-TW
2011-04-10 22:02:32 ----D---- C:\Windows\system32\zh-CN
2011-04-10 22:02:32 ----D---- C:\Windows\system32\tr-TR
2011-04-10 22:02:32 ----D---- C:\Windows\system32\sv-SE
2011-04-10 22:02:32 ----D---- C:\Windows\system32\ru-RU
2011-04-10 22:02:32 ----D---- C:\Windows\system32\pt-PT
2011-04-10 22:02:32 ----D---- C:\Windows\system32\pl-PL
2011-04-10 22:02:32 ----D---- C:\Windows\system32\nl-NL
2011-04-10 22:02:32 ----D---- C:\Windows\system32\ko-KR
2011-04-10 22:02:32 ----D---- C:\Windows\system32\ja-JP
2011-04-10 22:02:32 ----D---- C:\Windows\system32\it-IT
2011-04-10 22:02:32 ----D---- C:\Windows\system32\hu-HU
2011-04-10 22:02:32 ----D---- C:\Windows\system32\fr-FR
2011-04-10 22:02:32 ----D---- C:\Windows\system32\fi-FI
2011-04-10 22:02:32 ----D---- C:\Windows\system32\es-ES
2011-04-10 22:02:32 ----D---- C:\Windows\system32\en-US
2011-04-10 22:02:32 ----D---- C:\Windows\system32\el-GR
2011-04-10 22:02:32 ----D---- C:\Windows\system32\de-DE
2011-04-10 22:02:32 ----D---- C:\Windows\system32\da-DK
2011-04-10 22:02:32 ----D---- C:\Windows\system32\cs-CZ
2011-04-09 17:27:17 ----D---- C:\Program Files\Valve
2011-04-09 17:26:48 ----D---- C:\Program Files\Futuremark
2011-04-09 14:01:13 ----D---- C:\Program Files\Ubisoft
2011-04-09 14:01:05 ----D---- C:\ProgramData\Media Center Programs
2011-04-03 11:25:27 ----D---- C:\Windows\Tasks
2011-04-03 11:25:27 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 mv61xx;mv61xx; C:\Windows\system32\DRIVERS\mv61xx.sys [2011-02-09 159536]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-04-22 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-04-22 173648]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-07-02 721904]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys [2007-02-27 11840]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2006-02-20 33408]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-04-22 387584]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys [2009-02-10 82320]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-04-22 48128]
R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-22 117248]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-09 7723008]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-09 239616]
R3 athr;Extensible Wireless LAN device driver for Windows 7; C:\Windows\system32\DRIVERS\athr.sys [2010-05-27 1227776]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys [2008-05-20 52032]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x86.sys [2010-03-29 55848]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2009-05-01 265496]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-07-16 13216]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-08-19 47360]
R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2009-05-01 13976]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2009-05-01 2687512]
R3 Razerlow;Diamondback 3G USB Filter Driver; C:\Windows\System32\Drivers\DB3G.sys [2005-04-24 13225]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2010-11-23 263464]
S1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-04-22 8704]
S3 a45i1o8o;a45i1o8o; C:\Windows\system32\drivers\a45i1o8o.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-04-22 70736]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-04-22 53328]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-09 7723008]
S3 ayu8tz12;ayu8tz12; C:\Windows\system32\drivers\ayu8tz12.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-04-22 229888]
S3 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x32.sys [2009-03-27 12672]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-04-22 27672]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-01-24 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-01-24 25512]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2007-11-06 34064]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-04-22 133120]
S3 s116bus;Sony Ericsson Device 116 driver (WDM); C:\Windows\system32\DRIVERS\s116bus.sys [2007-04-03 83336]
S3 s116mdfl;Sony Ericsson Device 116 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s116mdfl.sys [2007-04-03 15112]
S3 s116mdm;Sony Ericsson Device 116 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s116mdm.sys [2007-04-03 108680]
S3 s116mgmt;Sony Ericsson Device 116 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s116mgmt.sys [2007-04-03 100488]
S3 s116nd5;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (NDIS); C:\Windows\system32\DRIVERS\s116nd5.sys [2007-04-03 23176]
S3 s116obex;Sony Ericsson Device 116 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s116obex.sys [2007-04-03 98696]
S3 s116unic;Sony Ericsson Device 116 USB Ethernet Emulation SEMC116 (WDM); C:\Windows\system32\DRIVERS\s116unic.sys [2007-04-03 99080]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-04-22 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-04-22 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-04-22 28240]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-04-22 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-04-22 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-04-22 52736]
S3 vmbus;vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [2009-04-22 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-04-22 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-04-22 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-09 176128]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\Windows\System32\bgsvcgen.exe [2007-06-15 145504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-04-22 20992]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-07-26 66872]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 ACS;TP-LINK Configuration Service; C:\Windows\system32\acs.exe [2005-12-30 36864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-04-03 136176]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-04-22 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-04-04 32104]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-12-14 128928]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-07-14 66056]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-04-22 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-21 1343400]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 01 kvě 2011 15:24

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

chup44 · #7 Příspěvek od **chup44** » 02 kvě 2011 07:08

Ten ComboFix som nemohol rozbehat na windows 7 (spustil som ako spravca) a stale pisalo ze nejde spustit lebo ide AVG a pritom ziadne AVG som v PC nikdy nemal,jedine Aviru a tu som odstranil,takisto Spyware terminator a este PC tools firewall tak neviem...teraz som na intraku v piatok mi to snad pojde...
Este prikladam zostavu ci to nahodou nieje HW chyba ale to pochybujem...i ked vsetko je mozne

CPU: Intel Core 2 Duo E7200 2,56Ghz @ 3,2Ghz
CPU FAN: AC Freezer 7
MB: ASUS P5Q
VGA: HD4870 Vapor-x 1Gb
RAM: Kingston 4x2Gb 667mhz
HDD: Samsung 640Gb + NEXUS DiskTwin,Seagate 120Gb
PSU: Fortron 700W Epsilon + Airen Red Wings 120 Deluxe

#8 Příspěvek od **Rudy** » 02 kvě 2011 18:17

Patrně tam někdy AVG byl a něco po ně zbylo v registry. S AVG v PC CF nejede. Zkuste použí AVG uninstaller: http://www.downv.com/Windows-software-d ... ninstaller .

VIRY.CZ

Pomaly internet - virus ?

Pomaly internet - virus ?

Re: Pomaly internet - virus ?

Re: Pomaly internet - virus ?

Re: Pomaly internet - virus ?

Re: Pomaly internet - virus ?

Re: Pomaly internet - virus ?

Re: Pomaly internet - virus ?

Re: Pomaly internet - virus ?