prosím o kontrolu

[Geneiken]

Prosím o skontrolování logu, díky.



Logfile of random's system information tool 1.06 (written by random/random)
Run by NB at 2010-03-01 23:52:28
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 7 GB (9%) free of 71 GB
Total RAM: 1790 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:52:33, on 1.3.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
D:\Valve\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Miranda IM KP v5.0.8.5\miranda32.exe
C:\Users\NB\Downloads\RSIT.exe
C:\Program Files\trend micro\NB.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.forex-finance-trading.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.forex-finance-trading.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: BS Player Toolbar - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\tbBS_P.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RGSC] D:\Valve\SteamApps\common\grand theft auto iv\RGSC\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Registration Assassin.LNK = C:\Program Files\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download Using &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

--
End of file - 8171 bytes

======Scheduled tasks folder======

C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job
C:\Windows\tasks\User_Feed_Synchronization-{754A4407-6A9B-4CEE-979E-018E7DBA2EB0}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-11-04 62784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\progra~1\mcafee\sitead~1\mcieplg.dll [2009-12-14 204048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-08 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
BS Player Toolbar - C:\Program Files\BS_Player\tbBS_P.dll [2009-03-10 2079256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-08-26 279944]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - BS Player Toolbar - C:\Program Files\BS_Player\tbBS_P.dll [2009-03-10 2079256]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\progra~1\mcafee\sitead~1\mcieplg.dll [2009-12-14 204048]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2007-01-20 200704]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-08 148888]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"QuickTime Task"=C:\Program Files\VistaCodecPack\QT\QTTask.exe [2009-09-05 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-21 305440]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-10-29 1218008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"RGSC"=D:\Valve\SteamApps\common\grand theft auto iv\RGSC\RGSCLauncher.exe [2009-12-24 306088]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

C:\Users\NB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Registration Assassin.LNK - C:\Program Files\Ubisoft\Assassin's Creed\Register\RegistrationReminder.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ee99209-2345-11de-bd73-d5f28b284985}]
shell\AutoRun\command - uxkktr.cmd
shell\explore\command - uxkktr.cmd
shell\open\command - uxkktr.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c47a7f8a-5844-11de-82cb-001d72d03531}]
shell\AutoRun\command - G:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ebd63699-a12a-11de-9fc5-001d72d03531}]
shell\AutoRun\command - I:\USBAutoRun.exe


======List of files/folders created in the last 1 months======

2010-03-01 23:36:42 ----D---- C:\Program Files\trend micro
2010-03-01 23:36:40 ----D---- C:\rsit
2010-02-24 15:26:35 ----A---- C:\Windows\system32\tzres.dll
2010-02-24 15:24:36 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-24 15:24:36 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-24 15:24:35 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-24 15:24:35 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-24 15:24:34 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-24 15:24:34 ----A---- C:\Windows\system32\secproc.dll
2010-02-24 15:24:32 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-24 15:24:32 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-24 15:24:31 ----A---- C:\Windows\system32\msdrm.dll
2010-02-19 14:20:21 ----D---- C:\ProgramData\FLEXnet
2010-02-18 20:57:31 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-02-15 20:27:41 ----D---- C:\Program Files\ReStoring Data
2010-02-14 15:35:15 ----D---- C:\podbot
2010-02-14 14:16:03 ----D---- C:\server
2010-02-14 13:48:09 ----D---- C:\Users\NB\AppData\Roaming\GHISLER
2010-02-14 13:48:09 ----D---- C:\totalcmd
2010-02-14 13:32:17 ----SD---- C:\Program Files\HLSW
2010-02-14 13:32:17 ----D---- C:\Users\NB\AppData\Roaming\HLSW
2010-02-14 11:36:13 ----D---- C:\ProgramData\Google
2010-02-14 11:31:33 ----D---- C:\Program Files\Common Files\McAfee
2010-02-14 11:31:30 ----D---- C:\Program Files\McAfee.com
2010-02-14 11:31:26 ----D---- C:\Program Files\McAfee
2010-02-14 11:20:09 ----D---- C:\ProgramData\McAfee
2010-02-13 12:05:49 ----D---- C:\Program Files\WEBZEN
2010-02-13 12:05:49 ----A---- C:\Windows\system32\CMStarterCore.exe
2010-02-13 12:05:49 ----A---- C:\Windows\system32\CMStarter_Kor.dll
2010-02-13 12:05:49 ----A---- C:\Windows\system32\CMStarter_Eng.dll
2010-02-12 18:43:50 ----AD---- C:\ProgramData\TEMP
2010-02-11 16:21:37 ----D---- C:\Program Files\sun
2010-02-10 19:37:34 ----D---- C:\Program Files\Common Files\Skype
2010-02-10 11:24:53 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 11:24:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 11:24:28 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 11:24:27 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 11:24:27 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 11:24:27 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 11:24:27 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 11:24:27 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 11:24:26 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 11:24:26 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 11:24:26 ----A---- C:\Windows\system32\avifil32.dll
2010-02-10 11:24:26 ----A---- C:\Windows\system32\avicap32.dll
2010-02-06 09:33:41 ----D---- C:\ProgramData\Blizzard Entertainment
2010-02-05 20:06:48 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-02-05 20:06:35 ----D---- C:\ProgramData\Blizzard
2010-02-05 19:37:27 ----A---- C:\Windows\system32\msvcr90.dll
2010-02-05 19:37:18 ----D---- C:\Program Files\Miranda IM KP v5.0.8.5

======List of files/folders modified in the last 1 months======

2010-03-01 23:52:30 ----D---- C:\Windows\Temp
2010-03-01 23:46:03 ----D---- C:\Windows\Prefetch
2010-03-01 23:36:42 ----RD---- C:\Program Files
2010-03-01 18:19:16 ----SHD---- C:\System Volume Information
2010-03-01 10:18:16 ----D---- C:\Windows
2010-02-28 00:49:32 ----D---- C:\Program Files\Warcraft III
2010-02-27 21:08:40 ----D---- C:\Program Files\Garena
2010-02-26 12:06:18 ----D---- C:\Program Files\Mozilla Firefox
2010-02-26 07:42:26 ----D---- C:\Windows\System32
2010-02-26 07:42:26 ----D---- C:\Windows\inf
2010-02-26 07:42:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-02-25 20:06:27 ----D---- C:\Program Files\Common Files\Steam
2010-02-25 19:47:17 ----D---- C:\Windows\rescache
2010-02-25 19:25:42 ----D---- C:\Windows\system32\cs-CZ
2010-02-25 19:25:39 ----RSD---- C:\Windows\Fonts
2010-02-25 15:21:54 ----D---- C:\Windows\winsxs
2010-02-25 15:17:28 ----D---- C:\Windows\system32\catroot
2010-02-24 15:22:55 ----D---- C:\Windows\system32\catroot2
2010-02-24 09:16:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-02-23 15:20:06 ----D---- C:\Windows\system32\drivers
2010-02-23 13:16:07 ----D---- C:\Program Files\JDownloader
2010-02-22 20:54:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-20 01:22:38 ----D---- C:\Users\NB\AppData\Roaming\gtk-2.0
2010-02-19 22:02:38 ----D---- C:\Users\NB\AppData\Roaming\Adobe
2010-02-19 14:20:21 ----HD---- C:\ProgramData
2010-02-18 21:22:49 ----SHD---- C:\Windows\Installer
2010-02-18 21:20:32 ----D---- C:\Program Files\Adobe
2010-02-18 21:18:49 ----D---- C:\ProgramData\Adobe
2010-02-18 21:17:56 ----D---- C:\Program Files\Common Files\Adobe
2010-02-18 20:57:31 ----D---- C:\Program Files\Common Files
2010-02-16 19:07:23 ----D---- C:\Users\NB\AppData\Roaming\ICQ
2010-02-14 11:47:21 ----D---- C:\Windows\system32\oobe
2010-02-14 11:36:13 ----D---- C:\Program Files\Google
2010-02-14 11:36:12 ----D---- C:\Windows\Tasks
2010-02-14 11:32:01 ----D---- C:\Windows\system32\Tasks
2010-02-13 12:05:49 ----SD---- C:\Windows\Downloaded Program Files
2010-02-12 17:09:07 ----D---- C:\Program Files\Ubisoft
2010-02-11 15:45:42 ----D---- C:\Users\NB\AppData\Roaming\Skype
2010-02-11 11:06:28 ----D---- C:\Users\NB\AppData\Roaming\skypePM
2010-02-11 11:00:57 ----D---- C:\Program Files\Windows Mail
2010-02-11 09:41:07 ----D---- C:\ProgramData\Microsoft Help
2010-02-10 19:37:58 ----RD---- C:\Program Files\Skype
2010-02-10 19:37:31 ----D---- C:\ProgramData\Skype
2010-02-08 15:04:45 ----SD---- C:\Users\NB\AppData\Roaming\Microsoft
2010-02-08 13:37:39 ----D---- C:\Users\NB\AppData\Roaming\DivX
2010-02-05 19:07:33 ----D---- C:\Program Files\Miranda IM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-11-04 214664]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-07-16 130424]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2007-01-20 31644]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-01-13 954368]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-04-07 3844608]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-11-04 79816]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-11-04 35272]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-11-04 40552]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2008-03-19 22072]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S3 ane8qe33;ane8qe33; C:\Windows\system32\drivers\ane8qe33.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\Users\NB\AppData\Local\Temp\HTLA5DA.tmp [2010-02-27 25616]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-08-28 25280]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-11-04 34248]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2008-01-18 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-04-07 692224]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [2009-12-14 93320]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-10-29 865832]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-11-04 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-10-27 895696]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-01-12 185640]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-11-04 606736]
R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-02-24 332720]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-18 654848]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-10-28 365072]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]

-----------------EOF-----------------

[Caroprd111]

Zdravím

Na logu se pracuje, prosím o strpení.

[Caroprd111]

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.


Odinstalujte Garenu.

• Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
• Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
  
  Záložka Čistič
• Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
  
  Záložka Registry
• Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
  OK Zavřít

K čemu používáte jednotky I: a G:


Jsou s PC nějaké problémy

[Geneiken]

jde spis o to ze se posledni dobou zacal strasne sekat pri cemkoli, kdyz si poustim filmy, kdyz hraju na steamu, nekdy dokonce trva asi 10 minut nez nabehne windows a da mi okno s heslem, jinak za rady diky moc na garene sem hraval ale tak odinstaluji ji.

[Caroprd111]

Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary

Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrází stránka s licenčnímy podmínkami, pokračujte stisknutím tlačítka "Ano"

Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna

Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.

Během skenování může být počítač restartován.