Ahoj, prosím o kontrolu logu HJT ted pro zmenu na mém PC...zadny problem na PC nemam, chci to jen preventivne zkontrolovat.
Myslim si ze tam je spatne akorat toto:
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
Mozna i neco vic...predem diky
Logfile of HijackThis v1.99.1
Scan saved at 21:04:45, on 19.9.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE
C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Miranda IM\miranda32.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\totalcmd\TOTALCMD.EXE
c:\Program Files\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] =
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /M "Stylus C45" /EF "HKCU"
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAC259F7-BC65-4FA1-855D-69BF73C43F48}: NameServer = 10.0.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Prosím o preventivní kontrolu logu Vyřešeno
-
pejda
- Level 1
- Příspěvky: 65
- Registrován: srpen 06
- Bydliště: Mlada Vozice
- Pohlaví:
- Stav:
Offline
- Kontakt:
Prosím o preventivní kontrolu logu
Nemožné a zázraky se někdy dějí :-))
Re: Prosím o preventivní kontrolu logu
Nazdar, HJT nam uz povie len malo...preto:
Stiahni RSIT. Spust, klik na "Continue". Po dokoneceni by se ti mal otvorit textovy subor. Ten skopiruj sem.
Pokial by sa nieco stalo, najdes ho aj na adrese "C:\rsit\log.txt".
Stiahni RSIT. Spust, klik na "Continue". Po dokoneceni by se ti mal otvorit textovy subor. Ten skopiruj sem.
Pokial by sa nieco stalo, najdes ho aj na adrese "C:\rsit\log.txt".
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
-
pejda
- Level 1
- Příspěvky: 65
- Registrován: srpen 06
- Bydliště: Mlada Vozice
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o preventivní kontrolu logu
Zde je tedy log s RSIT
Logfile of random's system information tool 1.06 (written by random/random)
Run by Pejda at 2009-09-20 22:39:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 70 GB (70%) free of 100 GB
Total RAM: 3326 MB (86% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:39:55, on 20.9.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE
C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Miranda IM\miranda32.exe
D:\d\e\install\čištění a kontrola PC\RSIT.exe
C:\Program Files\trend micro\Pejda.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] =
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /M "Stylus C45" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAC259F7-BC65-4FA1-855D-69BF73C43F48}: NameServer = 10.0.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 8314 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-09 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-09 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-23 16804864]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"GEST"== []
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-11-19 1966080]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-03-13 1443072]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2002-07-23 477184]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2007-06-29 286720]
"Device Detector"=DevDetect.exe -autorun []
"EPSON Stylus C45 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE [2004-01-13 99840]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-08-25 318272]
"EPSON Stylus C45 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE [2004-01-13 99840]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
PHOTOfunSTUDIO -viewer-.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-11-27 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"DisableStatusMessages"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1
"NoStartMenuMFUprogramsList"=1
"NoResolveTrack"=1
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI"
"C:\hry\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\hry\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\hry\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\hry\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\hry\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\hry\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2009-09-20 22:39:45 ----D---- C:\rsit
2009-09-20 22:39:45 ----D---- C:\Program Files\trend micro
2009-09-19 21:01:34 ----D---- C:\Program Files\HiJackThis
2009-09-18 17:45:04 ----D---- C:\WINDOWS\pss
2009-09-17 22:20:53 ----HD---- C:\WINDOWS\PIF
2009-09-10 21:19:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\UDL
2009-09-10 21:19:27 ----A---- C:\WINDOWS\system32\Epcmlib.dll
2009-09-10 21:18:49 ----A---- C:\WINDOWS\system32\ECBTEG.DLL
2009-09-10 21:18:49 ----A---- C:\WINDOWS\system32\EBPCHP.DLL
2009-09-10 21:17:58 ----D---- C:\Program Files\EPSON
2009-09-10 21:17:45 ----A---- C:\WINDOWS\EPSMTL32.TXT
2009-09-10 21:17:14 ----A---- C:\WINDOWS\CDEC45Euro.ini
2009-09-10 21:16:27 ----A---- C:\WINDOWS\system32\E_DCINST.DLL
2009-09-10 21:16:24 ----A---- C:\WINDOWS\system32\EBPMON24.DLL
2009-09-10 21:16:24 ----A---- C:\WINDOWS\system32\E_SAGSET.DLL
2009-09-07 19:43:15 ----D---- C:\Documents and Settings\Pejda\Data aplikací\Mount&Blade
2009-09-07 19:40:56 ----D---- C:\WINDOWS\Logs
2009-09-02 17:14:36 ----D---- C:\Program Files\Teamspeak2_RC2
2009-09-02 17:09:41 ----D---- C:\Program Files\Teamspeak2_RC2_server
2009-09-02 16:55:54 ----D---- C:\Documents and Settings\Pejda\Data aplikací\teamspeak2
2009-08-27 22:06:40 ----D---- C:\Documents and Settings\Pejda\Data aplikací\dvdcss
2009-08-27 21:08:24 ----D---- C:\Documents and Settings\Pejda\Data aplikací\vlc
2009-08-24 17:09:57 ----D---- C:\Documents and Settings\Pejda\Data aplikací\uTorrent
2009-08-24 17:09:54 ----D---- C:\Program Files\uTorrent
2009-08-24 17:08:02 ----D---- C:\Documents and Settings\Pejda\Data aplikací\BitTorrent
2009-08-24 17:07:50 ----D---- C:\Program Files\DNA
2009-08-24 17:07:50 ----D---- C:\Documents and Settings\Pejda\Data aplikací\DNA
2009-08-24 17:07:49 ----D---- C:\Program Files\BitTorrent
2009-08-23 21:49:17 ----D---- C:\Program Files\PSPad editor
2009-08-23 21:25:59 ----A---- C:\WINDOWS\wcx_ftp.ini
2009-08-22 17:50:37 ----D---- C:\Documents and Settings\Pejda\Data aplikací\skypePM
2009-08-22 17:49:46 ----D---- C:\Documents and Settings\Pejda\Data aplikací\Skype
2009-08-22 17:48:57 ----D---- C:\Program Files\Common Files\Skype
2009-08-22 17:48:55 ----RD---- C:\Program Files\Skype
2009-08-22 17:48:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2009-08-21 20:06:57 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2009-08-21 20:05:25 ----D---- C:\WINDOWS\Easy CD-DA Extractor
2009-08-21 20:05:25 ----D---- C:\Program Files\Easy CD-DA Extractor 10
======List of files/folders modified in the last 1 months======
2009-09-20 22:39:46 ----D---- C:\WINDOWS\Temp
2009-09-20 22:39:45 ----RD---- C:\Program Files
2009-09-20 22:39:38 ----D---- C:\WINDOWS\Prefetch
2009-09-20 22:39:35 ----A---- C:\WINDOWS\wincmd.ini
2009-09-20 22:28:39 ----D---- C:\Program Files\Mozilla Firefox
2009-09-20 11:02:49 ----D---- C:\WINDOWS
2009-09-19 23:18:56 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-09-15 21:53:34 ----A---- C:\WINDOWS\NeroDigital.ini
2009-09-15 19:55:10 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-10 21:25:33 ----D---- C:\WINDOWS\system32
2009-09-10 21:20:42 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-10 21:18:46 ----HD---- C:\WINDOWS\inf
2009-09-10 21:12:47 ----D---- C:\WINDOWS\system32\drivers
2009-09-07 19:40:28 ----D---- C:\hry
2009-09-01 20:28:14 ----D---- C:\temp
2009-08-22 17:49:38 ----SHD---- C:\WINDOWS\Installer
2009-08-22 17:48:57 ----D---- C:\Program Files\Common Files
2009-08-22 12:02:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\ArcSoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-13 29704]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-03-13 33800]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-09-26 286720]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-09-26 81920]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-13 40456]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-11-27 60800]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-24 4749824]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-11-27 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-09 6307328]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-29 47360]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-06-16 109184]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 s3m;s3m; C:\WINDOWS\system32\DRIVERS\s3m.sys [2001-08-17 166720]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-11-27 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-11-27 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
R2 GEST Service;GEST Service for program management.; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-08-08 80392]
R2 KPF4;Kerio Personal Firewall 4; C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe [2005-10-10 1617920]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-09 163908]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-03-13 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Pejda at 2009-09-20 22:39:45
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 70 GB (70%) free of 100 GB
Total RAM: 3326 MB (86% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:39:55, on 20.9.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE
C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Miranda IM\miranda32.exe
D:\d\e\install\čištění a kontrola PC\RSIT.exe
C:\Program Files\trend micro\Pejda.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] =
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /M "Stylus C45" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAC259F7-BC65-4FA1-855D-69BF73C43F48}: NameServer = 10.0.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 8314 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-09 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-09 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-23 16804864]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"GEST"== []
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-11-19 1966080]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-03-13 1443072]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2002-07-23 477184]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2007-06-29 286720]
"Device Detector"=DevDetect.exe -autorun []
"EPSON Stylus C45 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE [2004-01-13 99840]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-08-25 318272]
"EPSON Stylus C45 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE [2004-01-13 99840]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
PHOTOfunSTUDIO -viewer-.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-11-27 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"DisableStatusMessages"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1
"NoStartMenuMFUprogramsList"=1
"NoResolveTrack"=1
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI"
"C:\hry\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\hry\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\hry\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\hry\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\hry\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\hry\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2009-09-20 22:39:45 ----D---- C:\rsit
2009-09-20 22:39:45 ----D---- C:\Program Files\trend micro
2009-09-19 21:01:34 ----D---- C:\Program Files\HiJackThis
2009-09-18 17:45:04 ----D---- C:\WINDOWS\pss
2009-09-17 22:20:53 ----HD---- C:\WINDOWS\PIF
2009-09-10 21:19:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\UDL
2009-09-10 21:19:27 ----A---- C:\WINDOWS\system32\Epcmlib.dll
2009-09-10 21:18:49 ----A---- C:\WINDOWS\system32\ECBTEG.DLL
2009-09-10 21:18:49 ----A---- C:\WINDOWS\system32\EBPCHP.DLL
2009-09-10 21:17:58 ----D---- C:\Program Files\EPSON
2009-09-10 21:17:45 ----A---- C:\WINDOWS\EPSMTL32.TXT
2009-09-10 21:17:14 ----A---- C:\WINDOWS\CDEC45Euro.ini
2009-09-10 21:16:27 ----A---- C:\WINDOWS\system32\E_DCINST.DLL
2009-09-10 21:16:24 ----A---- C:\WINDOWS\system32\EBPMON24.DLL
2009-09-10 21:16:24 ----A---- C:\WINDOWS\system32\E_SAGSET.DLL
2009-09-07 19:43:15 ----D---- C:\Documents and Settings\Pejda\Data aplikací\Mount&Blade
2009-09-07 19:40:56 ----D---- C:\WINDOWS\Logs
2009-09-02 17:14:36 ----D---- C:\Program Files\Teamspeak2_RC2
2009-09-02 17:09:41 ----D---- C:\Program Files\Teamspeak2_RC2_server
2009-09-02 16:55:54 ----D---- C:\Documents and Settings\Pejda\Data aplikací\teamspeak2
2009-08-27 22:06:40 ----D---- C:\Documents and Settings\Pejda\Data aplikací\dvdcss
2009-08-27 21:08:24 ----D---- C:\Documents and Settings\Pejda\Data aplikací\vlc
2009-08-24 17:09:57 ----D---- C:\Documents and Settings\Pejda\Data aplikací\uTorrent
2009-08-24 17:09:54 ----D---- C:\Program Files\uTorrent
2009-08-24 17:08:02 ----D---- C:\Documents and Settings\Pejda\Data aplikací\BitTorrent
2009-08-24 17:07:50 ----D---- C:\Program Files\DNA
2009-08-24 17:07:50 ----D---- C:\Documents and Settings\Pejda\Data aplikací\DNA
2009-08-24 17:07:49 ----D---- C:\Program Files\BitTorrent
2009-08-23 21:49:17 ----D---- C:\Program Files\PSPad editor
2009-08-23 21:25:59 ----A---- C:\WINDOWS\wcx_ftp.ini
2009-08-22 17:50:37 ----D---- C:\Documents and Settings\Pejda\Data aplikací\skypePM
2009-08-22 17:49:46 ----D---- C:\Documents and Settings\Pejda\Data aplikací\Skype
2009-08-22 17:48:57 ----D---- C:\Program Files\Common Files\Skype
2009-08-22 17:48:55 ----RD---- C:\Program Files\Skype
2009-08-22 17:48:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2009-08-21 20:06:57 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2009-08-21 20:05:25 ----D---- C:\WINDOWS\Easy CD-DA Extractor
2009-08-21 20:05:25 ----D---- C:\Program Files\Easy CD-DA Extractor 10
======List of files/folders modified in the last 1 months======
2009-09-20 22:39:46 ----D---- C:\WINDOWS\Temp
2009-09-20 22:39:45 ----RD---- C:\Program Files
2009-09-20 22:39:38 ----D---- C:\WINDOWS\Prefetch
2009-09-20 22:39:35 ----A---- C:\WINDOWS\wincmd.ini
2009-09-20 22:28:39 ----D---- C:\Program Files\Mozilla Firefox
2009-09-20 11:02:49 ----D---- C:\WINDOWS
2009-09-19 23:18:56 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-09-15 21:53:34 ----A---- C:\WINDOWS\NeroDigital.ini
2009-09-15 19:55:10 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-10 21:25:33 ----D---- C:\WINDOWS\system32
2009-09-10 21:20:42 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-10 21:18:46 ----HD---- C:\WINDOWS\inf
2009-09-10 21:12:47 ----D---- C:\WINDOWS\system32\drivers
2009-09-07 19:40:28 ----D---- C:\hry
2009-09-01 20:28:14 ----D---- C:\temp
2009-08-22 17:49:38 ----SHD---- C:\WINDOWS\Installer
2009-08-22 17:48:57 ----D---- C:\Program Files\Common Files
2009-08-22 12:02:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\ArcSoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-13 29704]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-03-13 33800]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-09-26 286720]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-09-26 81920]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-13 40456]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-11-27 60800]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-24 4749824]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-11-27 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-09 6307328]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-29 47360]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-06-16 109184]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 s3m;s3m; C:\WINDOWS\system32\DRIVERS\s3m.sys [2001-08-17 166720]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-11-27 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-11-27 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
R2 GEST Service;GEST Service for program management.; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-08-08 80392]
R2 KPF4;Kerio Personal Firewall 4; C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe [2005-10-10 1617920]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-09 163908]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2001-10-25 3584]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-03-13 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
-----------------EOF-----------------
Nemožné a zázraky se někdy dějí :-))
Re: Prosím o preventivní kontrolu logu
1) Fixni v premenovanom HJT (zasrktni stvorcek pri danom riadku a stlac "Fix Checked") - info o tom, kde ho stiahol RSIT, najdes tu:
2) Skopiruj do poznamkoveho bloku:
Uloz ako svcdel.bat (typ vsetky subory) na plochu a spust.
Restart a novy log z RSITu.
Kód: Vybrat vše
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab2) Skopiruj do poznamkoveho bloku:
Kód: Vybrat vše
@echo off
sc stop NOD32FiXTemDono
sc delete NOD32FiXTemDono
exitUloz ako svcdel.bat (typ vsetky subory) na plochu a spust.
Restart a novy log z RSITu.
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
-
pejda
- Level 1
- Příspěvky: 65
- Registrován: srpen 06
- Bydliště: Mlada Vozice
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Prosím o preventivní kontrolu logu
Tak hotovo, tady je log s RSITu:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Pejda at 2009-09-21 18:48:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 70 GB (70%) free of 100 GB
Total RAM: 3326 MB (86% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:48:32, on 21.9.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE
C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\CCleaner\CCleaner.exe
D:\d\e\install\čištění a kontrola PC\RSIT.exe
c:\Program Files\trend micro\Pejda.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] =
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /M "Stylus C45" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAC259F7-BC65-4FA1-855D-69BF73C43F48}: NameServer = 10.0.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 7408 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-09 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-09 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-23 16804864]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"GEST"== []
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-11-19 1966080]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-03-13 1443072]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2002-07-23 477184]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2007-06-29 286720]
"Device Detector"=DevDetect.exe -autorun []
"EPSON Stylus C45 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE [2004-01-13 99840]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-08-25 318272]
"EPSON Stylus C45 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE [2004-01-13 99840]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
PHOTOfunSTUDIO -viewer-.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-11-27 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"DisableStatusMessages"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1
"NoStartMenuMFUprogramsList"=1
"NoResolveTrack"=1
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI"
"C:\hry\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\hry\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\hry\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\hry\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\hry\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\hry\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84533a86-7481-11de-a4d4-001fd09d316b}]
shell\AutoRun\command - E:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b4577b08-747b-11de-a4d1-001fd09d316b}]
shell\AutoRun\command - F:\start.exe
======List of files/folders created in the last 1 months======
2009-09-20 22:39:45 ----D---- C:\rsit
2009-09-20 22:39:45 ----D---- C:\Program Files\trend micro
2009-09-19 21:01:34 ----D---- C:\Program Files\HiJackThis
2009-09-18 17:45:04 ----D---- C:\WINDOWS\pss
2009-09-17 22:20:53 ----HD---- C:\WINDOWS\PIF
2009-09-10 21:19:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\UDL
2009-09-10 21:19:27 ----A---- C:\WINDOWS\system32\Epcmlib.dll
2009-09-10 21:18:49 ----A---- C:\WINDOWS\system32\ECBTEG.DLL
2009-09-10 21:18:49 ----A---- C:\WINDOWS\system32\EBPCHP.DLL
2009-09-10 21:17:58 ----D---- C:\Program Files\EPSON
2009-09-10 21:17:45 ----A---- C:\WINDOWS\EPSMTL32.TXT
2009-09-10 21:17:14 ----A---- C:\WINDOWS\CDEC45Euro.ini
2009-09-10 21:16:27 ----A---- C:\WINDOWS\system32\E_DCINST.DLL
2009-09-10 21:16:24 ----A---- C:\WINDOWS\system32\EBPMON24.DLL
2009-09-10 21:16:24 ----A---- C:\WINDOWS\system32\E_SAGSET.DLL
2009-09-07 19:43:15 ----D---- C:\Documents and Settings\Pejda\Data aplikací\Mount&Blade
2009-09-07 19:40:56 ----D---- C:\WINDOWS\Logs
2009-09-02 17:14:36 ----D---- C:\Program Files\Teamspeak2_RC2
2009-09-02 17:09:41 ----D---- C:\Program Files\Teamspeak2_RC2_server
2009-09-02 16:55:54 ----D---- C:\Documents and Settings\Pejda\Data aplikací\teamspeak2
2009-08-27 22:06:40 ----D---- C:\Documents and Settings\Pejda\Data aplikací\dvdcss
2009-08-27 21:08:24 ----D---- C:\Documents and Settings\Pejda\Data aplikací\vlc
2009-08-24 17:09:57 ----D---- C:\Documents and Settings\Pejda\Data aplikací\uTorrent
2009-08-24 17:09:54 ----D---- C:\Program Files\uTorrent
2009-08-24 17:08:02 ----D---- C:\Documents and Settings\Pejda\Data aplikací\BitTorrent
2009-08-24 17:07:50 ----D---- C:\Program Files\DNA
2009-08-24 17:07:50 ----D---- C:\Documents and Settings\Pejda\Data aplikací\DNA
2009-08-24 17:07:49 ----D---- C:\Program Files\BitTorrent
2009-08-23 21:49:17 ----D---- C:\Program Files\PSPad editor
2009-08-23 21:25:59 ----A---- C:\WINDOWS\wcx_ftp.ini
2009-08-22 17:50:37 ----D---- C:\Documents and Settings\Pejda\Data aplikací\skypePM
2009-08-22 17:49:46 ----D---- C:\Documents and Settings\Pejda\Data aplikací\Skype
2009-08-22 17:48:57 ----D---- C:\Program Files\Common Files\Skype
2009-08-22 17:48:55 ----RD---- C:\Program Files\Skype
2009-08-22 17:48:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
======List of files/folders modified in the last 1 months======
2009-09-21 18:47:54 ----D---- C:\WINDOWS\Temp
2009-09-21 18:47:32 ----D---- C:\Program Files\Mozilla Firefox
2009-09-21 18:47:06 ----D---- C:\WINDOWS
2009-09-21 18:45:10 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-09-21 18:44:18 ----D---- C:\WINDOWS\Prefetch
2009-09-21 18:41:02 ----A---- C:\WINDOWS\wincmd.ini
2009-09-20 22:39:45 ----RD---- C:\Program Files
2009-09-18 20:18:03 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2009-09-15 21:53:34 ----A---- C:\WINDOWS\NeroDigital.ini
2009-09-15 19:55:10 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-10 21:25:33 ----D---- C:\WINDOWS\system32
2009-09-10 21:20:42 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-10 21:18:46 ----HD---- C:\WINDOWS\inf
2009-09-10 21:12:47 ----D---- C:\WINDOWS\system32\drivers
2009-09-07 19:40:28 ----D---- C:\hry
2009-09-01 20:28:14 ----D---- C:\temp
2009-08-22 17:49:38 ----SHD---- C:\WINDOWS\Installer
2009-08-22 17:48:57 ----D---- C:\Program Files\Common Files
2009-08-22 12:02:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\ArcSoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-13 29704]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-03-13 33800]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-09-26 286720]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-09-26 81920]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-13 40456]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-11-27 60800]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-24 4749824]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-11-27 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-09 6307328]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-29 47360]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-06-16 109184]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 s3m;s3m; C:\WINDOWS\system32\DRIVERS\s3m.sys [2001-08-17 166720]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-11-27 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-11-27 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
R2 GEST Service;GEST Service for program management.; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-08-08 80392]
R2 KPF4;Kerio Personal Firewall 4; C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe [2005-10-10 1617920]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-09 163908]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-03-13 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Pejda at 2009-09-21 18:48:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 70 GB (70%) free of 100 GB
Total RAM: 3326 MB (86% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:48:32, on 21.9.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE
C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\CCleaner\CCleaner.exe
D:\d\e\install\čištění a kontrola PC\RSIT.exe
c:\Program Files\trend micro\Pejda.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] =
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB001" /M "Stylus C45"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /M "Stylus C45" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: PHOTOfunSTUDIO -viewer-.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAC259F7-BC65-4FA1-855D-69BF73C43F48}: NameServer = 10.0.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 7408 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2004-02-10 339968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-02-09 13680640]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-02-09 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-23 16804864]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"GEST"== []
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-11-19 1966080]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-03-13 1443072]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2002-07-23 477184]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2007-06-29 286720]
"Device Detector"=DevDetect.exe -autorun []
"EPSON Stylus C45 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE [2004-01-13 99840]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2007-08-23 455968]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-08-25 318272]
"EPSON Stylus C45 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE [2004-01-13 99840]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
PHOTOfunSTUDIO -viewer-.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO -viewer-\PhAutoRun.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-11-27 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"DisableStatusMessages"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1
"NoStartMenuMFUprogramsList"=1
"NoResolveTrack"=1
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI"
"C:\hry\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\hry\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\hry\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\hry\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\hry\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\hry\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84533a86-7481-11de-a4d4-001fd09d316b}]
shell\AutoRun\command - E:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b4577b08-747b-11de-a4d1-001fd09d316b}]
shell\AutoRun\command - F:\start.exe
======List of files/folders created in the last 1 months======
2009-09-20 22:39:45 ----D---- C:\rsit
2009-09-20 22:39:45 ----D---- C:\Program Files\trend micro
2009-09-19 21:01:34 ----D---- C:\Program Files\HiJackThis
2009-09-18 17:45:04 ----D---- C:\WINDOWS\pss
2009-09-17 22:20:53 ----HD---- C:\WINDOWS\PIF
2009-09-10 21:19:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\UDL
2009-09-10 21:19:27 ----A---- C:\WINDOWS\system32\Epcmlib.dll
2009-09-10 21:18:49 ----A---- C:\WINDOWS\system32\ECBTEG.DLL
2009-09-10 21:18:49 ----A---- C:\WINDOWS\system32\EBPCHP.DLL
2009-09-10 21:17:58 ----D---- C:\Program Files\EPSON
2009-09-10 21:17:45 ----A---- C:\WINDOWS\EPSMTL32.TXT
2009-09-10 21:17:14 ----A---- C:\WINDOWS\CDEC45Euro.ini
2009-09-10 21:16:27 ----A---- C:\WINDOWS\system32\E_DCINST.DLL
2009-09-10 21:16:24 ----A---- C:\WINDOWS\system32\EBPMON24.DLL
2009-09-10 21:16:24 ----A---- C:\WINDOWS\system32\E_SAGSET.DLL
2009-09-07 19:43:15 ----D---- C:\Documents and Settings\Pejda\Data aplikací\Mount&Blade
2009-09-07 19:40:56 ----D---- C:\WINDOWS\Logs
2009-09-02 17:14:36 ----D---- C:\Program Files\Teamspeak2_RC2
2009-09-02 17:09:41 ----D---- C:\Program Files\Teamspeak2_RC2_server
2009-09-02 16:55:54 ----D---- C:\Documents and Settings\Pejda\Data aplikací\teamspeak2
2009-08-27 22:06:40 ----D---- C:\Documents and Settings\Pejda\Data aplikací\dvdcss
2009-08-27 21:08:24 ----D---- C:\Documents and Settings\Pejda\Data aplikací\vlc
2009-08-24 17:09:57 ----D---- C:\Documents and Settings\Pejda\Data aplikací\uTorrent
2009-08-24 17:09:54 ----D---- C:\Program Files\uTorrent
2009-08-24 17:08:02 ----D---- C:\Documents and Settings\Pejda\Data aplikací\BitTorrent
2009-08-24 17:07:50 ----D---- C:\Program Files\DNA
2009-08-24 17:07:50 ----D---- C:\Documents and Settings\Pejda\Data aplikací\DNA
2009-08-24 17:07:49 ----D---- C:\Program Files\BitTorrent
2009-08-23 21:49:17 ----D---- C:\Program Files\PSPad editor
2009-08-23 21:25:59 ----A---- C:\WINDOWS\wcx_ftp.ini
2009-08-22 17:50:37 ----D---- C:\Documents and Settings\Pejda\Data aplikací\skypePM
2009-08-22 17:49:46 ----D---- C:\Documents and Settings\Pejda\Data aplikací\Skype
2009-08-22 17:48:57 ----D---- C:\Program Files\Common Files\Skype
2009-08-22 17:48:55 ----RD---- C:\Program Files\Skype
2009-08-22 17:48:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
======List of files/folders modified in the last 1 months======
2009-09-21 18:47:54 ----D---- C:\WINDOWS\Temp
2009-09-21 18:47:32 ----D---- C:\Program Files\Mozilla Firefox
2009-09-21 18:47:06 ----D---- C:\WINDOWS
2009-09-21 18:45:10 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-09-21 18:44:18 ----D---- C:\WINDOWS\Prefetch
2009-09-21 18:41:02 ----A---- C:\WINDOWS\wincmd.ini
2009-09-20 22:39:45 ----RD---- C:\Program Files
2009-09-18 20:18:03 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2009-09-15 21:53:34 ----A---- C:\WINDOWS\NeroDigital.ini
2009-09-15 19:55:10 ----D---- C:\WINDOWS\system32\CatRoot2
2009-09-10 21:25:33 ----D---- C:\WINDOWS\system32
2009-09-10 21:20:42 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-10 21:18:46 ----HD---- C:\WINDOWS\inf
2009-09-10 21:12:47 ----D---- C:\WINDOWS\system32\drivers
2009-09-07 19:40:28 ----D---- C:\hry
2009-09-01 20:28:14 ----D---- C:\temp
2009-08-22 17:49:38 ----SHD---- C:\WINDOWS\Installer
2009-08-22 17:48:57 ----D---- C:\Program Files\Common Files
2009-08-22 12:02:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\ArcSoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-03-13 29704]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-03-13 33800]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-09-26 286720]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-09-26 81920]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-03-13 40456]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-11-27 60800]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-24 4749824]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-11-27 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-02-09 6307328]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-29 47360]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-06-16 109184]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 s3m;s3m; C:\WINDOWS\system32\DRIVERS\s3m.sys [2001-08-17 166720]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-11-27 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-11-27 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-03-13 472320]
R2 GEST Service;GEST Service for program management.; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-08-08 80392]
R2 KPF4;Kerio Personal Firewall 4; C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe [2005-10-10 1617920]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-02-09 163908]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-03-13 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
-----------------EOF-----------------
Nemožné a zázraky se někdy dějí :-))
Re: Prosím o preventivní kontrolu logu Vyřešeno
Vyborne.
A hotovo.
- Pouzi T-Cleaner (ak by ho antivirus hlasil ako smejda, nic sa netreba bat, ide len o paranoju AV programu).
- Precisti PC CCleanerom (vratane registrov).
- Pouzi TFC (spust program a klikni na "Start". Pozor, PC moze byt restartovane).
A hotovo.
Nemam rad amaterizmus...
A adresat odkazu to vie :)
A adresat odkazu to vie :)
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 86 hostů