Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Odesílání spamu.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Zdenek69
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 08 led 2010 19:32

Odesílání spamu.

#1 Příspěvek od Zdenek69 »

Prosím o radu.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Zdeněk at 2010-01-08 19:26:22
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (22%) free of 20 GB
Total RAM: 1919 MB (67% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\WebReg 20100108085711.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-14 1217896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-02-16 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-23 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-22 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-02-16 520192]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-23 263280]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-14 1217896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /install []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-05-14 8429568]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"WebcamMaxMoniter"=C:\Program Files\WebcamMax\wcmmon.exe [2008-02-09 456024]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-23 2615624]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-23 906648]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2007-10-23 140568]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"avast!"=C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2009-11-25 81000]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-01-05 2166784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"=C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2009-02-16 26624]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-20 39408]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-01-05 3037696]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AVerQuick.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

C:\Documents and Settings\Zdeněk\Nabídka Start\Programy\Po spuštění
Belkin Network USB Hub Control Center.lnk - C:\Program Files\Belkin\Network USB Hub Control Center\Connect.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"HonorAutoRunSetting"=
"NoResolveTrack"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Odesílání spamu.

#2 Příspěvek od Rudy »

Log není kompletní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zdenek69
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 08 led 2010 19:32

Re: Odesílání spamu.

#3 Příspěvek od Zdenek69 »

Omlouvám se ted je snad celí.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Zdeněk at 2010-01-09 07:31:40
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (22%) free of 20 GB
Total RAM: 1919 MB (70% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\WebReg 20100108085711.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-14 1217896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-02-16 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll [2007-09-25 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-23 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-22 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-02-16 520192]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-11-23 263280]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-14 1217896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /install []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-05-14 8429568]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"WebcamMaxMoniter"=C:\Program Files\WebcamMax\wcmmon.exe [2008-02-09 456024]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-10-23 2615624]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-10-23 906648]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2007-10-23 140568]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"avast!"=C:\Program Files\Alwil Software\Avast4\ashDisp.exe [2009-11-25 81000]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-01-05 2166784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"=C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2009-02-16 26624]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-20 39408]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-01-05 3037696]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AVerQuick.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

C:\Documents and Settings\Zdeněk\Nabídka Start\Programy\Po spuštění
Belkin Network USB Hub Control Center.lnk - C:\Program Files\Belkin\Network USB Hub Control Center\Connect.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 294400]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"HonorAutoRunSetting"=
"NoResolveTrack"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"E:\Knights Of The Temple\Templar.exe"="E:\Knights Of The Temple\Templar.exe:*:Disabled:Templar"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Konzola Microsoft Management Console"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Belkin\Network USB Hub Control Center\Connect.exe"="C:\Program Files\Belkin\Network USB Hub Control Center\Connect.exe:*:Enabled:Belkin Network USB Hub Control Center"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Call of Duty\CoDMP.exe"="C:\Program Files\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======List of files/folders created in the last 1 months======

2010-01-09 07:31:40 ----D---- C:\rsit
2010-01-08 08:48:02 ----D---- C:\Program Files\trend micro
2010-01-08 08:02:50 ----SHD---- C:\RECYCLER
2010-01-07 20:04:37 ----A---- C:\WINDOWS\zip.exe
2010-01-07 20:04:37 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-01-07 20:04:37 ----A---- C:\WINDOWS\SWSC.exe
2010-01-07 20:04:37 ----A---- C:\WINDOWS\SWREG.exe
2010-01-07 20:04:37 ----A---- C:\WINDOWS\sed.exe
2010-01-07 20:04:37 ----A---- C:\WINDOWS\PEV.exe
2010-01-07 20:04:37 ----A---- C:\WINDOWS\NIRCMD.exe
2010-01-07 20:04:37 ----A---- C:\WINDOWS\grep.exe
2010-01-07 20:04:31 ----D---- C:\WINDOWS\ERDNT
2010-01-07 18:54:41 ----A---- C:\WINDOWS\ModemLog_AnyDATA CDMA USB Modem (PID 6501) #3.txt
2010-01-06 20:34:31 ----A---- C:\Boot.bak
2010-01-06 20:34:26 ----RASHD---- C:\cmdcons
2010-01-05 19:51:56 ----D---- C:\Program Files\Crawler
2010-01-05 19:51:51 ----D---- C:\Documents and Settings\Zdeněk\Data aplikací\Spyware Terminator
2010-01-05 19:51:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-01-05 19:51:46 ----D---- C:\Program Files\Spyware Terminator
2010-01-05 18:12:26 ----A---- C:\WINDOWS\MBR.exe
2010-01-04 21:40:43 ----D---- C:\Program Files\Windows Doctor
2010-01-04 20:02:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-01-04 19:48:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-01-04 19:48:30 ----D---- C:\Program Files\Alwil Software
2010-01-04 18:52:06 ----D---- C:\totalcmd
2010-01-04 17:30:22 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2010-01-04 17:30:18 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2010-01-04 17:30:17 ----D---- C:\Documents and Settings\Zdeněk\Data aplikací\TuneUp Software
2010-01-04 17:29:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2010-01-04 17:29:46 ----D---- C:\Program Files\TuneUp Utilities 2009
2010-01-04 17:24:26 ----D---- C:\Program Files\VS Revo Group
2009-12-21 18:40:36 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2009-12-19 08:29:59 ----D---- C:\Program Files\Common Files\AVerMedia
2009-12-19 08:29:59 ----D---- C:\Program Files\AVerMedia
2009-12-15 20:09:14 ----D---- C:\Documents and Settings\Zdeněk\Data aplikací\ESET
2009-12-15 20:07:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2009-12-14 17:13:49 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-14 17:13:42 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-14 17:12:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-14 17:12:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-14 17:11:50 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$

======List of files/folders modified in the last 1 months======

2010-01-09 07:28:45 ----D---- C:\WINDOWS\Prefetch
2010-01-09 07:28:33 ----D---- C:\WINDOWS\Temp
2010-01-09 07:28:00 ----SD---- C:\WINDOWS\Tasks
2010-01-09 07:27:46 ----D---- C:\WINDOWS\system32
2010-01-08 19:57:55 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-08 08:48:02 ----RD---- C:\Program Files
2010-01-08 08:22:54 ----A---- C:\WINDOWS\wincmd.ini
2010-01-08 08:02:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google Updater
2010-01-07 20:12:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-07 20:09:31 ----D---- C:\WINDOWS
2010-01-07 20:09:31 ----A---- C:\WINDOWS\system.ini
2010-01-07 20:08:15 ----D---- C:\WINDOWS\system32\drivers
2010-01-07 20:08:15 ----D---- C:\WINDOWS\AppPatch
2010-01-07 20:08:08 ----D---- C:\Program Files\Common Files
2010-01-07 19:56:43 ----SHD---- C:\System Volume Information
2010-01-07 19:56:43 ----D---- C:\WINDOWS\system32\Restore
2010-01-07 18:54:33 ----A---- C:\WINDOWS\red_dialer.ini
2010-01-06 22:23:54 ----A---- C:\WINDOWS\ModemLog_AnyDATA CDMA USB Modem (PID 6501) #2.txt
2010-01-06 22:01:01 ----A---- C:\WINDOWS\MAILTRAN.INI
2010-01-06 22:00:59 ----D---- C:\Program Files\Mozilla Firefox
2010-01-06 20:34:31 ----RASH---- C:\boot.ini
2010-01-05 23:09:02 ----D---- C:\Documents and Settings\Zdeněk\Data aplikací\Vso
2010-01-05 18:18:38 ----D---- C:\WINDOWS\system32\config
2010-01-05 16:48:20 ----D---- C:\Program Files\Microsoft ActiveSync
2010-01-04 19:45:06 ----D---- C:\Config.Msi
2010-01-04 19:45:00 ----HD---- C:\WINDOWS\inf
2010-01-04 19:44:47 ----SHD---- C:\WINDOWS\Installer
2010-01-04 18:58:32 ----D---- C:\Program Files\CicloTrainer
2010-01-04 16:43:23 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt
2010-01-01 20:02:56 ----D---- C:\Program Files\Call of Duty
2010-01-01 19:26:50 ----D---- C:\Program Files\Google
2009-12-22 19:11:22 ----A---- C:\WINDOWS\system32\AutoPartNt.exe
2009-12-21 18:40:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-21 18:39:39 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-19 08:31:19 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-19 08:31:12 ----D---- C:\WINDOWS\Driver Cache
2009-12-16 19:02:40 ----D---- C:\Documents and Settings\Zdeněk\Data aplikací\Adobe
2009-12-16 18:48:44 ----D---- C:\Program Files\Skype
2009-12-16 18:40:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-16 18:37:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\page
2009-12-15 20:12:19 ----D---- C:\WINDOWS\twain_32
2009-12-15 20:12:19 ----D---- C:\WINDOWS\FilmScan
2009-12-14 19:48:10 ----D---- C:\Program Files\Windows Media Connect 2
2009-12-14 19:23:51 ----D---- C:\WINDOWS\Debug
2009-12-14 17:13:32 ----D---- C:\Program Files\Internet Explorer
2009-12-14 17:13:22 ----D---- C:\WINDOWS\ie8updates
2009-12-14 17:13:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 ISODrive;ISO DVD/CD-ROM Device Driver; \??\C:\Program Files\UltraISO\drivers\ISODrive.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 CamthWDM;WebcamMax, WDM Video Capture; C:\WINDOWS\system32\DRIVERS\CamthWDM.sys [2008-02-09 941784]
R2 sxuptp;SXUPTP Driver; C:\WINDOWS\system32\DRIVERS\sxuptp.sys [2007-09-27 79232]
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-03-01 44384]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-04-05 546112]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-08-31 20480]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2005-08-31 20480]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-07-29 11988]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-28 4609024]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-05-14 6345696]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-03-06 19968]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2007-02-16 12032]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-11-22 982272]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam; C:\WINDOWS\System32\Drivers\StkCMini.sys [2007-02-13 1245056]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2006-02-28 84836]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
S1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 mchInjDrv;madCodeHook DLL injection driver; \??\C:\WINDOWS\system32\Drivers\mchInjDrv.sys []
S1 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 AMDMSRIO;AMDMSRIO; \??\C:\DOCUME~1\ZDENK~1\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys []
S3 APL531;35mm Film Scanner; C:\WINDOWS\System32\Drivers\FILMSCAN.sys []
S3 ASFWHide;ASFWHide; \??\C:\DOCUME~1\ZDENK~1\LOCALS~1\Temp\ASFWHide []
S3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM); C:\WINDOWS\system32\drivers\averhbtv.sys [2007-04-30 302848]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2006-01-19 10068]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-10-23 23000]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 catchme;catchme; \??\C:\DOCUME~1\ZDENK~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CXSONORA;AVerMedia 23885 AvStream Video Capture; C:\WINDOWS\system32\drivers\A885VCap.sys [2007-06-22 736768]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 esihdrv;esihdrv; \??\C:\DOCUME~1\ZDENK~1\LOCALS~1\Temp\esihdrv.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2002-04-03 18102]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2002-04-03 49457]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nhcAcpi_driver;Notebook Hardware Control ACPI Driver; C:\WINDOWS\system32\drivers\nhcAcpi_driver.sys []
S3 nhcNT_driver;Notebook Hardware Control NT Driver; C:\WINDOWS\system32\drivers\nhcNT_driver.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-03-06 58752]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-01 47360]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-04-01 716272]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2007-10-23 427288]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-05-14 163908]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2008-02-14 241734]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-01-05 488960]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service; C:\WINDOWS\System32\StkCSrv.exe [2007-02-07 24576]
R2 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2007-10-23 495832]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-01-04 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 gupdate1c9c1d6874d0f4a;Služba Google Update (gupdate1c9c1d6874d0f4a); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-20 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-20 183280]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-03-12 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-05-11 29744]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-01-04 360192]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WSearch;Vyhledávání systému Windows; C:\WINDOWS\system32\SearchIndexer.exe [2007-02-05 300032]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Odesílání spamu.

#4 Příspěvek od Rudy »

7.1. jste dělal sken ComboFix. Dejte z něj log. Zde není nic nebezpečného vidět.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zdenek69
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 08 led 2010 19:32

Re: Odesílání spamu.

#5 Příspěvek od Zdenek69 »

ComboFix 10-01-04.01 - Zdeněk 09.01.2010 18:11:02.7.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1919.1336 [GMT 1:00]
Spuštěný z: c:\documents and settings\Zdeněk\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100108-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-12-09 do 2010-01-09 )))))))))))))))))))))))))))))))
.

2010-01-09 06:31 . 2010-01-09 06:32 -------- d-----w- C:\rsit
2010-01-08 07:48 . 2010-01-08 07:48 -------- d-----w- c:\program files\trend micro
2010-01-05 18:51 . 2010-01-05 18:52 -------- d-----w- c:\program files\Crawler
2010-01-05 18:51 . 2010-01-05 18:51 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-01-05 18:51 . 2010-01-07 18:12 -------- d-----w- c:\program files\Spyware Terminator
2010-01-04 20:40 . 2010-01-04 20:40 -------- d-----w- c:\program files\Windows Doctor
2010-01-04 18:48 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-04 18:48 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-04 18:48 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-04 18:48 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-04 18:48 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-04 18:48 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-04 18:48 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-04 18:48 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-01-04 18:48 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-04 18:48 . 2010-01-04 18:48 -------- d-----w- c:\program files\Alwil Software
2010-01-04 17:52 . 2010-01-04 18:28 -------- d-----w- C:\totalcmd
2010-01-04 16:30 . 2010-01-04 16:30 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2010-01-04 16:30 . 2010-01-04 16:30 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2010-01-04 16:29 . 2010-01-04 16:31 -------- d-----w- c:\program files\TuneUp Utilities 2009
2010-01-04 16:24 . 2010-01-04 16:24 -------- d-----w- c:\program files\VS Revo Group
2009-12-21 17:39 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2009-12-19 07:29 . 2009-12-19 07:31 -------- d-----w- c:\program files\AVerMedia
2009-12-19 07:29 . 2009-12-19 07:30 -------- d-----w- c:\program files\Common Files\AVerMedia
2009-12-13 19:22 . 2010-01-09 17:14 763904 ----a-w- c:\windows\system32\drivers\dgorxdgf.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-09 06:27 . 2008-01-04 17:21 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-05 15:48 . 2009-01-15 15:56 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-01-04 17:58 . 2007-11-10 18:56 -------- d-----w- c:\program files\CicloTrainer
2010-01-01 19:02 . 2008-04-12 17:06 -------- d-----w- c:\program files\Call of Duty
2010-01-01 18:26 . 2007-11-05 20:35 -------- d-----w- c:\program files\Google
2009-12-22 18:11 . 2008-03-01 06:22 1880856 ----a-w- c:\windows\system32\AutoPartNt.exe
2009-12-16 17:48 . 2007-10-06 14:17 -------- d-----w- c:\program files\Skype
2009-12-16 17:40 . 2001-10-25 14:00 489040 ----a-w- c:\windows\system32\perfh005.dat
2009-12-16 17:40 . 2001-10-25 14:00 102914 ----a-w- c:\windows\system32\perfc005.dat
2009-12-14 18:48 . 2007-10-06 13:29 -------- d-----w- c:\program files\Windows Media Connect 2
2009-12-07 18:52 . 2009-02-10 20:50 -------- d-----w- c:\program files\Zoner
2009-12-07 18:44 . 2008-02-19 18:51 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-07 18:38 . 2007-10-06 11:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-05 07:39 . 2009-02-17 19:11 -------- d-----w- c:\program files\WebcamMax
2009-11-21 16:03 . 2004-08-17 13:49 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-30 14:08 . 2009-11-25 19:55 29512 ----a-w- c:\windows\system32\TURegOpt.exe
2009-10-30 06:59 . 2009-10-30 06:51 104668 ----a-w- c:\windows\hpoins04.dat
2009-10-29 07:43 . 2004-08-17 13:49 916480 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2004-08-17 13:49 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2004-08-17 13:49 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2004-08-17 13:49 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2004-08-17 13:49 150016 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:40 . 2004-08-17 13:49 79872 ----a-w- c:\windows\system32\raschap.dll
2009-02-17 19:59 . 2009-02-17 19:12 197 --sha-w- c:\program files\Common Files\maxtreme.dat
2004-08-03 21:59 . 2008-02-13 16:43 250048 --sha-r- c:\program files\ntldr
2008-05-11 17:01 . 2008-05-11 17:01 122880 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2008-04-16 18:14 . 2008-04-07 14:53 48 --sh--w- c:\windows\S22A80555.tmp
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2009-02-16 26624]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-20 39408]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-05 3037696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2007-05-14 1626112]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-14 8429568]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"WebcamMaxMoniter"="c:\program files\WebcamMax\wcmmon.exe" [2008-02-09 456024]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-23 2615624]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-23 906648]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-23 140568]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-11-24 81000]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-01-05 2166784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\ZdenŘk\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Belkin Network USB Hub Control Center.lnk - c:\program files\Belkin\Network USB Hub Control Center\Connect.exe [2008-9-11 790651]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2009-12-19 614400]
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2006-4-28 633856]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"RTHDCPL"=RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe"
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"e:\\Knights Of The Temple\\Templar.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Belkin\\Network USB Hub Control Center\\Connect.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Call of Duty\\CoDMP.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"19540:UDP"= 19540:UDP:SXUPTP
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [4.1.2010 19:48 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [5.1.2010 19:51 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.1.2010 19:48 20560]
R2 CamthWDM;WebcamMax, WDM Video Capture;c:\windows\system32\drivers\CamthWDM.sys [9.2.2008 5:58 941784]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\system32\StkCSrv.exe [6.10.2007 12:29 24576]
R2 sxuptp;SXUPTP Driver;c:\windows\system32\drivers\sxuptp.sys [11.9.2008 18:10 79232]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [6.10.2007 12:29 1245056]
S1 mchInjDrv;madCodeHook DLL injection driver;\??\c:\windows\system32\Drivers\mchInjDrv.sys --> c:\windows\system32\Drivers\mchInjDrv.sys [?]
S2 gupdate1c9c1d6874d0f4a;Služba Google Update (gupdate1c9c1d6874d0f4a);c:\program files\Google\Update\GoogleUpdate.exe [20.4.2009 17:39 133104]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; [x]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [14.10.2007 8:32 93440]
S3 AMDMSRIO;AMDMSRIO;\??\c:\docume~1\ZDENK~1\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys --> c:\docume~1\ZDENK~1\LOCALS~1\Temp\Safe To Delete 3_0_4_8\AMDMSRIO.sys [?]
S3 APL531;35mm Film Scanner;c:\windows\system32\Drivers\FILMSCAN.sys --> c:\windows\system32\Drivers\FILMSCAN.sys [?]
S3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM);c:\windows\system32\drivers\averhbtv.sys [25.10.2007 18:31 302848]
S3 CXSONORA;AVerMedia 23885 AvStream Video Capture;c:\windows\system32\drivers\A885VCap.sys [22.10.2007 16:58 736768]
S3 esihdrv;esihdrv;\??\c:\docume~1\ZDENK~1\LOCALS~1\Temp\esihdrv.sys --> c:\docume~1\ZDENK~1\LOCALS~1\Temp\esihdrv.sys [?]
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [11.5.2008 18:01 29744]
S3 nhcAcpi_driver;Notebook Hardware Control ACPI Driver; [x]
S3 nhcNT_driver;Notebook Hardware Control NT Driver; [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;\??\c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys --> c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [?]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [5.3.2008 17:26 23600]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1.4.2008 19:21 716272]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - dgorxdgf

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-01-09 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2010-01-09 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-20 16:35]

2010-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-20 16:39]

2010-01-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-20 16:39]

2010-01-08 c:\windows\Tasks\WebReg 20100108085711.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2004-05-28 20:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bakako.cz/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Zdeněk\Data aplikací\Mozilla\Firefox\Profiles\8m8l7va6.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.tn.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections-per-server - 8
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-09 18:14
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASFWHide]
"ImagePath"="\??\c:\docume~1\ZDENK~1\LOCALS~1\Temp\ASFWHide"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dgorxdgf]

.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(916)
c:\windows\system32\relog_ap.dll

- - - - - - - > 'explorer.exe'(628)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSCS.DLL
c:\documents and settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
c:\windows\system32\webcheck.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\nvwddi.dll
c:\windows\system32\msls31.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-01-09 18:17:01
ComboFix-quarantined-files.txt 2010-01-09 17:16

Před spuštěním: 4 726 435 840
Po spuštění: 4 683 657 216

- - End Of File - - A76B992D0D5BF635E5E75FC415B3EA61
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Odesílání spamu.

#6 Příspěvek od Rudy »

Je to sice nový log, ale pokud ten původní něco smazal, něco tam i přesto zbylo. Otevřte poznámkový blok a zkopírujte do něj:
Collect::
c:\windows\system32\drivers\dgorxdgf.sys
c:\windows\S22A80555.tmp
c:\windows\system32\Drivers\mchInjDrv.sys

Driver::
dgorxdgf
mchInjDrv
Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zdenek69
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 08 led 2010 19:32

Re: Odesílání spamu.

#7 Příspěvek od Zdenek69 »

Díky jeto v pořádku.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Odesílání spamu.

#8 Příspěvek od Rudy »

Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“