Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivku:

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
ddankoo
Návštěvník
Návštěvník
Příspěvky: 48
Registrován: 04 čer 2009 18:03
Bydliště: Prešov

Prosím o preventivku:

#1 Příspěvek od ddankoo »

Je tu nový rok a PC zanedbaný :)...log z ComboFixu:

ComboFix 10-01-02.04 - user 10.01.2005 13:31:24.14.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2036.1539 [GMT 1:00]
Spuštěný z: c:\documents and settings\user.PC.000\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1351 [VPS 091224-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Sunbelt Personal Firewall *disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Jo§ka\Data aplikacˇ\amyner.reg
c:\documents and settings\Jo§ka\Data aplikacˇ\ezedyde.bat
c:\documents and settings\Jo§ka\Data aplikacˇ\hiqoc.bat
c:\documents and settings\Jo§ka\Data aplikacˇ\odiwek.reg
c:\documents and settings\Jo§ka\Local Settings\Data aplikacˇ\elyvot.reg
c:\documents and settings\Jo§ka\Local Settings\Data aplikacˇ\pyzidu.reg
c:\documents and settings\user.PC.000\Data aplikací\pcouffin.sys
c:\documents and settings\user.PC.000\Data aplikací\PnkBstrK.sys
c:\documents and settings\user.PC.000\Dokumenty\cc_20090930_175621.reg
C:\LOG.TXT
c:\program files\Dealio Toolbar
c:\program files\Dealio Toolbar\FF\components\config.ini
c:\program files\Dealio Toolbar\FF\components\dealioToolbarFF.dll
c:\program files\Dealio Toolbar\FF\components\IFBHOHelperWidgiToolbar.xpt
c:\program files\Dealio Toolbar\FF\components\IFBHOWidgiToolbar.xpt
c:\program files\Dealio Toolbar\FF\chrome.manifest
c:\program files\Dealio Toolbar\FF\chrome\content\chevron.js
c:\program files\Dealio Toolbar\FF\chrome\content\chevron.xul
c:\program files\Dealio Toolbar\FF\chrome\content\login.js
c:\program files\Dealio Toolbar\FF\chrome\content\login.xul
c:\program files\Dealio Toolbar\FF\chrome\content\parser.js
c:\program files\Dealio Toolbar\FF\chrome\content\RssTickerWidget.js
c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.js
c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.xul
c:\program files\Dealio Toolbar\FF\chrome\content\widgicomm.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgihandling.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgichevron.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgilisteners.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.xul
c:\program files\Dealio Toolbar\FF\chrome\content\widgiui.js
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\searchbox.dtd
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\yahoo-search.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\amazon.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\apple.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\barnes.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\bestbuy.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\ebay.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\chevron.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\icon_settings.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\macys.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\newegg.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\overstock.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-button-hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-button.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron-hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_amazon.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_dealio.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_ebay.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_yahoo.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\searchbox.css
c:\program files\Dealio Toolbar\FF\chrome\skin\separator.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\target.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\walmart.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\widgitoolbarplugin.css
c:\program files\Dealio Toolbar\FF\install.rdf
c:\program files\Dealio Toolbar\IE\4.0.2\config.ini
c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
c:\program files\Dealio Toolbar\Res\amazon.gif
c:\program files\Dealio Toolbar\Res\apple.gif
c:\program files\Dealio Toolbar\Res\barnes.gif
c:\program files\Dealio Toolbar\Res\bestbuy.gif
c:\program files\Dealio Toolbar\Res\dealio_logo.gif
c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\Res\ebay.gif
c:\program files\Dealio Toolbar\Res\icon_settings.gif
c:\program files\Dealio Toolbar\Res\macys.gif
c:\program files\Dealio Toolbar\Res\newegg.gif
c:\program files\Dealio Toolbar\Res\overstock.gif
c:\program files\Dealio Toolbar\Res\search-button-hover.gif
c:\program files\Dealio Toolbar\Res\search-button.gif
c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files\Dealio Toolbar\Res\search-chevron.gif
c:\program files\Dealio Toolbar\Res\search_amazon.gif
c:\program files\Dealio Toolbar\Res\search_dealio.gif
c:\program files\Dealio Toolbar\Res\search_ebay.gif
c:\program files\Dealio Toolbar\Res\search_yahoo.gif
c:\program files\Dealio Toolbar\Res\target.gif
c:\program files\Dealio Toolbar\Res\walmart.gif
c:\program files\Dealio Toolbar\Res\widgets.xml
c:\program files\Dealio Toolbar\WidgiHelper.exe
c:\program files\Search Settings
c:\program files\Search Settings\FF\components\IFBHOSearch.xpt
c:\program files\Search Settings\FF\components\IFBHOSearchHelperEngine.xpt
c:\program files\Search Settings\FF\components\IFHelperPreferences.xpt
c:\program files\Search Settings\FF\components\SearchSettingsFF.dll
c:\program files\Search Settings\FF\chrome.manifest
c:\program files\Search Settings\FF\chrome\content\plugin.js
c:\program files\Search Settings\FF\chrome\content\plugin.xul
c:\program files\Search Settings\FF\chrome\content\protection.js
c:\program files\Search Settings\FF\chrome\content\utils.js
c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.dtd
c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.properties
c:\program files\Search Settings\FF\install.rdf
c:\program files\Search Settings\SearchSettings.dll
c:\program files\Search Settings\SearchSettings.exe
c:\program files\Search Settings\SearchSettingsRes409.dll
c:\windows.0\sysinit.exe
c:\windows.0\system32\ieuinit.inf

Nakažená kopie c:\windows.0\system32\msgsvc.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows.0\ServicePackFiles\i386\msgsvc.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2004-12-10 do 2005-01-10 )))))))))))))))))))))))))))))))
.

2009-12-07 19:06 . 2009-12-07 19:27 -------- d-----w- C:\nikola
2009-12-06 13:14 . 2009-12-07 18:55 -------- d-----w- c:\program files\NCSoft
2009-11-23 18:06 . 2009-11-23 18:06 -------- d-----w- c:\program files\QIP Infium
2009-11-20 14:46 . 2009-11-20 14:46 -------- d-----w- c:\program files\Eufony Free FLAC MP3 Converter
2009-11-18 13:35 . 2005-01-09 09:10 -------- d-----w- c:\program files\Garena
2009-11-18 13:34 . 2009-11-18 13:34 4096 ----a-w- c:\windows.0\system32\detoured.dll
2009-11-16 09:31 . 2004-11-11 11:50 2433024 ------w- c:\windows.0\UNNMP.exe
2009-11-16 09:29 . 2000-06-26 09:45 106496 ----a-w- c:\windows.0\system32\TwnLib20.dll
2009-11-16 09:29 . 2001-06-26 06:15 38912 ------w- c:\windows.0\system32\picn20.dll
2009-11-16 09:29 . 2001-07-09 09:50 155648 ----a-w- c:\windows.0\system32\NeroCheck.exe
2009-11-12 11:51 . 2009-11-30 14:59 94209 ----a-w- c:\windows.0\system32\Paint.exe
2009-11-08 20:26 . 2009-11-08 20:26 -------- d-----w- c:\program files\LogMeIn Hamachi
2009-11-07 08:20 . 2009-11-07 08:28 30140 ----a-w- c:\windows.0\DIIUnin.dat
2009-11-07 08:20 . 2009-11-07 08:20 94208 ----a-w- c:\windows.0\DIIUnin.exe
2009-11-07 08:20 . 2009-11-07 08:20 2829 ----a-w- c:\windows.0\DIIUnin.pif
2009-11-07 08:04 . 2009-11-07 08:05 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-10-14 15:30 . 2009-10-14 15:30 -------- d-----w- c:\program files\Nová složka (2)
2009-10-14 15:30 . 2009-10-14 15:30 -------- d-----w- c:\program files\Nová složka
2009-10-08 13:57 . 2009-10-08 13:57 -------- d-s---w- c:\documents and settings\user.PC.000\UserData
2009-10-01 14:49 . 2009-11-07 08:04 691696 ----a-w- c:\windows.0\system32\drivers\sptd.sys
2009-10-01 13:12 . 2009-10-01 13:20 256 ----a-w- c:\documents and settings\USERPC~1.bat
2009-10-01 13:07 . 2009-10-01 13:07 -------- d-----w- c:\program files\Download Direct
2009-09-30 17:02 . 2008-04-14 06:51 4255 ------w- c:\windows.0\system32\drivers\adv01nt5.dll
2009-09-30 17:01 . 2008-04-14 06:51 15423 ------w- c:\windows.0\system32\drivers\ch7xxnt5.dll
2009-09-10 13:34 . 2009-09-10 13:34 34048 ----a-w- c:\windows.0\system32\eEmpty.exe
2009-09-10 13:21 . 2008-10-31 05:09 270888 ----a-r- c:\windows.0\system32\drivers\SbFw.sys
2009-09-10 13:21 . 2008-06-21 02:54 65576 ----a-w- c:\windows.0\system32\drivers\SbFwIm.sys
2009-09-08 22:29 . 2009-09-08 22:44 -------- d-----w- c:\documents and settings\user.PC.000\DoctorWeb
2009-09-06 14:12 . 2009-09-07 13:44 -------- d-----w- c:\documents and settings\user.PC.000\Tracing
2009-09-06 14:08 . 2009-09-06 14:08 -------- d-----w- c:\program files\Microsoft
2009-09-06 14:08 . 2009-09-06 14:08 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-09-06 14:08 . 2009-09-06 14:08 -------- d-----w- c:\program files\Windows Live
2009-09-06 14:05 . 2009-09-06 14:05 -------- d-----w- c:\program files\Common Files\Windows Live
2009-09-03 11:17 . 2009-09-03 11:17 -------- d-----w- c:\documents and settings\user.PC.000\Games
2009-09-03 11:15 . 2009-09-03 11:15 22328 ----a-w- c:\windows.0\system32\drivers\PnkBstrK.sys
2009-09-03 11:15 . 2009-09-03 11:15 103736 ----a-w- c:\windows.0\system32\PnkBstrB.exe
2009-09-03 11:15 . 2009-09-03 11:15 66872 ----a-w- c:\windows.0\system32\PnkBstrA.exe
2009-09-02 17:15 . 2009-09-02 17:16 -------- d-----w- c:\program files\Yahoo!
2009-08-26 10:55 . 2009-08-26 10:56 -------- d-----w- c:\program files\SystemRequirementsLab
2009-08-23 12:31 . 2009-08-23 12:31 -------- d-----w- c:\program files\YouTube Downloader
2009-08-20 09:54 . 2009-10-10 12:40 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-08-18 14:53 . 2009-08-18 15:00 -------- d-----w- c:\windows.0\system32\drivers\UMDF
2009-08-05 18:52 . 2009-08-05 18:52 0 ----a-w- C:\backup.reg
2009-08-05 16:03 . 2009-08-05 16:03 -------- d-----w- c:\program files\Sunbelt Software
2009-08-05 13:38 . 2009-08-05 13:38 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment.temp
2009-08-02 08:39 . 2009-09-10 13:11 -------- d-----w- c:\program files\Kerio
2009-08-02 08:20 . 2009-08-02 08:20 -------- d-----w- c:\program files\CCleaner
2009-07-31 19:53 . 2009-08-03 11:36 38160 ----a-w- c:\windows.0\system32\drivers\mbamswissarmy.sys
2009-07-31 19:53 . 2009-09-06 16:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-31 19:53 . 2009-08-03 11:36 19096 ----a-w- c:\windows.0\system32\drivers\mbam.sys
2009-07-26 14:44 . 2009-07-26 14:44 48448 ----a-w- c:\windows.0\system32\sirenacm.dll
2009-07-25 19:51 . 2009-08-26 10:55 -------- d-----w- c:\documents and settings\user.PC.000\SystemRequirementsLab
2009-07-23 05:41 . 2009-07-23 09:59 -------- d-----w- c:\program files\CD-Cover Editor
2009-07-18 03:46 . 2004-08-17 13:49 221184 ----a-w- c:\windows.0\system32\wmpns.dll
2009-07-17 15:59 . 2009-07-17 15:59 -------- d-----w- c:\program files\APE To MP3 Plus
2009-06-22 14:04 . 2009-06-22 14:05 -------- d-----w- c:\program files\Steinberg
2009-06-21 17:16 . 2009-07-01 18:44 -------- d-----w- c:\program files\WAV to MP3 Encoder
2009-06-21 08:41 . 2007-12-26 15:30 679936 ----a-w- c:\windows.0\system32\D3DX81ab.dll
2009-06-21 08:41 . 2007-12-26 15:30 1970176 ----a-w- c:\windows.0\system32\d3dx9.dll
2009-06-19 19:44 . 2009-06-19 19:44 -------- d-----w- c:\program files\AudioRetoucher
2009-06-14 11:23 . 2009-06-14 11:23 253952 ------w- c:\windows.0\Setup1.exe
2009-06-14 11:23 . 2009-06-14 11:23 73728 ----a-w- c:\windows.0\ST6UNST.EXE
2009-06-09 18:49 . 2009-06-09 18:49 -------- d-----w- c:\program files\Yamicsoft
2009-06-08 17:07 . 2009-06-08 17:07 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.000\Plocha
2009-06-07 12:04 . 2009-09-05 07:07 -------- d-----w- c:\program files\Lavasoft
2009-05-31 11:45 . 2009-05-31 11:45 0 ----a-w- c:\windows.0\PowerReg.dat
2009-05-25 18:04 . 2009-05-25 18:04 -------- d--h--w- c:\windows.0\PIF
2009-05-20 18:08 . 2009-08-17 16:04 51376 ----a-w- c:\windows.0\system32\drivers\aswTdi.sys
2009-05-20 18:08 . 2009-08-17 16:04 23152 ----a-w- c:\windows.0\system32\drivers\aswRdr.sys
2009-05-20 18:08 . 2009-08-17 16:03 26944 ----a-w- c:\windows.0\system32\drivers\aavmker4.sys
2009-05-20 18:08 . 2009-08-17 16:06 93392 ----a-w- c:\windows.0\system32\drivers\aswmon.sys
2009-05-20 18:08 . 2009-08-17 16:06 94160 ----a-w- c:\windows.0\system32\drivers\aswmon2.sys
2009-05-20 18:08 . 2009-08-17 16:05 114768 ----a-w- c:\windows.0\system32\drivers\aswSP.sys
2009-05-20 18:08 . 2009-08-17 16:05 20560 ----a-w- c:\windows.0\system32\drivers\aswFsBlk.sys
2009-05-20 18:08 . 2009-08-17 16:02 97480 ----a-w- c:\windows.0\system32\AvastSS.scr
2009-05-20 18:08 . 2009-08-17 16:10 1279456 ----a-w- c:\windows.0\system32\aswBoot.exe
2009-05-20 18:08 . 2009-05-20 18:08 -------- d-----w- c:\program files\Alwil Software
2009-05-19 15:06 . 2009-05-19 15:18 -------- d-----w- c:\program files\QIP
2009-05-18 12:34 . 2004-08-18 08:34 442368 ----a-r- c:\windows.0\system32\vp6vfw.dll
2009-05-15 14:59 . 2009-05-15 15:11 -------- d-----w- c:\program files\Last.fm
2009-05-14 12:59 . 2009-05-21 16:41 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-05-13 18:44 . 2009-05-13 18:44 -------- d-----w- c:\windows.0\Sun
2009-05-12 15:22 . 2009-10-11 03:17 411368 ----a-w- c:\windows.0\system32\deploytk.dll
2009-04-28 13:49 . 2009-04-28 13:49 -------- d-----w- c:\program files\MSSOAP
2009-04-28 12:31 . 2005-01-10 12:25 -------- d-----w- c:\program files\Trend Micro
2009-04-15 11:26 . 2009-04-15 11:26 -------- d-----w- c:\program files\Common Files\Macromedia
2009-04-15 11:24 . 2009-04-15 11:24 -------- d-----w- c:\windows.0\Downloaded Installations
2009-04-08 14:12 . 2009-07-06 19:03 -------- d-----w- c:\program files\QuickTime
2009-04-08 14:12 . 2009-08-17 08:34 -------- d-----w- c:\program files\Apple Software Update
2009-04-08 14:10 . 2005-04-27 14:36 245408 ----a-w- c:\windows.0\system32\unicows.dll
2009-04-08 14:10 . 2005-02-23 12:58 11776 ----a-w- c:\windows.0\system32\drivers\afc.sys
2009-04-08 14:10 . 2009-04-08 14:11 -------- d-----w- c:\program files\Common Files\ArcSoft
2009-04-08 14:10 . 2007-02-13 09:22 126976 ----a-w- c:\windows.0\system32\MediaImpression Slideshow.scr
2009-04-08 14:10 . 2009-04-08 14:10 -------- d-----w- c:\windows.0\system32\MediaImpression Slideshow
2009-04-04 19:11 . 2006-04-13 09:30 1073152 ----a-w- c:\windows.0\system32\libmysql_c.dll
2009-04-03 18:42 . 2009-09-30 17:08 -------- d-----w- c:\windows.0\system32\cs-CZ
2009-04-03 18:40 . 2009-04-03 18:40 -------- d-----w- c:\windows.0\system32\XPSViewer
2009-04-03 18:40 . 2007-03-22 18:24 28160 ----a-w- c:\windows.0\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-04-03 18:40 . 2006-06-29 11:07 14048 ----a-w- c:\windows.0\system32\spmsg2.dll
2009-04-02 15:40 . 2009-04-02 15:40 -------- d-sh--w- c:\windows.0\ftpcache
2009-04-02 14:51 . 2009-09-23 08:41 26176 ---ha-w- c:\windows.0\system32\drivers\hamachi.sys
2009-03-25 18:55 . 2009-03-25 18:55 -------- d-----w- c:\program files\Bonjour
2009-03-23 09:25 . 2009-03-23 09:25 29696 ----a-w- c:\windows.0\system32\drivers\kvnet.sys
2009-03-15 06:31 . 2009-03-15 06:31 -------- d-----w- c:\program files\Guitar Pro 5
2009-03-08 20:49 . 2009-03-08 20:49 47360 ----a-w- c:\windows.0\system32\drivers\pcouffin.sys
2009-03-08 11:05 . 2009-03-18 20:43 -------- d-----w- c:\program files\ElcomSoft
2009-03-08 11:01 . 2009-03-08 11:01 -------- d-----w- c:\program files\Intelore
2009-03-05 19:41 . 2009-09-03 11:15 -------- d-----w- c:\windows.0\system32\LogFiles
2009-03-01 08:55 . 2009-03-01 08:55 -------- d-----w- c:\windows.0\system32\URTTemp
2009-03-01 08:54 . 2004-12-14 18:04 16496 ----a-r- c:\windows.0\system32\drivers\HPZipr12.sys
2009-03-01 08:54 . 2004-12-14 18:04 51120 ----a-r- c:\windows.0\system32\drivers\HPZid412.sys
2009-03-01 08:54 . 2004-12-14 18:04 21744 ----a-r- c:\windows.0\system32\drivers\HPZius12.sys
2009-03-01 08:53 . 2004-09-29 11:15 204800 ----a-w- c:\windows.0\system32\HPZipr12.dll
2009-03-01 08:53 . 2004-09-29 11:14 69632 ----a-w- c:\windows.0\system32\HPZipm12.exe
2009-03-01 08:53 . 2004-09-29 11:12 278584 ----a-w- c:\windows.0\system32\HPZidr12.dll
2009-03-01 08:53 . 2004-09-29 11:09 57344 ----a-w- c:\windows.0\system32\HPZisn12.dll
2009-03-01 08:53 . 2004-09-29 11:09 94208 ----a-w- c:\windows.0\system32\HPZipt12.dll
2009-03-01 08:53 . 2004-09-29 11:08 61440 ----a-w- c:\windows.0\system32\HPZinw12.exe
2009-03-01 08:50 . 2009-03-01 09:01 69175 ----a-w- c:\windows.0\hpoins05.dat
2009-03-01 08:50 . 2004-12-14 18:04 19696 ------w- c:\windows.0\hpomdl05.dat
2009-02-27 20:56 . 2009-02-27 20:56 -------- d-----w- c:\documents and settings\All Users.WINDOWS.0\SonicStage
2009-02-27 20:53 . 2001-09-13 01:15 90112 ------w- c:\windows.0\snymsico.dll
2009-02-27 20:53 . 2005-10-31 09:46 36679 ------w- c:\windows.0\system32\drivers\NETMD052.sys
2009-02-27 20:53 . 2003-11-10 11:31 36232 ------w- c:\windows.0\system32\drivers\NETMD033.sys
2009-02-27 20:53 . 2003-04-01 17:55 35319 ------w- c:\windows.0\system32\drivers\NETMD031.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-07 18:55 . 2005-08-08 08:34 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-16 09:30 . 2005-08-09 05:14 -------- d-----w- c:\program files\Ahead
2009-11-16 09:30 . 2005-08-09 05:14 -------- d-----w- c:\program files\Common Files\Ahead
2009-11-04 17:14 . 2008-01-06 11:15 -------- d-----w- c:\program files\Java
2009-11-04 17:14 . 2001-10-25 11:00 441542 ----a-w- c:\windows.0\system32\perfh005.dat
2009-11-04 17:14 . 2001-10-25 11:00 84026 ----a-w- c:\windows.0\system32\perfc005.dat
2009-09-30 17:10 . 2009-02-18 09:35 86339 ----a-w- c:\windows.0\pchealth\helpctr\OfflineCache\index.dat
2009-09-30 17:10 . 2009-02-18 09:35 2764 ----a-w- c:\windows.0\pchealth\helpctr\PackageStore\SkuStore.bin
2009-09-29 18:02 . 2008-01-14 12:57 -------- d-----w- c:\program files\Google
2009-09-10 13:19 . 2009-08-02 08:40 14194 ----a-w- c:\windows.0\system32\drivers\kwflower.log
2009-09-10 13:19 . 2009-08-02 08:40 11348 ----a-w- c:\windows.0\system32\drivers\kwfupper.log
2009-09-03 12:23 . 2008-01-25 14:00 -------- d-----w- c:\program files\BitTorrent
2009-08-02 08:23 . 2008-01-25 14:00 -------- d-----w- c:\program files\DNA
2009-06-04 16:47 . 2005-08-08 11:48 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-27 10:59 . 2008-10-14 15:57 -------- d-----w- c:\program files\MagicISO
2009-05-21 16:38 . 2005-01-01 00:09 -------- d-----w- c:\program files\VideoLAN
2009-03-08 20:39 . 2005-08-08 13:17 -------- d-----w- c:\program files\ffdshow
2009-02-24 18:05 . 2008-11-29 16:29 -------- d-----w- c:\program files\Common Files\Skype
2009-02-24 18:05 . 2008-01-25 15:17 -------- d-----r- c:\program files\Skype
2009-02-19 16:36 . 2008-04-08 13:59 -------- d-----w- c:\program files\SNLBar
2009-02-19 09:16 . 2008-09-30 21:04 -------- d-----w- c:\program files\Free Offers from Freeze.com
2009-02-19 08:47 . 2009-02-18 09:35 8972 ----a-w- c:\windows.0\pchealth\helpctr\Config\Cntstore.bin
2009-02-18 12:46 . 2005-08-08 11:23 -------- d-----w- c:\program files\Winamp
2009-02-18 10:01 . 2009-02-18 10:01 315392 ----a-w- c:\windows.0\HideWin.exe
2009-02-18 10:01 . 2005-08-08 08:34 -------- d-----w- c:\program files\Intel
2009-02-18 09:33 . 2009-02-18 09:33 21812 ----a-w- c:\windows.0\system32\emptyregdb.dat
2009-02-17 16:20 . 2009-02-17 16:20 -------- d-----w- c:\program files\Realtek
2009-02-17 16:10 . 2009-02-17 16:10 -------- d-----w- c:\program files\MSXML 4.0
2009-02-17 12:13 . 2009-02-17 12:13 -------- d-----w- c:\program files\Webteh
2009-02-01 12:44 . 2009-02-01 12:44 -------- d-----w- c:\program files\Exec
2009-01-09 15:06 . 2008-09-19 13:11 -------- d-----w- c:\program files\All Sound Recorder XP
2009-01-05 20:47 . 2008-03-05 11:05 -------- d-----w- c:\program files\Game Cam V2
2008-12-13 15:48 . 2008-12-13 15:48 -------- d-----w- c:\program files\AC3Filter
2008-12-08 13:09 . 2008-11-12 20:23 -------- d-----w- c:\program files\Gtalk Shell
2008-12-06 10:15 . 2008-12-06 10:06 -------- d-----w- c:\program files\NCH Swift Sound
2008-11-12 18:35 . 2008-11-12 18:35 -------- d-----w- c:\program files\Megaupload
2008-11-07 21:00 . 2008-11-07 21:00 -------- d-----w- c:\program files\Common Files\Game Updater
2008-11-07 20:52 . 2008-11-07 20:52 -------- d-----w- c:\program files\Reference Assemblies
2008-11-07 20:44 . 2008-11-07 20:44 -------- d-----w- c:\program files\MSXML 6.0
2008-10-16 13:13 . 2009-02-18 09:34 202776 ----a-w- c:\windows.0\system32\wuweb.dll
2008-10-16 13:13 . 2009-02-18 09:34 1809944 ----a-w- c:\windows.0\system32\wuaueng.dll
2008-10-16 13:12 . 2009-02-18 09:34 323608 ----a-w- c:\windows.0\system32\wucltui.dll
2008-10-16 13:12 . 2009-02-18 09:34 561688 ----a-w- c:\windows.0\system32\wuapi.dll
2008-10-16 13:09 . 2009-02-18 09:34 51224 ------w- c:\windows.0\system32\wuauclt.exe
2008-10-16 13:09 . 2008-10-16 13:09 43544 ----a-w- c:\windows.0\system32\wups2.dll
2008-10-16 13:09 . 2004-08-17 13:49 92696 ----a-w- c:\windows.0\system32\cdm.dll
2008-10-16 13:08 . 2009-02-18 09:34 34328 ----a-w- c:\windows.0\system32\wups.dll
2008-10-04 15:13 . 2008-10-04 11:46 -------- d-----w- c:\program files\MediaCoder
2008-10-04 11:35 . 2008-10-04 11:35 -------- d-----w- c:\program files\MKVTOAVI
2008-10-01 11:09 . 2008-09-30 21:21 -------- d-----w- c:\program files\Common Files\Pointstone
2008-09-30 21:24 . 2008-09-30 21:21 -------- d-----w- c:\program files\Pointstone
2008-09-30 21:00 . 2008-09-30 21:00 -------- d-----w- c:\program files\GRETECH
2008-09-24 20:33 . 2005-11-30 11:49 484352 ----a-w- c:\windows.0\system32\lame_enc.dll
2008-08-08 06:04 . 2009-02-18 10:08 545 ----a-w- c:\windows.0\UC.PIF
2008-08-08 06:04 . 2009-02-18 10:08 545 ----a-w- c:\windows.0\RAR.PIF
2008-08-08 06:04 . 2009-02-18 10:08 545 ----a-w- c:\windows.0\PKZIP.PIF
2008-08-08 06:04 . 2009-02-18 10:08 545 ----a-w- c:\windows.0\PKUNZIP.PIF
2008-08-08 06:04 . 2009-02-18 10:08 545 ----a-w- c:\windows.0\NOCLOSE.PIF
2008-08-08 06:04 . 2009-02-18 10:08 545 ----a-w- c:\windows.0\LHA.PIF
2008-08-08 06:04 . 2009-02-18 10:08 545 ----a-w- c:\windows.0\ARJ.PIF
2008-08-06 10:35 . 2008-08-06 10:35 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2008-07-28 15:50 . 2008-07-28 15:50 -------- d-----w- c:\program files\PowerISO
2008-06-28 06:06 . 2008-06-28 06:05 -------- d-----w- c:\program files\WinAVI Video Converter
2008-06-25 12:43 . 2008-06-25 12:43 -------- d-----w- c:\program files\Speed Gear 5
2008-06-21 02:54 . 2008-06-21 02:54 66600 ----a-r- c:\windows.0\system32\drivers\sbhips.sys
2008-05-27 11:39 . 2007-10-07 16:49 -------- d--h--w- c:\program files\FX Uninstall Information
2008-05-27 11:32 . 2007-03-03 11:07 -------- d-----w- c:\program files\Common Files\LogoManager
2008-04-27 13:17 . 2008-04-24 17:12 -------- d-----w- c:\program files\Game Cam
2008-04-24 17:42 . 2008-04-24 17:42 -------- d-----w- c:\program files\Microsoft Silverlight
2008-04-24 16:56 . 2008-04-24 16:56 -------- d-----w- c:\program files\Media
2008-04-14 07:52 . 2005-01-04 13:43 54272 ----a-w- c:\windows.0\system32\vfwwdm32.dll
2008-04-14 07:16 . 2004-08-17 13:58 1804 ----a-w- c:\windows.0\system32\dcache.bin
2008-04-14 06:57 . 2004-08-17 13:51 331776 ----a-w- c:\windows.0\system32\netsetup.exe
2008-04-14 06:52 . 2004-08-17 13:49 9216 ----a-w- c:\windows.0\system32\scrnsave.scr
2008-04-14 06:51 . 2004-08-17 13:49 75264 ----a-w- c:\windows.0\system32\spoolss.dll
2008-04-14 06:50 . 2004-08-17 13:48 5632 ----a-w- c:\windows.0\system32\wmi.dll
2008-04-14 06:50 . 2004-08-17 13:48 1442816 ----a-w- c:\windows.0\system32\winntbbu.dll
2008-04-14 06:49 . 2004-08-17 13:48 102912 ----a-w- c:\windows.0\system32\dpcdll.dll
2008-04-14 06:49 . 2004-08-17 13:48 57375 ----a-w- c:\windows.0\system32\odbcji32.dll
2008-04-14 06:46 . 2004-08-17 13:48 3584 ----a-w- c:\windows.0\system32\icmp.dll
2008-04-14 06:44 . 2004-08-17 13:48 9344 ----a-w- c:\windows.0\system32\framebuf.dll
2008-04-14 06:41 . 2004-08-17 13:48 24064 ----a-w- c:\windows.0\system32\pidgen.dll
2008-04-14 06:41 . 2004-08-17 13:48 3072 ----a-w- c:\windows.0\system32\dpnlobby.dll
2008-04-14 06:41 . 2004-08-17 13:48 3072 ----a-w- c:\windows.0\system32\dpnaddr.dll
2008-04-14 06:38 . 2009-02-18 09:32 539648 ----a-w- c:\windows.0\system32\comuid.dll
2008-04-14 06:38 . 2004-08-17 13:48 16896 ----a-w- c:\windows.0\system32\cfgmgr32.dll
2008-04-14 06:37 . 2004-08-17 13:48 285696 ----a-w- c:\windows.0\system32\atmfd.dll
2008-04-14 06:11 . 2009-02-18 09:34 73344 ----a-w- c:\windows.0\system32\drivers\sr.sys
2008-04-14 06:10 . 2004-08-17 13:43 120064 ----a-w- c:\windows.0\system32\drivers\pcmcia.sys
2008-04-14 06:10 . 2004-08-17 13:43 68736 ----a-w- c:\windows.0\system32\drivers\pci.sys
2008-04-14 06:10 . 2004-08-17 15:43 80000 ----a-w- c:\windows.0\system32\drivers\parport.sys
2008-04-14 06:10 . 2004-08-17 15:43 46592 ----a-w- c:\windows.0\system32\drivers\p3.sys
2008-04-14 06:06 . 2004-08-17 15:45 2025984 ------w- c:\windows.0\system32\ntkrnlpa.exe
2008-04-14 06:06 . 2004-08-17 13:45 2147328 ------w- c:\windows.0\system32\ntoskrnl.exe
2008-04-14 06:03 . 2004-08-17 13:48 4096 ----a-w- c:\windows.0\system32\dsprpres.dll
2008-04-14 06:01 . 2004-08-17 13:45 153856 ----a-w- c:\windows.0\system32\drivers\dmio.sys
2008-04-14 06:00 . 2007-05-08 15:08 80896 ----a-w- c:\windows.0\system32\msxml6r.dll
2008-04-14 06:00 . 2004-08-17 13:45 800000 ----a-w- c:\windows.0\system32\drivers\dmboot.sys
2008-04-14 05:59 . 2004-08-17 13:45 24576 ------w- c:\windows.0\system32\drivers\kbdclass.sys
2008-04-14 05:58 . 2009-09-30 17:08 78848 ------w- c:\windows.0\system32\msshavmsg.dll
2009-10-05 17:34 . 2009-11-23 18:06 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\user.PC.000\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2009-07-01 133104]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-26 4351216]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows.0\system32\igfxtray.exe" [2008-03-18 135168]
"HotKeysCmds"="c:\windows.0\system32\hkcmd.exe" [2008-03-18 159744]
"Persistence"="c:\windows.0\system32\igfxpers.exe" [2008-03-18 131072]
"RTHDCPL"="RTHDCPL.EXE" [2008-03-18 16859648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 49152]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"mspaint"="c:\windows.0\system32\Paint.exe" [2009-11-30 94209]
"NeroFilterCheck"="c:\windows.0\system32\NeroCheck.exe" [2001-07-09 155648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows.0\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2008-04-14 100352]

c:\documents and settings\user.PC.000\Nabˇdka Start\Programy\Po spuçtŘnˇ\
PowerReg Scheduler V3.exe [2009-5-31 225280]

c:\documents and settings\All Users.WINDOWS.0\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-6-4 113664]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-4 258048]
Rychl‚ spuçtŘnˇ aplikace HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-4 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Documents and Settings\\user.PC.000\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\user.PC.000\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\WINDOWS.0\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS.0\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Garena\\Garena.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"11286:TCP"= 11286:TCP:BitComet 11286 TCP
"11286:UDP"= 11286:UDP:BitComet 11286 UDP

R0 sptd;sptd;c:\windows.0\system32\drivers\sptd.sys [1.10.2009 15:49 691696]
R1 aswSP;avast! Self Protection;c:\windows.0\system32\drivers\aswSP.sys [20.5.2009 19:08 114768]
R1 SbFw;SbFw;c:\windows.0\system32\drivers\SbFw.sys [10.9.2009 14:21 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows.0\system32\drivers\sbhips.sys [21.6.2008 3:54 66600]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [16.12.2009 17:38 375296]
R2 aswFsBlk;aswFsBlk;c:\windows.0\system32\drivers\aswFsBlk.sys [20.5.2009 19:08 20560]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29.10.2009 12:27 1074568]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 6:24 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 6:24 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows.0\system32\drivers\SbFwIm.sys [10.9.2009 14:21 65576]
S0 Lbd;Lbd;c:\windows.0\system32\DRIVERS\Lbd.sys --> c:\windows.0\system32\DRIVERS\Lbd.sys [?]
S0 ntcdrdrv;ntcdrdrv;c:\windows.0\system32\DRIVERS\ntcdrdrv.sys --> c:\windows.0\system32\DRIVERS\ntcdrdrv.sys [?]
S2 gupdate1c9e796d1819b54;Google Update Service (gupdate1c9e796d1819b54);c:\program files\Google\Update\GoogleUpdate.exe [7.6.2009 18:38 133104]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\USERPC~1.000\LOCALS~1\Temp\GCWA3.tmp --> c:\docume~1\USERPC~1.000\LOCALS~1\Temp\GCWA3.tmp [?]
S3 kvnet;Kerio Virtual Network Adapter;c:\windows.0\system32\drivers\kvnet.sys [23.3.2009 10:25 29696]
S3 kwflower;Kerio WinRoute Firewall Driver - Lower Layer;c:\windows.0\system32\DRIVERS\kwflower.sys --> c:\windows.0\system32\DRIVERS\kwflower.sys [?]
.
Obsah adresáře 'Naplánované úlohy'

2009-12-21 c:\windows.0\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 11:42]

2005-01-10 c:\windows.0\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-07 17:38]

2009-12-24 c:\windows.0\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-07 17:38]
.
.
------- Doplňkový sken -------
.
uStart Page = start.qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\user.PC.000\Data aplikací\Mozilla\Firefox\Profiles\umh3xzeo.default\
FF - prefs.js: browser.search.selectedEngine - QIP Search
FF - prefs.js: browser.startup.homepage - hxxp://google.sk
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - component: c:\program files\Mozilla Firefox\components\qippipe.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
HKCU-Run-DLD.EXE - c:\program files\Download Direct\DLD.exe
HKCU-Run-NCsoft Launcher - c:\program files\NCSoft\Launcher\NCLauncher.exe
HKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe
HKCU-Explorer_Run-sysinit - c:\windows.0\sysinit.exe
MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe
AddRemove-GarenaHack v3.3R2 Final - c:\program files\Garena\Uninstal.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2005-01-10 13:44
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spap.sys >>UNKNOWN [0x8A55A938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba0ecf28
\Driver\ACPI -> ACPI.sys @ 0xb9e74cb8
\Driver\atapi -> atapi.sys @ 0xb9e09b40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Intel(R) PRO/100 VE Network Connection -> SendCompleteHandler -> NDIS.sys @ 0xb9cffbb0
PacketIndicateHandler -> NDIS.sys @ 0xb9d0ca21
SendHandler -> NDIS.sys @ 0xb9cea87b
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\USERPC~1.000\LOCALS~1\Temp\GCWA3.tmp"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3776)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows.0\system32\WPDShServiceObj.dll
c:\windows.0\system32\PortableDeviceTypes.dll
c:\windows.0\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows.0\system32\igfxsrvc.exe
c:\windows.0\RTHDCPL.EXE
c:\windows.0\system32\PnkBstrA.exe
c:\windows.0\system32\PnkBstrB.exe
c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
c:\windows.0\system32\wbem\wmiapsrv.exe
c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
c:\windows.0\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2005-01-10 13:52:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2005-01-10 12:52

Před spuštěním: 528 162 816
Po spuštění: 653 848 576

- - End Of File - - E935BBC7820542B73ADB4B2C7D6E420A
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118265
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivku:

#2 Příspěvek od Rudy »

Odinstalujte Garenu. Jinak log vypadá čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ddankoo
Návštěvník
Návštěvník
Příspěvky: 48
Registrován: 04 čer 2009 18:03
Bydliště: Prešov

Re: Prosím o preventivku:

#3 Příspěvek od ddankoo »

Hmm ako uz ju nemam používať?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118265
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivku:

#4 Příspěvek od Rudy »

Ne. Je to šmejd: http://www.prevx.com/filenames/23540647 ... A.EXE.html .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ddankoo
Návštěvník
Návštěvník
Příspěvky: 48
Registrován: 04 čer 2009 18:03
Bydliště: Prešov

Re: Prosím o preventivku:

#5 Příspěvek od ddankoo »

OK. diki
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118265
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivku:

#6 Příspěvek od Rudy »

Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“