Logfile of random's system information tool 1.09 (written by random/random)
Run by Vladimir at 2011-07-25 09:47:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 49 GB (20%) free of 238 GB
Total RAM: 2046 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:47:35, on 25.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Vladimir\Plocha\RSIT.exe
C:\Programme\HijackThis\Vladimir.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\prxtbZon0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ZoneAlarm Security - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\prxtbZon0.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\prxtbZon0.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-21-1482476501-1659004503-682003330-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1482476501-1659004503-682003330-1007\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-be ... canner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B8B4E99-B7E5-4663-B7AF-3FCB7CFB0911}: NameServer = 194.213.32.237,212.111.0.10
O17 - HKLM\System\CS3\Services\Tcpip\..\{0B8B4E99-B7E5-4663-B7AF-3FCB7CFB0911}: NameServer = 194.213.32.237,212.111.0.10
O17 - HKLM\System\CS4\Services\Tcpip\..\{0B8B4E99-B7E5-4663-B7AF-3FCB7CFB0911}: NameServer = 194.213.32.237,212.111.0.10
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CiSvc - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: KMService - Unknown owner - C:\WINDOWS\system32\srvany.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Ashampoo LiveTuner Service (WO_LiveService) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe
--
End of file - 11023 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{E971AEB6-561A-405C-974F-50BFDA715B5A}.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Vladimir\Data aplikací\Mozilla\Firefox\Profiles\p10zvmk3.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, jqs@sun.com:1.0, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2010.25.36, restart@restart.org:0.4, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48, jid0-2rURdEv0oBelly8OSpHSRMwx9OI@jetpack:1.0, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178, personas@christopher.beard:1.6.2, avg@igeared:6.011.025.001, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.avg.com/route/?d=4deb2215 ... &lng=cs&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi]
"Description"=ZoneAlarm Toolbar Api
"Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
jid0-2rURdEv0oBelly8OSpHSRMwx9OI@jetpack
quickstores@quickstores.de
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Vladimir\Data aplikací\Mozilla\Firefox\Profiles\p10zvmk3.default\extensions\
personas@christopher.beard
{1018e4d6-728f-4b20-ad56-37578a4de76b}
{20a82645-c095-46ed-80e3-08825760534b}
{91da5e8a-3318-4f8c-b67e-5964de3ab546}
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Documents and Settings\Vladimir\Data aplikací\Mozilla\Firefox\Profiles\p10zvmk3.default\searchplugins\
icq-search.xml
icqplugin.xml
mycroft-project.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-04-25 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2011-02-12 4220304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-02-15 599544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
ZoneAlarm Security Toolbar - C:\Program Files\ZoneAlarm_Security\prxtbZon0.dll [2011-03-28 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-08 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-06-08 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2011-04-25 798771]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]
{91da5e8a-3318-4f8c-b67e-5964de3ab546} - ZoneAlarm Security Toolbar - C:\Program Files\ZoneAlarm_Security\prxtbZon0.dll [2011-03-28 176936]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-02-15 599544]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2000-01-01 19580520]
"amd_dc_opt"=C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe [2006-06-28 106496]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2011-03-18 1043968]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2011-02-15 738808]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-05-25 13895272]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2011-05-05 1632360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2009-08-08 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2011-02-12 4220304]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"ShutdownWithoutLogon"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoInstrumentation"=0
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoResolveSearch"=1
"NoPopUpsOnBoot"=1
"NoResolveTrack"=1
"NoFileAssociate"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe"="C:\Program Files\Empire Interactive\FlatOut Ultimate Carnage\Fouc.exe:*:Enabled:FlatOut Ultimate Carnage"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Program Files\Ubisoft\Related Designs\ANNO 1404\Anno4.exe"="C:\Program Files\Ubisoft\Related Designs\ANNO 1404\Anno4.exe:*:Enabled:ANNO 1404"
"C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe"="C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Anno4Web.exe:*:Enabled:Web ANNO 1404"
"C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Benchmark.exe"="C:\Program Files\Ubisoft\Related Designs\ANNO 1404\tools\Benchmark.exe:*:Enabled:Anno 1404 Setup Benchmark"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Codemasters\F1 2010\F1_2010_game.exe"="C:\Program Files\Codemasters\F1 2010\F1_2010_game.exe:*:Enabled:F1 2010"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe"="C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe:*:Enabled:Assassin's Creed Brotherhood"
"C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe"="C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe:*:Enabled:Assassin's Creed Brotherhood Multiplayer"
"C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe"="C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe:*:Enabled:Assassin's Creed Brotherhood Update"
"C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe"="C:\Program Files\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe:*:Enabled:Assassin's Creed Brotherhood Uplay"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.l3codec"=l3codecp.acm
"msacm.divxa32"=msaud32_divx.acm
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.ACDV"=ACDV.dll
======List of files/folders created in the last 1 month======
2011-07-25 09:47:18 ----D---- C:\rsit
2011-07-25 09:31:18 ----SHD---- C:\RECYCLER
2011-07-25 09:01:21 ----A---- C:\ComboFix.txt
2011-07-24 13:49:14 ----A---- C:\WINDOWS\zip.exe
2011-07-24 13:49:14 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-07-24 13:49:14 ----A---- C:\WINDOWS\SWSC.exe
2011-07-24 13:49:14 ----A---- C:\WINDOWS\SWREG.exe
2011-07-24 13:49:14 ----A---- C:\WINDOWS\sed.exe
2011-07-24 13:49:14 ----A---- C:\WINDOWS\PEV.exe
2011-07-24 13:49:14 ----A---- C:\WINDOWS\NIRCMD.exe
2011-07-24 13:49:14 ----A---- C:\WINDOWS\MBR.exe
2011-07-24 13:49:14 ----A---- C:\WINDOWS\grep.exe
2011-07-24 13:48:58 ----D---- C:\WINDOWS\ERDNT
2011-07-24 13:48:47 ----D---- C:\Qoobox
2011-07-17 13:30:11 ----D---- C:\Documents and Settings\Vladimir\Data aplikací\Malwarebytes
2011-07-17 13:30:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-07-14 09:52:47 ----D---- C:\Documents and Settings\Vladimir\Data aplikací\Day 1 Studios
2011-07-13 07:44:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-13 07:39:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-13 07:33:41 ----A---- C:\Documents and Settings\Vladimir\Data aplikací\SMRResults200.dat
2011-07-10 08:30:46 ----D---- C:\Program Files\FileHippo.com
2011-07-07 23:43:15 ----D---- C:\Documents and Settings\Vladimir\Data aplikací\Windows Search
2011-07-05 11:29:25 ----A---- C:\WINDOWS\system32\oeminfo.ini
2011-07-04 21:12:53 ----A---- C:\WINDOWS\system32\DfSdkBt.exe
2011-07-03 22:23:47 ----D---- C:\Program Files\Origin Games
2011-07-03 22:23:34 ----D---- C:\Program Files\Origin
2011-07-03 22:04:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Solidshield
2011-07-03 09:35:34 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$
2011-07-02 16:46:46 ----D---- C:\Documents and Settings\Vladimir\Data aplikací\SUPERAntiSpyware.com
2011-07-02 16:46:37 ----D---- C:\Program Files\SUPERAntiSpyware
2011-07-02 16:22:24 ----D---- C:\Program Files\Defraggler
2011-07-01 11:51:18 ----D---- C:\Documents and Settings\Vladimir\Data aplikací\CheckPoint
2011-07-01 11:50:35 ----D---- C:\Program Files\ZoneAlarm_Security
2011-07-01 11:49:36 ----D---- C:\Program Files\CheckPoint
2011-07-01 11:49:35 ----AH---- C:\WINDOWS\system32\zllictbl.dat
2011-07-01 11:49:33 ----A---- C:\WINDOWS\system32\vsregexp.dll
2011-07-01 11:49:32 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2011-07-01 11:49:32 ----A---- C:\WINDOWS\system32\zlcomm.dll
2011-07-01 11:49:27 ----A---- C:\WINDOWS\system32\vswmi.dll
2011-07-01 11:49:26 ----N---- C:\WINDOWS\system32\vsxml.dll
2011-07-01 11:49:26 ----D---- C:\WINDOWS\system32\ZoneLabs
2011-07-01 11:49:26 ----A---- C:\WINDOWS\system32\zpeng25.dll
2011-07-01 11:49:26 ----A---- C:\WINDOWS\system32\vspubapi.dll
2011-07-01 11:49:26 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2011-07-01 11:49:24 ----D---- C:\Program Files\Zone Labs
2011-07-01 11:49:24 ----A---- C:\WINDOWS\system32\vsdatant.sys
2011-07-01 11:48:09 ----D---- C:\WINDOWS\Internet Logs
2011-07-01 11:48:08 ----A---- C:\WINDOWS\system32\vsutil.dll
2011-07-01 11:48:08 ----A---- C:\WINDOWS\system32\vsinit.dll
2011-07-01 11:48:08 ----A---- C:\WINDOWS\system32\vsdata.dll
2011-07-01 11:41:36 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-07-01 11:41:36 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-07-01 11:41:33 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-07-01 11:41:33 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-07-01 11:41:32 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-07-01 11:41:31 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-07-01 11:41:31 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-07-01 11:41:31 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-07-01 11:41:21 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-07-01 11:41:21 ----A---- C:\WINDOWS\avastSS.scr
2011-07-01 11:41:14 ----D---- C:\Program Files\AVAST Software
2011-07-01 11:41:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
======List of files/folders modified in the last 1 month======
2011-07-25 09:47:32 ----D---- C:\WINDOWS\Prefetch
2011-07-25 09:34:07 ----D---- C:\WINDOWS\Minidump
2011-07-25 09:34:07 ----D---- C:\WINDOWS
2011-07-25 09:22:18 ----D---- C:\WINDOWS\temp
2011-07-25 09:01:27 ----D---- C:\WINDOWS\system32\drivers
2011-07-25 08:56:21 ----A---- C:\WINDOWS\system.ini
2011-07-25 08:55:14 ----D---- C:\WINDOWS\system32\drivers\etc
2011-07-25 08:55:13 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-25 08:53:45 ----D---- C:\WINDOWS\system32\config
2011-07-25 08:52:18 ----D---- C:\WINDOWS\system32
2011-07-25 08:51:07 ----D---- C:\WINDOWS\system32\dllcache
2011-07-25 08:47:44 ----D---- C:\WINDOWS\AppPatch
2011-07-25 08:47:41 ----RD---- C:\Program Files\Common Files
2011-07-24 08:32:34 ----D---- C:\Documents and Settings\Vladimir\Data aplikací\Vso
2011-07-24 08:06:35 ----RD---- C:\Program Files
2011-07-23 22:04:06 ----SD---- C:\Documents and Settings\Vladimir\Data aplikací\Microsoft
2011-07-23 22:01:20 ----D---- C:\Documents and Settings\Vladimir\Data aplikací\uTorrent
2011-07-23 19:55:02 ----D---- C:\Program Files\uTorrent
2011-07-22 12:29:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2011-07-18 18:19:12 ----D---- C:\Program Files\Warcraft III
2011-07-17 21:46:58 ----D---- C:\Documents and Settings\Vladimir\Data aplikací\Skype
2011-07-17 21:32:52 ----D---- C:\Program Files\Mozilla Firefox
2011-07-17 08:22:09 ----SHD---- C:\System Volume Information
2011-07-17 08:22:09 ----D---- C:\WINDOWS\system32\Restore
2011-07-16 19:06:04 ----D---- C:\Program Files\Steam
2011-07-16 19:06:01 ----D---- C:\WINDOWS\Logs
2011-07-14 09:40:03 ----D---- C:\WINDOWS\system32\DirectX
2011-07-14 09:40:02 ----HD---- C:\WINDOWS\inf
2011-07-14 08:35:35 ----D---- C:\Hry
2011-07-13 09:06:50 ----D---- C:\WINDOWS\Debug
2011-07-13 07:39:31 ----A---- C:\WINDOWS\system32\MRT.exe
2011-07-13 07:37:46 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-12 09:13:12 ----D---- C:\OutputFolder
2011-07-11 08:35:51 ----SHD---- C:\WINDOWS\Installer
2011-07-11 08:35:50 ----D---- C:\Config.Msi
2011-07-10 09:56:36 ----D---- C:\ProgramData
2011-07-10 08:48:33 ----D---- C:\Program Files\Common Files\ACD Systems
2011-07-10 08:18:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-10 08:16:42 ----D---- C:\Program Files\Microsoft Bootvis
2011-07-09 18:30:52 ----D---- C:\WINDOWS\SoftwareDistribution
2011-07-07 23:44:12 ----D---- C:\Documents and Settings\Vladimir\Data aplikací\Adobe
2011-07-05 16:47:42 ----D---- C:\Documents and Settings\Vladimir\Data aplikací\Mozilla
2011-07-04 22:11:57 ----D---- C:\Program Files\Windows Sidebar
2011-07-04 21:12:43 ----D---- C:\Program Files\Ashampoo
2011-07-03 22:41:55 ----D---- C:\Program Files\Electronic Arts
2011-07-03 22:23:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Origin
2011-07-03 22:23:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2011-07-03 21:10:02 ----SD---- C:\WINDOWS\Tasks
2011-07-03 21:00:50 ----D---- C:\Full-size Mouse
2011-07-03 20:37:25 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-07-03 10:37:01 ----D---- C:\WINDOWS\Microsoft.NET
2011-07-03 10:36:22 ----RSD---- C:\WINDOWS\assembly
2011-07-03 10:15:38 ----D---- C:\Program Files\Ultimate Process Manager
2011-07-03 09:34:10 ----D---- C:\WINDOWS\WinSxS
2011-07-03 09:11:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-07-03 09:05:00 ----A---- C:\WINDOWS\win.ini
2011-07-02 17:26:30 ----D---- C:\Program Files\Microsoft
2011-07-02 17:26:24 ----D---- C:\Program Files\Windows Live
2011-07-01 11:35:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2011-07-01 09:53:41 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-07-01 07:52:26 ----RD---- C:\Program Files\Skype
2011-06-28 12:06:56 ----D---- C:\Program Files\CCleaner
2011-06-27 12:12:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BtHidBus;Bluetooth HID Bus Service; C:\WINDOWS\System32\Drivers\BtHidBus.sys [2009-09-24 19592]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-06-25 431672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-07-04 30808]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2009-08-08 36864]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-07-04 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-07-04 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-07-04 309848]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-07-04 43608]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-07-04 19544]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-07-04 102616]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-10-10 281760]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-10-10 25888]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 AmdTools;AMD Special Tools Driver; C:\WINDOWS\system32\DRIVERS\AmdTools.sys [2006-06-27 31744]
R3 catchme;catchme; \??\C:\DOCUME~1\Vladimir\LOCALS~1\Temp\catchme.sys []
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-03-20 218688]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2010-08-21 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2000-01-01 6188648]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-05-25 12753664]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2009-08-08 45824]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2009-08-08 20480]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM; C:\WINDOWS\system32\DRIVERS\nvoclock.sys [2009-09-15 38248]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2011-04-16 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2009-08-22 9856]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 whfltr2k;WheelMouse USB Lower Filter Driver; C:\WINDOWS\system32\DRIVERS\whfltr2k.sys [2000-01-01 6784]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\drivers\BTHidEnum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\system32\drivers\BTHidMgr.sys []
S0 DwProt;DrWeb Protection; C:\WINDOWS\system32\drivers\dwprot.sys []
S0 ybwfjo;ybwfjo; C:\WINDOWS\system32\drivers\ybwfjo.sys []
S1 34463271;34463271; C:\WINDOWS\system32\drivers\34463271.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2000-01-01 1691480]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 avivdukv;avivdukv; C:\WINDOWS\system32\drivers\avivdukv.sys []
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\drivers\BlueletAudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\drivers\BT.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\WINDOWS\system32\drivers\BTCOM.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\WINDOWS\system32\drivers\BTCOMBUS.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\system32\drivers\Btcsrusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 btkrnl;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\drivers\btkrnl.sys []
S3 btnetBUs;Bluetooth PAN Bus Service; C:\WINDOWS\System32\Drivers\btnetBus.sys [2009-09-24 22528]
S3 FStarForce;FStarForce; C:\WINDOWS\system32\drivers\FStarForce.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2009-06-17 25480]
S3 mbr;mbr; \??\C:\DOCUME~1\Vladimir\LOCALS~1\Temp\mbr.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2000-01-01 1395800]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver; C:\WINDOWS\system32\DRIVERS\SE1008mdm.sys [2009-01-13 58536]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2010-06-25 100496]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\drivers\VBoxNetFlt.sys []
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\drivers\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\system32\drivers\VcommMgr.sys []
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-08-08 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 dwshd;dwshd; C:\WINDOWS\system32\drivers\dwshd.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 1336712]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2011-02-15 488952]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2011-05-25 154728]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-04-10 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2011-04-10 107832]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2011-03-18 2435592]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 KMService;KMService; C:\WINDOWS\system32\srvany.exe [2011-03-15 8192]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-03-21 632832]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WO_LiveService;Ashampoo LiveTuner Service; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [2011-07-13 884608]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-06-08 153376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
ComboFix 11-07-24.03 - Vladimir 25.07.2011 8:41.25.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1428 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vladimir\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\searchindexer.exe
c:\windows\system32\drivers\etc\lmhosts . . . . nemohl být smazán
.
Nakažená kopie c:\windows\system32\drivers\ntfs.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\ntfs.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_WSearch
-------\Service_WSearch
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-25 do 2011-07-25 )))))))))))))))))))))))))))))))
.
.
2011-07-17 19:32 . 2011-07-08 07:29 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-07-17 11:30 . 2011-07-17 11:30 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Malwarebytes
2011-07-17 11:30 . 2011-07-17 11:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-07-17 05:56 . 2011-07-17 05:56 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\ALI213
2011-07-14 07:52 . 2011-07-14 07:52 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Day 1 Studios
2011-07-14 07:43 . 2011-07-14 07:52 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\SKIDROW
2011-07-14 07:41 . 2011-07-14 07:41 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\GHISLER
2011-07-11 06:11 . 2011-07-11 06:11 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\uTorrent
2011-07-10 06:30 . 2011-07-10 06:30 -------- d-----w- c:\program files\FileHippo.com
2011-07-09 15:54 . 2011-07-09 15:54 -------- d--h--w- c:\documents and settings\Vladimir\Okolní tiskárny
2011-07-07 21:43 . 2011-07-07 21:43 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Windows Search
2011-07-06 14:02 . 2011-07-06 14:02 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\ZoneAlarm_Security
2011-07-04 19:12 . 2009-08-24 20:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-07-03 20:24 . 2011-07-03 20:24 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\Origin
2011-07-03 20:23 . 2011-07-03 20:23 -------- d-----w- c:\program files\Origin Games
2011-07-03 20:23 . 2011-07-03 20:23 -------- d-----w- c:\program files\Origin
2011-07-03 20:04 . 2011-07-03 20:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Solidshield
2011-07-02 14:46 . 2011-07-02 14:46 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\SUPERAntiSpyware.com
2011-07-02 14:46 . 2011-07-09 15:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-07-02 14:22 . 2011-07-09 17:00 -------- d-----w- c:\program files\Defraggler
2011-07-01 09:51 . 2011-07-01 09:51 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\CheckPoint
2011-07-01 09:50 . 2011-07-21 12:39 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\ZoneAlarm_Security
2011-07-01 09:50 . 2011-07-10 10:09 -------- d-----w- c:\program files\ZoneAlarm_Security
2011-07-01 09:50 . 2011-07-01 10:38 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\Conduit
2011-07-01 09:49 . 2011-07-01 09:49 -------- d-----w- c:\program files\CheckPoint
2011-07-01 09:49 . 2011-03-17 23:24 69120 ----a-w- c:\windows\system32\zlcomm.dll
2011-07-01 09:49 . 2011-03-17 23:24 104448 ----a-w- c:\windows\system32\zlcommdb.dll
2011-07-01 09:49 . 2011-07-10 04:24 -------- d-----w- c:\windows\system32\ZoneLabs
2011-07-01 09:49 . 2011-03-17 23:24 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-07-01 09:49 . 2011-07-01 09:49 -------- d-----w- c:\program files\Zone Labs
2011-07-01 09:48 . 2011-07-25 06:56 -------- d-----w- c:\windows\Internet Logs
2011-07-01 09:41 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-01 09:41 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-01 09:41 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-01 09:41 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-01 09:41 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-01 09:41 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-01 09:41 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-01 09:41 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-01 09:41 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-01 09:41 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-01 09:41 . 2011-07-01 09:41 -------- d-----w- c:\program files\AVAST Software
2011-07-01 09:41 . 2011-07-01 09:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 07:47 . 2011-05-13 16:33 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-25 19:59 . 2009-08-22 17:27 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-06-10 06:17 . 2011-06-10 06:17 106557 ----a-w- c:\windows\system32\btw_ci.dll
2011-06-08 17:50 . 2011-06-08 17:51 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-08 17:50 . 2010-04-15 14:05 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-06 11:35 . 2008-04-14 05:45 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-31 07:47 . 2009-10-06 06:24 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-25 07:26 . 2011-04-07 20:16 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-05-25 07:26 . 2011-04-07 20:16 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-05-25 07:26 . 2011-04-07 20:16 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-05-25 07:26 . 2011-04-07 20:16 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-05-25 07:26 . 2011-04-07 20:16 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-05-25 07:26 . 2011-04-07 20:16 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-05-25 07:26 . 2011-04-07 20:16 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-05-25 07:26 . 2011-04-07 20:16 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-05-25 07:26 . 2011-04-07 20:16 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-05-25 07:26 . 2011-04-07 20:16 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-05-25 07:26 . 2011-04-07 20:16 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 07:26 . 2011-04-07 20:16 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 07:26 . 2011-04-07 20:16 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 07:26 . 2011-04-07 20:16 543336 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-05-25 07:25 . 2010-12-12 19:38 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 07:25 . 2010-10-20 06:51 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 07:25 . 2011-06-04 09:26 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-05-25 07:25 . 2011-06-04 09:26 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-05-25 07:25 . 2010-12-12 19:38 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25 . 2010-12-12 19:38 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25 . 2010-12-12 19:38 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25 . 2010-10-20 06:51 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25 . 2009-03-27 08:03 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 07:25 . 2009-03-27 08:03 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 07:25 . 2009-03-27 08:03 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-08 14:02 . 2009-08-18 10:30 564632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2011-05-08 14:02 . 2009-08-18 10:24 18328 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-02 15:32 . 2009-08-20 10:12 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2008-04-14 06:51 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2008-04-13 22:47 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-28 19:08 . 2011-01-08 18:25 57344 ----a-r- c:\documents and settings\Vladimir\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2011-04-26 11:07 . 2008-04-14 06:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-26 11:07 . 2008-04-14 06:51 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-07-08 07:29 . 2011-07-17 19:32 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 10:06 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\system32\nbDX.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
2011-03-28 16:22 176936 ----a-w- c:\program files\ZoneAlarm_Security\prxtbZon0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2000-01-01 19580520]
"amd_dc_opt"="c:\program files\AMD\amd_dc_opt\amd_dc_opt.exe" [2006-06-28 106496]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2011-03-17 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2011-02-15 738808]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoPopUpsOnBoot"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-05-04 22:02 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"JFSW2Launch"=c:\documents and settings\Vladimir\Data aplikací\Transcend\JFSW2\JFSW2Launch.exe
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
"OEXPRESS"=c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE
"Google Update"="c:\documents and settings\Vladimir\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Nikon Transfer Monitor"=c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"SoundMan"=SOUNDMAN.EXE
"AlcWzrd"=ALCWZRD.EXE
"WinHacker"=rundll32.exe c:\progra~1\WEDGES~1\WINHAC~1.0\wh95.dll,HackMe
"Nikon Message Center 2"=c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe -s
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe"
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /installquiet
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Empire Interactive\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\Anno4.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Anno4Web.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Benchmark.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Codemasters\\F1 2010\\F1_2010_game.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"1058:TCP"= 1058:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [24.9.2009 6:40 19592]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.7.2011 11:41 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.7.2011 11:41 309848]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 20:41 67656]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [24.2.2010 12:22 185472]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.7.2011 11:41 19544]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [25.5.2011 17:29 1336712]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [15.2.2011 17:25 26872]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [15.2.2011 17:25 488952]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [20.4.2011 7:56 2214504]
R3 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [14.12.2010 9:46 31744]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [20.3.2011 7:28 218688]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\drivers\nvoclock.sys [15.9.2009 14:59 38248]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [21.3.2010 17:01 27632]
R3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\drivers\whfltr2k.sys [26.1.2007 1:45 6784]
S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys --> c:\windows\system32\drivers\dwprot.sys [?]
S0 ybwfjo;ybwfjo; [x]
S1 34463271;34463271; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 KMService;KMService;c:\windows\system32\srvany.exe [15.3.2011 19:44 8192]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [21.4.2011 11:47 1691480]
S3 BTCOM;Bluetooth Serial port driver; [x]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; [x]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [24.9.2009 14:38 22528]
S3 FStarForce;FStarForce; [x]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [17.6.2009 15:01 25480]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [27.12.2010 23:50 31124344]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver;c:\windows\system32\drivers\SE1008mdm.sys [18.1.2011 17:59 58536]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [25.6.2010 16:01 100496]
S3 VBoxNetFlt;VBoxNetFlt Service; [x]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 8:52 14336]
S3 WO_LiveService;Ashampoo LiveTuner Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [4.7.2011 21:12 884608]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-07-25 c:\windows\Tasks\User_Feed_Synchronization-{E971AEB6-561A-405C-974F-50BFDA715B5A}.job
- c:\windows\system32\msfeedssync.exe [2009-08-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: { - c:\program files\Messenger\msmsgs.exe
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: Interfaces\{0B8B4E99-B7E5-4663-B7AF-3FCB7CFB0911}: NameServer = 194.213.32.237,212.111.0.10
FF - ProfilePath - c:\documents and settings\Vladimir\Data aplikací\Mozilla\Firefox\Profiles\p10zvmk3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4deb2215&v=7.005.030.004&i=26&tp=ab&iy=&ychte=us&lng=cs&q=
FF - prefs.js: network.proxy.type - 4
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.pipelining.ssl - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-25 08:56
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,ab,f0,4a,56,cf,22,46,99,8f,69,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,ab,f0,4a,56,cf,22,46,99,8f,69,\
.
[HKEY_USERS\S-1-5-21-1482476501-1659004503-682003330-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\zbshareware]
@DACL=(02 0000)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(928)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'lsass.exe'(1032)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'explorer.exe'(3712)
c:\windows\system32\msi.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~1\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
.
**************************************************************************
.
Celkový čas: 2011-07-25 09:01:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-25 07:01
ComboFix2.txt 2011-07-24 12:18
.
Před spuštěním: Volných bajtů: 50 275 561 472
Po spuštění: Volných bajtů: 50 137 198 592
.
Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 94C73ACE43C46DF44CDC8FC8078BACDF
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Podivne chováni PC. Mizejicí ikony na ploše.Pls o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podivne chováni PC. Mizejicí ikony na ploše.Pls o kontro
Vidím tam rootkity. Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podivne chováni PC. Mizejicí ikony na ploše.Pls o kontro
ComboFix 11-07-24.03 - Vladimir 25.07.2011 8:41.25.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1428 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vladimir\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\searchindexer.exe
c:\windows\system32\drivers\etc\lmhosts . . . . nemohl být smazán
.
Nakažená kopie c:\windows\system32\drivers\ntfs.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\ntfs.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_WSearch
-------\Service_WSearch
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-25 do 2011-07-25 )))))))))))))))))))))))))))))))
.
.
2011-07-17 19:32 . 2011-07-08 07:29 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-07-17 11:30 . 2011-07-17 11:30 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Malwarebytes
2011-07-17 11:30 . 2011-07-17 11:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-07-17 05:56 . 2011-07-17 05:56 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\ALI213
2011-07-14 07:52 . 2011-07-14 07:52 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Day 1 Studios
2011-07-14 07:43 . 2011-07-14 07:52 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\SKIDROW
2011-07-14 07:41 . 2011-07-14 07:41 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\GHISLER
2011-07-11 06:11 . 2011-07-11 06:11 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\uTorrent
2011-07-10 06:30 . 2011-07-10 06:30 -------- d-----w- c:\program files\FileHippo.com
2011-07-09 15:54 . 2011-07-09 15:54 -------- d--h--w- c:\documents and settings\Vladimir\Okolní tiskárny
2011-07-07 21:43 . 2011-07-07 21:43 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Windows Search
2011-07-06 14:02 . 2011-07-06 14:02 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\ZoneAlarm_Security
2011-07-04 19:12 . 2009-08-24 20:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-07-03 20:24 . 2011-07-03 20:24 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\Origin
2011-07-03 20:23 . 2011-07-03 20:23 -------- d-----w- c:\program files\Origin Games
2011-07-03 20:23 . 2011-07-03 20:23 -------- d-----w- c:\program files\Origin
2011-07-03 20:04 . 2011-07-03 20:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Solidshield
2011-07-02 14:46 . 2011-07-02 14:46 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\SUPERAntiSpyware.com
2011-07-02 14:46 . 2011-07-09 15:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-07-02 14:22 . 2011-07-09 17:00 -------- d-----w- c:\program files\Defraggler
2011-07-01 09:51 . 2011-07-01 09:51 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\CheckPoint
2011-07-01 09:50 . 2011-07-21 12:39 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\ZoneAlarm_Security
2011-07-01 09:50 . 2011-07-10 10:09 -------- d-----w- c:\program files\ZoneAlarm_Security
2011-07-01 09:50 . 2011-07-01 10:38 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\Conduit
2011-07-01 09:49 . 2011-07-01 09:49 -------- d-----w- c:\program files\CheckPoint
2011-07-01 09:49 . 2011-03-17 23:24 69120 ----a-w- c:\windows\system32\zlcomm.dll
2011-07-01 09:49 . 2011-03-17 23:24 104448 ----a-w- c:\windows\system32\zlcommdb.dll
2011-07-01 09:49 . 2011-07-10 04:24 -------- d-----w- c:\windows\system32\ZoneLabs
2011-07-01 09:49 . 2011-03-17 23:24 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-07-01 09:49 . 2011-07-01 09:49 -------- d-----w- c:\program files\Zone Labs
2011-07-01 09:48 . 2011-07-25 06:56 -------- d-----w- c:\windows\Internet Logs
2011-07-01 09:41 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-01 09:41 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-01 09:41 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-01 09:41 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-01 09:41 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-01 09:41 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-01 09:41 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-01 09:41 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-01 09:41 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-01 09:41 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-01 09:41 . 2011-07-01 09:41 -------- d-----w- c:\program files\AVAST Software
2011-07-01 09:41 . 2011-07-01 09:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 07:47 . 2011-05-13 16:33 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-25 19:59 . 2009-08-22 17:27 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-06-10 06:17 . 2011-06-10 06:17 106557 ----a-w- c:\windows\system32\btw_ci.dll
2011-06-08 17:50 . 2011-06-08 17:51 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-08 17:50 . 2010-04-15 14:05 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-06 11:35 . 2008-04-14 05:45 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-31 07:47 . 2009-10-06 06:24 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-25 07:26 . 2011-04-07 20:16 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-05-25 07:26 . 2011-04-07 20:16 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-05-25 07:26 . 2011-04-07 20:16 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-05-25 07:26 . 2011-04-07 20:16 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-05-25 07:26 . 2011-04-07 20:16 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-05-25 07:26 . 2011-04-07 20:16 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-05-25 07:26 . 2011-04-07 20:16 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-05-25 07:26 . 2011-04-07 20:16 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-05-25 07:26 . 2011-04-07 20:16 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-05-25 07:26 . 2011-04-07 20:16 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-05-25 07:26 . 2011-04-07 20:16 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 07:26 . 2011-04-07 20:16 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 07:26 . 2011-04-07 20:16 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 07:26 . 2011-04-07 20:16 543336 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-05-25 07:25 . 2010-12-12 19:38 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 07:25 . 2010-10-20 06:51 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 07:25 . 2011-06-04 09:26 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-05-25 07:25 . 2011-06-04 09:26 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-05-25 07:25 . 2010-12-12 19:38 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25 . 2010-12-12 19:38 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25 . 2010-12-12 19:38 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25 . 2010-10-20 06:51 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25 . 2009-03-27 08:03 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 07:25 . 2009-03-27 08:03 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 07:25 . 2009-03-27 08:03 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-08 14:02 . 2009-08-18 10:30 564632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2011-05-08 14:02 . 2009-08-18 10:24 18328 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-02 15:32 . 2009-08-20 10:12 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2008-04-14 06:51 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2008-04-13 22:47 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-28 19:08 . 2011-01-08 18:25 57344 ----a-r- c:\documents and settings\Vladimir\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2011-04-26 11:07 . 2008-04-14 06:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-26 11:07 . 2008-04-14 06:51 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-07-08 07:29 . 2011-07-17 19:32 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 10:06 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\system32\nbDX.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
2011-03-28 16:22 176936 ----a-w- c:\program files\ZoneAlarm_Security\prxtbZon0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2000-01-01 19580520]
"amd_dc_opt"="c:\program files\AMD\amd_dc_opt\amd_dc_opt.exe" [2006-06-28 106496]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2011-03-17 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2011-02-15 738808]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoPopUpsOnBoot"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-05-04 22:02 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"JFSW2Launch"=c:\documents and settings\Vladimir\Data aplikací\Transcend\JFSW2\JFSW2Launch.exe
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
"OEXPRESS"=c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE
"Google Update"="c:\documents and settings\Vladimir\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Nikon Transfer Monitor"=c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"SoundMan"=SOUNDMAN.EXE
"AlcWzrd"=ALCWZRD.EXE
"WinHacker"=rundll32.exe c:\progra~1\WEDGES~1\WINHAC~1.0\wh95.dll,HackMe
"Nikon Message Center 2"=c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe -s
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe"
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /installquiet
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Empire Interactive\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\Anno4.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Anno4Web.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Benchmark.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Codemasters\\F1 2010\\F1_2010_game.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"1058:TCP"= 1058:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [24.9.2009 6:40 19592]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.7.2011 11:41 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.7.2011 11:41 309848]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 20:41 67656]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [24.2.2010 12:22 185472]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.7.2011 11:41 19544]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [25.5.2011 17:29 1336712]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [15.2.2011 17:25 26872]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [15.2.2011 17:25 488952]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [20.4.2011 7:56 2214504]
R3 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [14.12.2010 9:46 31744]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [20.3.2011 7:28 218688]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\drivers\nvoclock.sys [15.9.2009 14:59 38248]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [21.3.2010 17:01 27632]
R3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\drivers\whfltr2k.sys [26.1.2007 1:45 6784]
S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys --> c:\windows\system32\drivers\dwprot.sys [?]
S0 ybwfjo;ybwfjo; [x]
S1 34463271;34463271; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 KMService;KMService;c:\windows\system32\srvany.exe [15.3.2011 19:44 8192]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [21.4.2011 11:47 1691480]
S3 BTCOM;Bluetooth Serial port driver; [x]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; [x]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [24.9.2009 14:38 22528]
S3 FStarForce;FStarForce; [x]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [17.6.2009 15:01 25480]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [27.12.2010 23:50 31124344]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver;c:\windows\system32\drivers\SE1008mdm.sys [18.1.2011 17:59 58536]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [25.6.2010 16:01 100496]
S3 VBoxNetFlt;VBoxNetFlt Service; [x]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 8:52 14336]
S3 WO_LiveService;Ashampoo LiveTuner Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [4.7.2011 21:12 884608]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-07-25 c:\windows\Tasks\User_Feed_Synchronization-{E971AEB6-561A-405C-974F-50BFDA715B5A}.job
- c:\windows\system32\msfeedssync.exe [2009-08-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: { - c:\program files\Messenger\msmsgs.exe
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: Interfaces\{0B8B4E99-B7E5-4663-B7AF-3FCB7CFB0911}: NameServer = 194.213.32.237,212.111.0.10
FF - ProfilePath - c:\documents and settings\Vladimir\Data aplikací\Mozilla\Firefox\Profiles\p10zvmk3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4deb2215&v=7.005.030.004&i=26&tp=ab&iy=&ychte=us&lng=cs&q=
FF - prefs.js: network.proxy.type - 4
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.pipelining.ssl - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-25 08:56
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,ab,f0,4a,56,cf,22,46,99,8f,69,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,ab,f0,4a,56,cf,22,46,99,8f,69,\
.
[HKEY_USERS\S-1-5-21-1482476501-1659004503-682003330-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\zbshareware]
@DACL=(02 0000)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(928)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'lsass.exe'(1032)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'explorer.exe'(3712)
c:\windows\system32\msi.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~1\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
.
**************************************************************************
.
Celkový čas: 2011-07-25 09:01:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-25 07:01
ComboFix2.txt 2011-07-24 12:18
.
Před spuštěním: Volných bajtů: 50 275 561 472
Po spuštění: Volných bajtů: 50 137 198 592
.
Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 94C73ACE43C46DF44CDC8FC8078BACDF
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1428 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vladimir\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\searchindexer.exe
c:\windows\system32\drivers\etc\lmhosts . . . . nemohl být smazán
.
Nakažená kopie c:\windows\system32\drivers\ntfs.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\ntfs.sys
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_WSearch
-------\Service_WSearch
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-25 do 2011-07-25 )))))))))))))))))))))))))))))))
.
.
2011-07-17 19:32 . 2011-07-08 07:29 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-07-17 11:30 . 2011-07-17 11:30 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Malwarebytes
2011-07-17 11:30 . 2011-07-17 11:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-07-17 05:56 . 2011-07-17 05:56 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\ALI213
2011-07-14 07:52 . 2011-07-14 07:52 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Day 1 Studios
2011-07-14 07:43 . 2011-07-14 07:52 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\SKIDROW
2011-07-14 07:41 . 2011-07-14 07:41 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\GHISLER
2011-07-11 06:11 . 2011-07-11 06:11 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\uTorrent
2011-07-10 06:30 . 2011-07-10 06:30 -------- d-----w- c:\program files\FileHippo.com
2011-07-09 15:54 . 2011-07-09 15:54 -------- d--h--w- c:\documents and settings\Vladimir\Okolní tiskárny
2011-07-07 21:43 . 2011-07-07 21:43 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Windows Search
2011-07-06 14:02 . 2011-07-06 14:02 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\ZoneAlarm_Security
2011-07-04 19:12 . 2009-08-24 20:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-07-03 20:24 . 2011-07-03 20:24 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\Origin
2011-07-03 20:23 . 2011-07-03 20:23 -------- d-----w- c:\program files\Origin Games
2011-07-03 20:23 . 2011-07-03 20:23 -------- d-----w- c:\program files\Origin
2011-07-03 20:04 . 2011-07-03 20:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Solidshield
2011-07-02 14:46 . 2011-07-02 14:46 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\SUPERAntiSpyware.com
2011-07-02 14:46 . 2011-07-09 15:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-07-02 14:22 . 2011-07-09 17:00 -------- d-----w- c:\program files\Defraggler
2011-07-01 09:51 . 2011-07-01 09:51 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\CheckPoint
2011-07-01 09:50 . 2011-07-21 12:39 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\ZoneAlarm_Security
2011-07-01 09:50 . 2011-07-10 10:09 -------- d-----w- c:\program files\ZoneAlarm_Security
2011-07-01 09:50 . 2011-07-01 10:38 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\Conduit
2011-07-01 09:49 . 2011-07-01 09:49 -------- d-----w- c:\program files\CheckPoint
2011-07-01 09:49 . 2011-03-17 23:24 69120 ----a-w- c:\windows\system32\zlcomm.dll
2011-07-01 09:49 . 2011-03-17 23:24 104448 ----a-w- c:\windows\system32\zlcommdb.dll
2011-07-01 09:49 . 2011-07-10 04:24 -------- d-----w- c:\windows\system32\ZoneLabs
2011-07-01 09:49 . 2011-03-17 23:24 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-07-01 09:49 . 2011-07-01 09:49 -------- d-----w- c:\program files\Zone Labs
2011-07-01 09:48 . 2011-07-25 06:56 -------- d-----w- c:\windows\Internet Logs
2011-07-01 09:41 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-01 09:41 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-01 09:41 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-01 09:41 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-01 09:41 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-01 09:41 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-01 09:41 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-01 09:41 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-01 09:41 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-01 09:41 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-01 09:41 . 2011-07-01 09:41 -------- d-----w- c:\program files\AVAST Software
2011-07-01 09:41 . 2011-07-01 09:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 07:47 . 2011-05-13 16:33 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-25 19:59 . 2009-08-22 17:27 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-06-10 06:17 . 2011-06-10 06:17 106557 ----a-w- c:\windows\system32\btw_ci.dll
2011-06-08 17:50 . 2011-06-08 17:51 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-08 17:50 . 2010-04-15 14:05 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-06 11:35 . 2008-04-14 05:45 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-31 07:47 . 2009-10-06 06:24 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-25 07:26 . 2011-04-07 20:16 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-05-25 07:26 . 2011-04-07 20:16 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-05-25 07:26 . 2011-04-07 20:16 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-05-25 07:26 . 2011-04-07 20:16 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-05-25 07:26 . 2011-04-07 20:16 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-05-25 07:26 . 2011-04-07 20:16 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-05-25 07:26 . 2011-04-07 20:16 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-05-25 07:26 . 2011-04-07 20:16 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-05-25 07:26 . 2011-04-07 20:16 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-05-25 07:26 . 2011-04-07 20:16 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-05-25 07:26 . 2011-04-07 20:16 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 07:26 . 2011-04-07 20:16 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 07:26 . 2011-04-07 20:16 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 07:26 . 2011-04-07 20:16 543336 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-05-25 07:25 . 2010-12-12 19:38 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 07:25 . 2010-10-20 06:51 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 07:25 . 2011-06-04 09:26 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-05-25 07:25 . 2011-06-04 09:26 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-05-25 07:25 . 2010-12-12 19:38 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25 . 2010-12-12 19:38 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25 . 2010-12-12 19:38 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25 . 2010-10-20 06:51 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25 . 2009-03-27 08:03 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 07:25 . 2009-03-27 08:03 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 07:25 . 2009-03-27 08:03 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-08 14:02 . 2009-08-18 10:30 564632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2011-05-08 14:02 . 2009-08-18 10:24 18328 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-02 15:32 . 2009-08-20 10:12 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2008-04-14 06:51 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2008-04-13 22:47 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-28 19:08 . 2011-01-08 18:25 57344 ----a-r- c:\documents and settings\Vladimir\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2011-04-26 11:07 . 2008-04-14 06:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-26 11:07 . 2008-04-14 06:51 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-07-08 07:29 . 2011-07-17 19:32 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 10:06 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\system32\nbDX.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
2011-03-28 16:22 176936 ----a-w- c:\program files\ZoneAlarm_Security\prxtbZon0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2000-01-01 19580520]
"amd_dc_opt"="c:\program files\AMD\amd_dc_opt\amd_dc_opt.exe" [2006-06-28 106496]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2011-03-17 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2011-02-15 738808]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoPopUpsOnBoot"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-05-04 22:02 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"JFSW2Launch"=c:\documents and settings\Vladimir\Data aplikací\Transcend\JFSW2\JFSW2Launch.exe
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
"OEXPRESS"=c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE
"Google Update"="c:\documents and settings\Vladimir\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Nikon Transfer Monitor"=c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"SoundMan"=SOUNDMAN.EXE
"AlcWzrd"=ALCWZRD.EXE
"WinHacker"=rundll32.exe c:\progra~1\WEDGES~1\WINHAC~1.0\wh95.dll,HackMe
"Nikon Message Center 2"=c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe -s
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe"
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /installquiet
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Empire Interactive\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\Anno4.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Anno4Web.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Benchmark.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Codemasters\\F1 2010\\F1_2010_game.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"1058:TCP"= 1058:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [24.9.2009 6:40 19592]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.7.2011 11:41 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.7.2011 11:41 309848]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 20:41 67656]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [24.2.2010 12:22 185472]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.7.2011 11:41 19544]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [25.5.2011 17:29 1336712]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [15.2.2011 17:25 26872]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [15.2.2011 17:25 488952]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [20.4.2011 7:56 2214504]
R3 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [14.12.2010 9:46 31744]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [20.3.2011 7:28 218688]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\drivers\nvoclock.sys [15.9.2009 14:59 38248]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [21.3.2010 17:01 27632]
R3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\drivers\whfltr2k.sys [26.1.2007 1:45 6784]
S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys --> c:\windows\system32\drivers\dwprot.sys [?]
S0 ybwfjo;ybwfjo; [x]
S1 34463271;34463271; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 KMService;KMService;c:\windows\system32\srvany.exe [15.3.2011 19:44 8192]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [21.4.2011 11:47 1691480]
S3 BTCOM;Bluetooth Serial port driver; [x]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; [x]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [24.9.2009 14:38 22528]
S3 FStarForce;FStarForce; [x]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [17.6.2009 15:01 25480]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [27.12.2010 23:50 31124344]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver;c:\windows\system32\drivers\SE1008mdm.sys [18.1.2011 17:59 58536]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [25.6.2010 16:01 100496]
S3 VBoxNetFlt;VBoxNetFlt Service; [x]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 8:52 14336]
S3 WO_LiveService;Ashampoo LiveTuner Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [4.7.2011 21:12 884608]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-07-25 c:\windows\Tasks\User_Feed_Synchronization-{E971AEB6-561A-405C-974F-50BFDA715B5A}.job
- c:\windows\system32\msfeedssync.exe [2009-08-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: { - c:\program files\Messenger\msmsgs.exe
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: Interfaces\{0B8B4E99-B7E5-4663-B7AF-3FCB7CFB0911}: NameServer = 194.213.32.237,212.111.0.10
FF - ProfilePath - c:\documents and settings\Vladimir\Data aplikací\Mozilla\Firefox\Profiles\p10zvmk3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4deb2215&v=7.005.030.004&i=26&tp=ab&iy=&ychte=us&lng=cs&q=
FF - prefs.js: network.proxy.type - 4
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.pipelining.ssl - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-25 08:56
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,ab,f0,4a,56,cf,22,46,99,8f,69,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,ab,f0,4a,56,cf,22,46,99,8f,69,\
.
[HKEY_USERS\S-1-5-21-1482476501-1659004503-682003330-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\zbshareware]
@DACL=(02 0000)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(928)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'lsass.exe'(1032)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'explorer.exe'(3712)
c:\windows\system32\msi.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~1\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
.
**************************************************************************
.
Celkový čas: 2011-07-25 09:01:18 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-25 07:01
ComboFix2.txt 2011-07-24 12:18
.
Před spuštěním: Volných bajtů: 50 275 561 472
Po spuštění: Volných bajtů: 50 137 198 592
.
Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 94C73ACE43C46DF44CDC8FC8078BACDF
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podivne chováni PC. Mizejicí ikony na ploše.Pls o kontro
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1058:TCP"=-
"5000:UDP"=-
Driver::
ybwfjo
34463271
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podivne chováni PC. Mizejicí ikony na ploše.Pls o kontro
Tak jsem to provedl zde je log:
ComboFix 11-07-25.03 - Vladimir 26.07.2011 7:54.26.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1507 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vladimir\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Vladimir\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\lmhosts
c:\windows\system32\drivers\etc\lmhosts . . . . nemohl být smazán
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_34463271
-------\Service_34463271
-------\Service_ybwfjo
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-26 do 2011-07-26 )))))))))))))))))))))))))))))))
.
.
2011-07-25 07:47 . 2011-07-25 07:47 -------- d-----w- C:\rsit
2011-07-17 19:32 . 2011-07-08 07:29 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-07-17 11:30 . 2011-07-17 11:30 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Malwarebytes
2011-07-17 11:30 . 2011-07-17 11:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-07-17 05:56 . 2011-07-17 05:56 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\ALI213
2011-07-14 07:52 . 2011-07-14 07:52 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Day 1 Studios
2011-07-14 07:43 . 2011-07-14 07:52 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\SKIDROW
2011-07-14 07:41 . 2011-07-14 07:41 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\GHISLER
2011-07-11 06:11 . 2011-07-11 06:11 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\uTorrent
2011-07-10 06:30 . 2011-07-10 06:30 -------- d-----w- c:\program files\FileHippo.com
2011-07-09 15:54 . 2011-07-09 15:54 -------- d--h--w- c:\documents and settings\Vladimir\Okolní tiskárny
2011-07-07 21:43 . 2011-07-07 21:43 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Windows Search
2011-07-06 14:02 . 2011-07-06 14:02 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\ZoneAlarm_Security
2011-07-04 19:12 . 2009-08-24 20:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-07-03 20:24 . 2011-07-03 20:24 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\Origin
2011-07-03 20:23 . 2011-07-03 20:23 -------- d-----w- c:\program files\Origin Games
2011-07-03 20:23 . 2011-07-03 20:23 -------- d-----w- c:\program files\Origin
2011-07-03 20:04 . 2011-07-03 20:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Solidshield
2011-07-02 14:46 . 2011-07-02 14:46 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\SUPERAntiSpyware.com
2011-07-02 14:46 . 2011-07-09 15:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-07-02 14:22 . 2011-07-09 17:00 -------- d-----w- c:\program files\Defraggler
2011-07-01 09:51 . 2011-07-01 09:51 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\CheckPoint
2011-07-01 09:50 . 2011-07-21 12:39 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\ZoneAlarm_Security
2011-07-01 09:50 . 2011-07-10 10:09 -------- d-----w- c:\program files\ZoneAlarm_Security
2011-07-01 09:50 . 2011-07-01 10:38 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\Conduit
2011-07-01 09:49 . 2011-07-01 09:49 -------- d-----w- c:\program files\CheckPoint
2011-07-01 09:49 . 2011-03-17 23:24 69120 ----a-w- c:\windows\system32\zlcomm.dll
2011-07-01 09:49 . 2011-03-17 23:24 104448 ----a-w- c:\windows\system32\zlcommdb.dll
2011-07-01 09:49 . 2011-07-10 04:24 -------- d-----w- c:\windows\system32\ZoneLabs
2011-07-01 09:49 . 2011-03-17 23:24 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-07-01 09:49 . 2011-07-01 09:49 -------- d-----w- c:\program files\Zone Labs
2011-07-01 09:48 . 2011-07-26 06:08 -------- d-----w- c:\windows\Internet Logs
2011-07-01 09:41 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-01 09:41 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-01 09:41 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-01 09:41 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-01 09:41 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-01 09:41 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-01 09:41 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-01 09:41 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-01 09:41 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-01 09:41 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-01 09:41 . 2011-07-01 09:41 -------- d-----w- c:\program files\AVAST Software
2011-07-01 09:41 . 2011-07-01 09:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 07:47 . 2011-05-13 16:33 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-25 19:59 . 2009-08-22 17:27 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-06-10 06:17 . 2011-06-10 06:17 106557 ----a-w- c:\windows\system32\btw_ci.dll
2011-06-08 17:50 . 2011-06-08 17:51 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-08 17:50 . 2010-04-15 14:05 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-06 11:35 . 2008-04-14 05:45 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-31 07:47 . 2009-10-06 06:24 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-25 07:26 . 2011-04-07 20:16 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-05-25 07:26 . 2011-04-07 20:16 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-05-25 07:26 . 2011-04-07 20:16 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-05-25 07:26 . 2011-04-07 20:16 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-05-25 07:26 . 2011-04-07 20:16 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-05-25 07:26 . 2011-04-07 20:16 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-05-25 07:26 . 2011-04-07 20:16 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-05-25 07:26 . 2011-04-07 20:16 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-05-25 07:26 . 2011-04-07 20:16 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-05-25 07:26 . 2011-04-07 20:16 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-05-25 07:26 . 2011-04-07 20:16 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 07:26 . 2011-04-07 20:16 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 07:26 . 2011-04-07 20:16 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 07:26 . 2011-04-07 20:16 543336 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-05-25 07:25 . 2010-12-12 19:38 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 07:25 . 2010-10-20 06:51 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 07:25 . 2011-06-04 09:26 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-05-25 07:25 . 2011-06-04 09:26 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-05-25 07:25 . 2010-12-12 19:38 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25 . 2010-12-12 19:38 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25 . 2010-12-12 19:38 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25 . 2010-10-20 06:51 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25 . 2009-03-27 08:03 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 07:25 . 2009-03-27 08:03 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 07:25 . 2009-03-27 08:03 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-08 14:02 . 2009-08-18 10:30 564632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2011-05-08 14:02 . 2009-08-18 10:24 18328 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-02 15:32 . 2009-08-20 10:12 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2008-04-14 06:51 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2008-04-13 22:47 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-28 19:08 . 2011-01-08 18:25 57344 ----a-r- c:\documents and settings\Vladimir\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2011-07-08 07:29 . 2011-07-17 19:32 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 10:06 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\system32\nbDX.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
2011-03-28 16:22 176936 ----a-w- c:\program files\ZoneAlarm_Security\prxtbZon0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2000-01-01 19580520]
"amd_dc_opt"="c:\program files\AMD\amd_dc_opt\amd_dc_opt.exe" [2006-06-28 106496]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2011-03-17 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2011-02-15 738808]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoPopUpsOnBoot"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-05-04 22:02 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"JFSW2Launch"=c:\documents and settings\Vladimir\Data aplikací\Transcend\JFSW2\JFSW2Launch.exe
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
"OEXPRESS"=c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE
"Google Update"="c:\documents and settings\Vladimir\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Nikon Transfer Monitor"=c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"SoundMan"=SOUNDMAN.EXE
"AlcWzrd"=ALCWZRD.EXE
"WinHacker"=rundll32.exe c:\progra~1\WEDGES~1\WINHAC~1.0\wh95.dll,HackMe
"Nikon Message Center 2"=c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe -s
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe"
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /installquiet
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Empire Interactive\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\Anno4.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Anno4Web.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Benchmark.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Codemasters\\F1 2010\\F1_2010_game.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [24.9.2009 6:40 19592]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.7.2011 11:41 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.7.2011 11:41 309848]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 20:41 67656]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [24.2.2010 12:22 185472]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.7.2011 11:41 19544]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [25.5.2011 17:29 1336712]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [15.2.2011 17:25 26872]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [15.2.2011 17:25 488952]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [20.4.2011 7:56 2214504]
R3 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [14.12.2010 9:46 31744]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [20.3.2011 7:28 218688]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\drivers\nvoclock.sys [15.9.2009 14:59 38248]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [21.3.2010 17:01 27632]
R3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\drivers\whfltr2k.sys [26.1.2007 1:45 6784]
S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys --> c:\windows\system32\drivers\dwprot.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 KMService;KMService;c:\windows\system32\srvany.exe [15.3.2011 19:44 8192]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [21.4.2011 11:47 1691480]
S3 BTCOM;Bluetooth Serial port driver; [x]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; [x]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [24.9.2009 14:38 22528]
S3 FStarForce;FStarForce; [x]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [17.6.2009 15:01 25480]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [27.12.2010 23:50 31124344]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver;c:\windows\system32\drivers\SE1008mdm.sys [18.1.2011 17:59 58536]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [25.6.2010 16:01 100496]
S3 VBoxNetFlt;VBoxNetFlt Service; [x]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 8:52 14336]
S3 WO_LiveService;Ashampoo LiveTuner Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [4.7.2011 21:12 884608]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-07-26 c:\windows\Tasks\User_Feed_Synchronization-{E971AEB6-561A-405C-974F-50BFDA715B5A}.job
- c:\windows\system32\msfeedssync.exe [2009-08-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: { - c:\program files\Messenger\msmsgs.exe
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: Interfaces\{0B8B4E99-B7E5-4663-B7AF-3FCB7CFB0911}: NameServer = 194.213.32.237,212.111.0.10
FF - ProfilePath - c:\documents and settings\Vladimir\Data aplikací\Mozilla\Firefox\Profiles\p10zvmk3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4deb2215&v=7.005.030.004&i=26&tp=ab&iy=&ychte=us&lng=cs&q=
FF - prefs.js: network.proxy.type - 4
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.pipelining.ssl - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-26 08:09
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,ab,f0,4a,56,cf,22,46,99,8f,69,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,ab,f0,4a,56,cf,22,46,99,8f,69,\
.
[HKEY_USERS\S-1-5-21-1482476501-1659004503-682003330-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\zbshareware]
@DACL=(02 0000)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(928)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'lsass.exe'(1032)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'explorer.exe'(2872)
c:\windows\system32\msi.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~1\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
.
**************************************************************************
.
Celkový čas: 2011-07-26 08:13:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-26 06:13
ComboFix2.txt 2011-07-25 07:01
ComboFix3.txt 2011-07-24 12:18
.
Před spuštěním: Volných bajtů: 50 576 244 736
Po spuštění: Volných bajtů: 50 587 402 240
.
Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 21534A21EF399149134AF4DF7E52A54F
ComboFix 11-07-25.03 - Vladimir 26.07.2011 7:54.26.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1507 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vladimir\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Vladimir\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\lmhosts
c:\windows\system32\drivers\etc\lmhosts . . . . nemohl být smazán
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_34463271
-------\Service_34463271
-------\Service_ybwfjo
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-26 do 2011-07-26 )))))))))))))))))))))))))))))))
.
.
2011-07-25 07:47 . 2011-07-25 07:47 -------- d-----w- C:\rsit
2011-07-17 19:32 . 2011-07-08 07:29 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-07-17 11:30 . 2011-07-17 11:30 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Malwarebytes
2011-07-17 11:30 . 2011-07-17 11:30 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-07-17 05:56 . 2011-07-17 05:56 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\ALI213
2011-07-14 07:52 . 2011-07-14 07:52 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Day 1 Studios
2011-07-14 07:43 . 2011-07-14 07:52 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\SKIDROW
2011-07-14 07:41 . 2011-07-14 07:41 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\GHISLER
2011-07-11 06:11 . 2011-07-11 06:11 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\uTorrent
2011-07-10 06:30 . 2011-07-10 06:30 -------- d-----w- c:\program files\FileHippo.com
2011-07-09 15:54 . 2011-07-09 15:54 -------- d--h--w- c:\documents and settings\Vladimir\Okolní tiskárny
2011-07-07 21:43 . 2011-07-07 21:43 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\Windows Search
2011-07-06 14:02 . 2011-07-06 14:02 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\ZoneAlarm_Security
2011-07-04 19:12 . 2009-08-24 20:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2011-07-03 20:24 . 2011-07-03 20:24 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\Origin
2011-07-03 20:23 . 2011-07-03 20:23 -------- d-----w- c:\program files\Origin Games
2011-07-03 20:23 . 2011-07-03 20:23 -------- d-----w- c:\program files\Origin
2011-07-03 20:04 . 2011-07-03 20:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Solidshield
2011-07-02 14:46 . 2011-07-02 14:46 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\SUPERAntiSpyware.com
2011-07-02 14:46 . 2011-07-09 15:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-07-02 14:22 . 2011-07-09 17:00 -------- d-----w- c:\program files\Defraggler
2011-07-01 09:51 . 2011-07-01 09:51 -------- d-----w- c:\documents and settings\Vladimir\Data aplikací\CheckPoint
2011-07-01 09:50 . 2011-07-21 12:39 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\ZoneAlarm_Security
2011-07-01 09:50 . 2011-07-10 10:09 -------- d-----w- c:\program files\ZoneAlarm_Security
2011-07-01 09:50 . 2011-07-01 10:38 -------- d-----w- c:\documents and settings\Vladimir\Local Settings\Data aplikací\Conduit
2011-07-01 09:49 . 2011-07-01 09:49 -------- d-----w- c:\program files\CheckPoint
2011-07-01 09:49 . 2011-03-17 23:24 69120 ----a-w- c:\windows\system32\zlcomm.dll
2011-07-01 09:49 . 2011-03-17 23:24 104448 ----a-w- c:\windows\system32\zlcommdb.dll
2011-07-01 09:49 . 2011-07-10 04:24 -------- d-----w- c:\windows\system32\ZoneLabs
2011-07-01 09:49 . 2011-03-17 23:24 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-07-01 09:49 . 2011-07-01 09:49 -------- d-----w- c:\program files\Zone Labs
2011-07-01 09:48 . 2011-07-26 06:08 -------- d-----w- c:\windows\Internet Logs
2011-07-01 09:41 . 2011-07-04 11:36 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-01 09:41 . 2011-07-04 11:32 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-01 09:41 . 2011-07-04 11:35 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-01 09:41 . 2011-07-04 11:32 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-01 09:41 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-01 09:41 . 2011-07-04 11:35 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-07-01 09:41 . 2011-07-04 11:35 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-07-01 09:41 . 2011-07-04 11:32 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-07-01 09:41 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-07-01 09:41 . 2011-07-04 11:43 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-01 09:41 . 2011-07-01 09:41 -------- d-----w- c:\program files\AVAST Software
2011-07-01 09:41 . 2011-07-01 09:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 07:47 . 2011-05-13 16:33 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-25 19:59 . 2009-08-22 17:27 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-06-10 06:17 . 2011-06-10 06:17 106557 ----a-w- c:\windows\system32\btw_ci.dll
2011-06-08 17:50 . 2011-06-08 17:51 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-06-08 17:50 . 2010-04-15 14:05 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-06-06 11:35 . 2008-04-14 05:45 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-31 07:47 . 2009-10-06 06:24 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-25 07:26 . 2011-04-07 20:16 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-05-25 07:26 . 2011-04-07 20:16 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-05-25 07:26 . 2011-04-07 20:16 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-05-25 07:26 . 2011-04-07 20:16 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-05-25 07:26 . 2011-04-07 20:16 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-05-25 07:26 . 2011-04-07 20:16 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-05-25 07:26 . 2011-04-07 20:16 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-05-25 07:26 . 2011-04-07 20:16 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-05-25 07:26 . 2011-04-07 20:16 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-05-25 07:26 . 2011-04-07 20:16 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-05-25 07:26 . 2011-04-07 20:16 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-05-25 07:26 . 2011-04-07 20:16 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-05-25 07:26 . 2011-04-07 20:16 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-05-25 07:26 . 2011-04-07 20:16 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-05-25 07:26 . 2011-04-07 20:16 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-05-25 07:26 . 2011-04-07 20:16 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-05-25 07:26 . 2011-04-07 20:16 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-25 07:26 . 2011-04-07 20:16 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-25 07:26 . 2011-04-07 20:16 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-05-25 07:26 . 2011-04-07 20:16 543336 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll
2011-05-25 07:25 . 2010-12-12 19:38 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 07:25 . 2010-10-20 06:51 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 07:25 . 2011-06-04 09:26 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-05-25 07:25 . 2011-06-04 09:26 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-05-25 07:25 . 2010-12-12 19:38 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25 . 2010-12-12 19:38 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25 . 2010-12-12 19:38 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25 . 2010-10-20 06:51 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25 . 2009-03-27 08:03 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 07:25 . 2009-03-27 08:03 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 07:25 . 2009-03-27 08:03 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-05-08 14:02 . 2009-08-18 10:30 564632 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\wlidui.dll
2011-05-08 14:02 . 2009-08-18 10:24 18328 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-05-02 15:32 . 2009-08-20 10:12 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2008-04-14 06:51 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:19 . 2008-04-13 22:47 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-28 19:08 . 2011-01-08 18:25 57344 ----a-r- c:\documents and settings\Vladimir\Data aplikací\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2011-07-08 07:29 . 2011-07-17 19:32 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 10:06 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 216064 --sha-r- c:\windows\system32\nbDX.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
2011-03-28 16:22 176936 ----a-w- c:\program files\ZoneAlarm_Security\prxtbZon0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{91da5e8a-3318-4f8c-b67e-5964de3ab546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{91DA5E8A-3318-4F8C-B67E-5964DE3AB546}"= "c:\program files\ZoneAlarm_Security\prxtbZon0.dll" [2011-03-28 176936]
.
[HKEY_CLASSES_ROOT\clsid\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2000-01-01 19580520]
"amd_dc_opt"="c:\program files\AMD\amd_dc_opt\amd_dc_opt.exe" [2006-06-28 106496]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2011-03-17 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2011-02-15 738808]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_2"="shell32" [X]
"_nltide_3"="advpack.dll" [2009-03-08 128512]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoPopUpsOnBoot"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-05-04 22:02 1632360 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"JFSW2Launch"=c:\documents and settings\Vladimir\Data aplikací\Transcend\JFSW2\JFSW2Launch.exe
"NokiaOviSuite2"=c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
"OEXPRESS"=c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE
"Google Update"="c:\documents and settings\Vladimir\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Nikon Transfer Monitor"=c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"SoundMan"=SOUNDMAN.EXE
"AlcWzrd"=ALCWZRD.EXE
"WinHacker"=rundll32.exe c:\progra~1\WEDGES~1\WINHAC~1.0\wh95.dll,HackMe
"Nikon Message Center 2"=c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe -s
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe"
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /installquiet
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"NokiaMServer"=c:\program files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Empire Interactive\\FlatOut Ultimate Carnage\\Fouc.exe"=
"c:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\Anno4.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Anno4Web.exe"=
"c:\\Program Files\\Ubisoft\\Related Designs\\ANNO 1404\\tools\\Benchmark.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Codemasters\\F1 2010\\F1_2010_game.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [24.9.2009 6:40 19592]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.7.2011 11:41 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.7.2011 11:41 309848]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 20:41 67656]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [24.2.2010 12:22 185472]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.7.2011 11:41 19544]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [25.5.2011 17:29 1336712]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [15.2.2011 17:25 26872]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [15.2.2011 17:25 488952]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [20.4.2011 7:56 2214504]
R3 AmdTools;AMD Special Tools Driver;c:\windows\system32\drivers\AmdTools.sys [14.12.2010 9:46 31744]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [20.3.2011 7:28 218688]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\drivers\nvoclock.sys [15.9.2009 14:59 38248]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [21.3.2010 17:01 27632]
R3 whfltr2k;WheelMouse USB Lower Filter Driver;c:\windows\system32\drivers\whfltr2k.sys [26.1.2007 1:45 6784]
S0 DwProt;DrWeb Protection;c:\windows\system32\drivers\dwprot.sys --> c:\windows\system32\drivers\dwprot.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 KMService;KMService;c:\windows\system32\srvany.exe [15.3.2011 19:44 8192]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [21.4.2011 11:47 1691480]
S3 BTCOM;Bluetooth Serial port driver; [x]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; [x]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [24.9.2009 14:38 22528]
S3 FStarForce;FStarForce; [x]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [17.6.2009 15:01 25480]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [27.12.2010 23:50 31124344]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]
S3 SE1008mdm;Sony Ericsson SE1008 Mobile Device Full USB Driver;c:\windows\system32\drivers\SE1008mdm.sys [18.1.2011 17:59 58536]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [25.6.2010 16:01 100496]
S3 VBoxNetFlt;VBoxNetFlt Service; [x]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 8:52 14336]
S3 WO_LiveService;Ashampoo LiveTuner Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe [4.7.2011 21:12 884608]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-07-26 c:\windows\Tasks\User_Feed_Synchronization-{E971AEB6-561A-405C-974F-50BFDA715B5A}.job
- c:\windows\system32\msfeedssync.exe [2009-08-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: { - c:\program files\Messenger\msmsgs.exe
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: Interfaces\{0B8B4E99-B7E5-4663-B7AF-3FCB7CFB0911}: NameServer = 194.213.32.237,212.111.0.10
FF - ProfilePath - c:\documents and settings\Vladimir\Data aplikací\Mozilla\Firefox\Profiles\p10zvmk3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4deb2215&v=7.005.030.004&i=26&tp=ab&iy=&ychte=us&lng=cs&q=
FF - prefs.js: network.proxy.type - 4
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.pipelining.ssl - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-26 08:09
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,ab,f0,4a,56,cf,22,46,99,8f,69,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3a,ab,f0,4a,56,cf,22,46,99,8f,69,\
.
[HKEY_USERS\S-1-5-21-1482476501-1659004503-682003330-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\zbshareware]
@DACL=(02 0000)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(928)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'lsass.exe'(1032)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
- - - - - - - > 'explorer.exe'(2872)
c:\windows\system32\msi.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~1\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
.
**************************************************************************
.
Celkový čas: 2011-07-26 08:13:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-26 06:13
ComboFix2.txt 2011-07-25 07:01
ComboFix3.txt 2011-07-24 12:18
.
Před spuštěním: Volných bajtů: 50 576 244 736
Po spuštění: Volných bajtů: 50 587 402 240
.
Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 21534A21EF399149134AF4DF7E52A54F
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podivne chováni PC. Mizejicí ikony na ploše.Pls o kontro
Smazáno, log již vypadá čistý. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Podivne chováni PC. Mizejicí ikony na ploše.Pls o kontro
ano děkuji mnohokrát přeji příjemný den
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Podivne chováni PC. Mizejicí ikony na ploše.Pls o kontro
Příjemný den i vám a nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?