posielam tento log z mojho PC ale jedná sa o notebook v ktorom je asi vir.
pri starte ešte vyhodí vždy chybu: temp2.exe
dakujem za pomoc
Logfile of random's system information tool 1.09 (written by random/random)
Run by ricki at 2011-07-31 23:08:09
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 5 GB (14%) free of 35 GB
Total RAM: 446 MB (29% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}]
URLLink Class - C:\Program Files\NewDotNet\newdotnet6_38.dll [2007-06-23 229376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} -
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-07-10 1174920]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2006-04-14 53248]
"PCMService"=C:\Program Files\Acer\Acer Arcade\PCMService.exe [2006-04-27 151552]
"Acer ePresentation HPD"=C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2006-03-31 204800]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-27 16248320]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-05-30 421888]
"Boot"=C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-06-23 602112]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"New.net Startup"=rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"TransClock"=G:\OVLADAčE XP\prehladne hodiny.exe []
"amva"=C:\WINDOWS\system32\amvo.exe [2008-01-21 105942]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
T-Mobile Communication Center.lnk - C:\Program Files\T-Mobile Communication Center\TMCC.exe
C:\Documents and Settings\ricki\Nabídka Start\Programy\Po spuštění
ctfmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\SYSTEM32\Ati2evxx.dll [2006-04-27 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-18 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Acer\Acer Arcade\PCMService.exe"="C:\Program Files\Acer\Acer Arcade\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"c:\windows\system32\rk.exe"="c:\windows\system32\rk.exe:*:Enabled:rk.exe"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\WINDOWS\System32\LEXPPS.EXE"="C:\WINDOWS\System32\LEXPPS.EXE:*:Disabled:LEXPPS.EXE"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Warcraft III\Warcraft III.exe"="C:\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\Documents and Settings\RICKI\Local Settings\Temp\bulanci.tmp"="C:\Documents and Settings\RICKI\Local Settings\Temp\bulanci.tmp:*:Enabled:bulanci"
"D:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe"="D:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Enabled:Far Cry"
"C:\Program Files\DigitalFusion\Beach Head - Desert War\BH2Game\bh2.exe"="C:\Program Files\DigitalFusion\Beach Head - Desert War\BH2Game\bh2.exe:*:Disabled:BH2"
"C:\Program Files\MotoGP2 Demo\motogp2_demo.exe"="C:\Program Files\MotoGP2 Demo\motogp2_demo.exe:*:Disabled:motogp2_demo"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.l3codecp"=
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.vorbis"=vorbis.acm
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
======File associations======
.reg - open - regedit.exe %1
.scr - open - "%1" %*
======List of files/folders created in the last 1 month======
2011-07-31 23:08:10 ----D---- C:\Program Files\trend micro
2011-07-31 23:08:09 ----D---- C:\rsit
2011-07-31 20:22:08 ----A---- C:\WINDOWS\system32\temp2.exe
2011-07-31 20:22:08 ----A---- C:\WINDOWS\system32\temp1.exe
2011-07-30 11:41:58 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_juextctrl.sys
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_jucdcecm.sys
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_jucdcacm.sys
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_jubusenum.sys
2皛11-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_hwupgrade.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\mod7700.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\ewusbnet.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\ewusbmdm.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\ewdcsc.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys
2011-07-21 14:45:29 ----A---- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys
2011-07-21 12:15:17 ----D---- C:\Program Files\CCleaner
2011-07-21 12:03:59 ----D---- C:\Program Files\Eusing Free Registry Cleaner
2011-07-20 11:06:08 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2011-07-20 11:00:52 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2011-07-20 11:00:45 ----HD---- C:\WINDOWS\$NtUninstallWdf01009$
2011-07-20 11:00:40 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-07-20 11:00:40 ----A---- C:\WINDOWS\system32\drivers\WdfCoInstaller01009.dll
2011-07-20 11:00:39 ----A---- C:\WINDOWS\system32\drivers\usbccid.sys
2011-07-20 11:00:20 ----D---- C:\Program Files\Mobile Partner
2011-07-20 10:54:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\DatacardService
2011-07-01 11:29:24 ----SHD---- C:\FOUND.060
======List of files/folders modified in the last 1 month======
2011-07-31 23:08:18 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt
2011-07-31 20:22:18 ----RSH---- C:\WINDOWS\system32\amvo0.dll
2011-07-31 20:21:26 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-01 15:38:04 ----A---- C:\WINDOWS\ModemLog_ZTE Proprietary USB Modem.txt
2011-07-01 11:30:04 ----RSH---- C:\WINDOWS\system32\amvo1.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-03 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-03 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-03 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-03 43008]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2004-08-18 13952]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-18 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-12-05 20640]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-03-03 48640]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-03 41088]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-09-13 639224]
R0 Vax347b;Vax347b; C:\WINDOWS\system32\DRIVERS\Vax347b.sys [2005-04-25 159616]
R0 Vax347s;Vax347s; C:\WINDOWS\System32\Drivers\Vax347s.sys [2004-04-30 5248]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 42240]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43008]
R1 bizVSerial;Franson VSerial; C:\WINDOWS\System32\drivers\bizVSerialNT.sys [2006-04-03 14949]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys []
R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 MaVctrl;MaVctrl; C:\WINDOWS\system32\DRIVERS\MaVc2K.sys [2005-08-18 11473]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-14 12672]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-18 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys []
R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-01-24 488448]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-04-27 1540096]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-07 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-05-24 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-05-24 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-05-24 74752]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-06-12 990592]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-06-12 208384]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2010-07-27 72832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-06-02 6144]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-18 67584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-18 26496]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-06-12 727808]
S0 ElbyVCD;ElbyVCD; C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys []
S2 eLock2FSCTLDriver;eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys []
S2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-18 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-18 38016]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-18 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-18 274304]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-18 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2006-01-11 194048]
S3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys [2010-08-24 82816]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\K320mdfl.sys [2006-08-18 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\K320mdm.sys [2006-08-18 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\K320mgmt.sys [2006-08-18 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\K320obex.sys [2006-08-18 86368]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 KS-959;Kingsun KS-959 USB Infrared Adapter; C:\WINDOWS\system32\DRIVERS\KS-959.sys [2005-10-09 19034]
S3 mak750c;mak750c; C:\WINDOWS\System32\Drivers\mak750c.sys [2005-06-16 24784]
S3 mak750m;mak750m; C:\WINDOWS\System32\Drivers\mak750m.sys [2005-06-16 25044]
S3 mak750u;mak750u; C:\WINDOWS\System32\Drivers\mak750u.sys [2005-07-04 51797]
S3 MaRdPnp;MaRdPnp; C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys [2005-08-18 49867]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2010-11-12 9728]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-18 59648]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-18 11136]
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2004-12-09 46592]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-18 15360]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-18 31616]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbsermpt;Motorola USB Modem Driver for MPT; C:\WINDOWS\system32\DRIVERS\usbsermpt.sys [2007-12-14 22768]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys []
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 86368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2010-11-12 105088]
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2010-11-12 105088]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2010-11-12 105088]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-03-29 28672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-04-27 405504]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [2006-04-27 254050]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [2006-04-27 114784]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [2006-04-27 61440]
R2 DCService.exe;DCService.exe; C:\Documents and Settings\All Users\Data aplikací\DatacardService\DCService.exe [2010-09-29 249856]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 LGScsiCommandService;LG SCSI command service; C:\WINDOWS\system32\LGScsiCommandService.exe [2010-03-09 47616]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-01-21 143360]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 Franson GpsGate 2.0;Franson GpsGate 2.0; C:\Program Files\Franson\GpsGate 2.0\GpsGateService.exe [2007-05-16 253952]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
neaká háveď nejde už ani internet
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: neaká háveď nejde už ani internet
Zdravím,
Stáhni a nainstaluj MBAM zde http://www.download.com/Malwarebytes-An ... tag=button
Spustit > na 3.záložce "Aktualizace" > Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení a program nech spuštěný
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: neaká háveď nejde už ani internet
Malwarebytes' Anti-Malware
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
1.8.2011 11:51:42
mbam-log-2011-08-01 (11-51-23).txt
Typ: Úplná kontrola (C:\|D:\|E:\|)
Kontrolované objekty: 193130
Uplynulý čas: 11 minut, 59 sekund
Infikované procesy v paměti: 2
Infikované moduly v paměti: 2
Infikované klíče v registru: 7
Infikované hodnoty v registru: 3
Infikované datové položky v registru: 3
Infikované složky: 3
Infikované soubory: 33
Infikované procesy v paměti:
c:\WINDOWS\system32\temp1.exe (Trojan.Downloader) -> 2000 -> No action taken.
c:\documents and settings\ricki\nabídka start\Programy\po spuštění\ctfmon.exe (Trojan.VB) -> 552 -> No action taken.
Infikované moduly v paměti:
c:\WINDOWS\system32\amvo0.dll (Trojan.Agent) -> No action taken.
c:\program files\newdotnet\newdotnet6_38.dll (Adware.NewDotNet) -> No action taken.
Infikované klíče v registru:
HKEY_CLASSES_ROOT\Tldctl2.URLLink (Adware.NewDotNet) -> No action taken.
HKEY_CLASSES_ROOT\Tldctl2.URLLink.1 (Adware.NewDotNet) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\New.net (Adware.NewDotNet) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net (Adware.NewDotNet) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} (Adware.NewDotNet) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} (Adware.NewDotNet) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} (Adware.NewDotNet) -> No action taken.
Infikované hodnoty v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\amva (Trojan.Agent) -> Value: amva -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Backdoor.Bot) -> Value: load -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\New.net Startup (Adware.NewDotNet) -> Value: New.net Startup -> No action taken.
Infikované datové položky v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Dropper) -> Bad: (C:\WINDOWS\svchost.exe) Good: () -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (regedit.exe %1) Good: (regedit.exe "%1") -> No action taken.
Infikované složky:
c:\program files\newdotnet (Adware.NewDotNet) -> No action taken.
c:\program files\VVSN (Adware.WhenU) -> No action taken.
c:\program files\VVSN\URL1 (Adware.WhenU) -> No action taken.
Infikované soubory:
c:\WINDOWS\system32\temp1.exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\ricki\nabídka start\Programy\po spuštění\ctfmon.exe (Trojan.VB) -> No action taken.
c:\WINDOWS\svchost.exe (Trojan.Dropper) -> No action taken.
c:\copy.exe (Worm.Perlovga) -> No action taken.
c:\host.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\xcopy.exe (Worm.Perlovga) -> No action taken.
c:\WINDOWS\system32\temp2.exe (Trojan.Downloader) -> No action taken.
c:\WINDOWS\system32\rk.exe (Adware.RelevantKnowledge) -> No action taken.
c:\program files\alcohol soft\alcohol 120\patch_3105.exe (RiskWare.Tool.HCK) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584393.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584394.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584409.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584410.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584425.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584426.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584442.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584443.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584471.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584472.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584502.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584503.exe (Trojan.Downloader) -> No action taken.
c:\Recycled\ctfmon.exe (Trojan.VB) -> No action taken.
c:\Recycled\Recycled\ctfmon.exe (Trojan.VB) -> No action taken.
d:\copy.exe (Worm.Perlovga) -> No action taken.
d:\host.exe (Trojan.Dropper) -> No action taken.
d:\Recycled\ctfmon.exe (Trojan.VB) -> No action taken.
c:\xn1i9x.com (Spyware.OnlineGames) -> No action taken.
c:\WINDOWS\system32\amvo.exe (Trojan.Agent) -> No action taken.
c:\WINDOWS\system32\amvo0.dll (Trojan.Agent) -> No action taken.
c:\WINDOWS\system32\amvo1.dll (Trojan.Agent) -> No action taken.
c:\program files\newdotnet\newdotnet6_38.dll (Adware.NewDotNet) -> No action taken.
c:\program files\newdotnet\readme.html (Adware.NewDotNet) -> No action taken.
c:\program files\VVSN\vvsn.cfg (Adware.WhenU) -> No action taken.
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
1.8.2011 11:51:42
mbam-log-2011-08-01 (11-51-23).txt
Typ: Úplná kontrola (C:\|D:\|E:\|)
Kontrolované objekty: 193130
Uplynulý čas: 11 minut, 59 sekund
Infikované procesy v paměti: 2
Infikované moduly v paměti: 2
Infikované klíče v registru: 7
Infikované hodnoty v registru: 3
Infikované datové položky v registru: 3
Infikované složky: 3
Infikované soubory: 33
Infikované procesy v paměti:
c:\WINDOWS\system32\temp1.exe (Trojan.Downloader) -> 2000 -> No action taken.
c:\documents and settings\ricki\nabídka start\Programy\po spuštění\ctfmon.exe (Trojan.VB) -> 552 -> No action taken.
Infikované moduly v paměti:
c:\WINDOWS\system32\amvo0.dll (Trojan.Agent) -> No action taken.
c:\program files\newdotnet\newdotnet6_38.dll (Adware.NewDotNet) -> No action taken.
Infikované klíče v registru:
HKEY_CLASSES_ROOT\Tldctl2.URLLink (Adware.NewDotNet) -> No action taken.
HKEY_CLASSES_ROOT\Tldctl2.URLLink.1 (Adware.NewDotNet) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\New.net (Adware.NewDotNet) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\New.net (Adware.NewDotNet) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} (Adware.NewDotNet) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} (Adware.NewDotNet) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} (Adware.NewDotNet) -> No action taken.
Infikované hodnoty v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\amva (Trojan.Agent) -> Value: amva -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Backdoor.Bot) -> Value: load -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\New.net Startup (Adware.NewDotNet) -> Value: New.net Startup -> No action taken.
Infikované datové položky v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Dropper) -> Bad: (C:\WINDOWS\svchost.exe) Good: () -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (regedit.exe %1) Good: (regedit.exe "%1") -> No action taken.
Infikované složky:
c:\program files\newdotnet (Adware.NewDotNet) -> No action taken.
c:\program files\VVSN (Adware.WhenU) -> No action taken.
c:\program files\VVSN\URL1 (Adware.WhenU) -> No action taken.
Infikované soubory:
c:\WINDOWS\system32\temp1.exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\ricki\nabídka start\Programy\po spuštění\ctfmon.exe (Trojan.VB) -> No action taken.
c:\WINDOWS\svchost.exe (Trojan.Dropper) -> No action taken.
c:\copy.exe (Worm.Perlovga) -> No action taken.
c:\host.exe (Trojan.Dropper) -> No action taken.
c:\WINDOWS\xcopy.exe (Worm.Perlovga) -> No action taken.
c:\WINDOWS\system32\temp2.exe (Trojan.Downloader) -> No action taken.
c:\WINDOWS\system32\rk.exe (Adware.RelevantKnowledge) -> No action taken.
c:\program files\alcohol soft\alcohol 120\patch_3105.exe (RiskWare.Tool.HCK) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584393.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584394.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584409.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584410.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584425.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584426.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584442.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584443.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584471.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584472.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584502.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{0d158b90-e310-4f5c-89e6-1eadcfe3b8f7}\RP283\A0584503.exe (Trojan.Downloader) -> No action taken.
c:\Recycled\ctfmon.exe (Trojan.VB) -> No action taken.
c:\Recycled\Recycled\ctfmon.exe (Trojan.VB) -> No action taken.
d:\copy.exe (Worm.Perlovga) -> No action taken.
d:\host.exe (Trojan.Dropper) -> No action taken.
d:\Recycled\ctfmon.exe (Trojan.VB) -> No action taken.
c:\xn1i9x.com (Spyware.OnlineGames) -> No action taken.
c:\WINDOWS\system32\amvo.exe (Trojan.Agent) -> No action taken.
c:\WINDOWS\system32\amvo0.dll (Trojan.Agent) -> No action taken.
c:\WINDOWS\system32\amvo1.dll (Trojan.Agent) -> No action taken.
c:\program files\newdotnet\newdotnet6_38.dll (Adware.NewDotNet) -> No action taken.
c:\program files\newdotnet\readme.html (Adware.NewDotNet) -> No action taken.
c:\program files\VVSN\vvsn.cfg (Adware.WhenU) -> No action taken.
Re: neaká háveď nejde už ani internet
zaskocim, pokial sa objavi kolega:
c:\program files\newdotnet sa pokus odinstalovat
vsetko ostatne nechaj zmazat v MBAM
c:\program files\newdotnet sa pokus odinstalovat
vsetko ostatne nechaj zmazat v MBAM
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: neaká háveď nejde už ani internet
c:\program files\newdotnet sa mi nedarilo odinstalovať cez nijaký program tak som dal odstrániť vše a naledoval restart ....
Re: neaká háveď nejde už ani internet
odinstaluj este Ask Toolbar a doinstaluj ServicePack 3
+
restart a zaverecny log RSIT
+
restart a zaverecny log RSIT
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: neaká háveď nejde už ani internet
takto...... po odstranení všetkých virov nastal problém...... počítač sa reštartovaval asi 10 minut potom sekol pri obrazovke ukladaní nastavení..... vybral som teda baterku pri zapínaní nastala kontrola svazku C.. po dlhom čase sa konečne zapol a naskočili dve tabulky (error) MemCheck.exe ladíci služby common language runtime
a ešte: RUNDLL
a ešte: RUNDLL
Kód: Vybrat vše
http://imageshack.us/f/717/imag0726f.jpg/Re: neaká háveď nejde už ani internet
pozri http://www.viry.cz/forum/viewtopic.php?f=24&t=9464 - je tam aj odinstalator New.Net
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: neaká háveď nejde už ani internet
všetko spravené počítač sa tvári ako po žúrke...... nereaguje..... keĎ idem otvoriť disk C vyhodí mi tabuľku že v akom programe ho mám otvoriť heh.....
Re: neaká háveď nejde už ani internet
no ja sa ani nedivim, ved tam bola kopa starych smejdov, a ktozvie co tam este najdeme ,,,
stiahni a uloz na plochu ComboFix
potom spust pod uctom s administratorskym opravnenim
akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie
Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.
po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)
stiahni a uloz na plochu ComboFix
potom spust pod uctom s administratorskym opravnenim
akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie
Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.
po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: neaká háveď nejde už ani internet
ComboFix 11-08-01.05 - ricki 02.08.2011 8:22.1.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.420.1029.18.446.113 [GMT 2:00]
Spuštěný z: c:\documents and settings\ricki\Plocha\ComboFix.exe
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
C:\comment.htt
C:\desktop.ini
c:\documents and settings\MoonDemo\Moondemo.d32
c:\documents and settings\ricki\WINDOWS
c:\recycled\Recycled
c:\windows\autorun.inf
c:\windows\iun6002.exe
c:\windows\unin0405.exe
D:\Autorun.inf
D:\comment.htt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-02 do 2011-08-02 )))))))))))))))))))))))))))))))
.
.
2011-08-01 09:20 . 2011-08-01 09:20 -------- d-----w- c:\documents and settings\ricki\Data aplikací\Malwarebytes
2011-08-01 09:20 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-01 09:20 . 2011-08-01 09:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-08-01 09:20 . 2011-08-01 09:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-01 09:20 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-31 21:08 . 2011-07-31 21:08 -------- d-----w- c:\program files\trend micro
2011-07-31 21:08 . 2011-07-31 21:08 -------- d-----w- C:\rsit
2011-07-21 12:45 . 2010-09-03 15:34 27008 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2011-07-21 12:45 . 2010-08-24 20:52 82816 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2011-07-21 12:45 . 2010-07-27 13:25 72832 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2011-07-21 12:45 . 2010-07-27 13:25 51712 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2011-07-21 12:45 . 2010-05-04 14:50 19456 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2011-07-21 12:45 . 2010-08-27 11:53 117504 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2011-07-21 12:45 . 2010-08-07 15:48 106496 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-07-21 12:45 . 2010-05-10 12:18 860928 ----a-w- c:\windows\system32\drivers\mod7700.sys
2011-07-21 12:45 . 2010-03-20 10:06 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2011-07-21 12:45 . 2007-08-09 02:13 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2011-07-21 12:45 . 2010-07-27 07:52 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2011-07-21 10:15 . 2011-07-21 10:15 -------- d-----w- c:\program files\CCleaner
2011-07-21 10:03 . 2011-07-21 10:04 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2011-07-20 09:00 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-07-20 09:00 . 2009-07-14 10:27 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-07-20 09:00 . 2009-07-14 10:27 1461992 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01009.dll
2011-07-20 09:00 . 2005-05-13 14:27 28672 ----a-w- c:\windows\system32\drivers\usbccid.sys
2011-07-20 09:00 . 2011-07-20 09:00 -------- d-----w- c:\program files\Mobile Partner
2011-07-20 08:54 . 2011-07-20 08:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DatacardService
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2000-01-07 09:53 . 2007-12-04 16:15 696320 ----a-w- c:\program files\Common Files\XCMHook.dll
2000-01-06 13:57 . 2007-12-04 16:15 24576 ----a-w- c:\program files\Common Files\XCPCMenu.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-07-10 15:28 1174920 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2006-04-14 53248]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2006-04-27 151552]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-27 16248320]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-05-30 421888]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-06-23 602112]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-18 110592]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2006-3-27 45056]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-3-6 1183744]
T-Mobile Communication Center.lnk - c:\program files\T-Mobile Communication Center\TMCC.exe [2010-11-12 761856]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MotoGP2 Demo\\motogp2_demo.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.6.2007 9:08 639224]
R0 Vax347b;Vax347b;c:\windows\system32\drivers\Vax347b.sys [18.3.2008 7:18 159616]
R0 Vax347s;Vax347s;c:\windows\system32\drivers\Vax347s.sys [18.3.2008 7:18 5248]
R1 bizVSerial;Franson VSerial;c:\windows\system32\drivers\bizVSerialNT.sys [3.4.2006 22:00 14949]
R2 DCService.exe;DCService.exe;c:\documents and settings\All Users\Data aplikací\DatacardService\DCService.exe [29.9.2010 3:33 249856]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [22.11.2010 18:16 47616]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [21.7.2011 14:45 72832]
S0 ElbyVCD;ElbyVCD;c:\windows\system32\DRIVERS\ElbyVCD.sys --> c:\windows\system32\DRIVERS\ElbyVCD.sys [?]
S0 pqir;pqir;c:\windows\system32\drivers\lyihgqvf.sys --> c:\windows\system32\drivers\lyihgqvf.sys [?]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [21.7.2011 14:45 102784]
S3 Franson GpsGate 2.0;Franson GpsGate 2.0;c:\program files\Franson\GpsGate 2.0\GpsGateService.exe [16.5.2007 12:16 253952]
S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [21.7.2011 14:45 82816]
S3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\drivers\K320bus.sys [30.11.2007 11:32 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\drivers\K320mdfl.sys [30.11.2007 11:32 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\drivers\K320mdm.sys [30.11.2007 11:32 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\K320mgmt.sys [30.11.2007 11:37 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;c:\windows\system32\drivers\K320obex.sys [30.11.2007 11:36 86368]
S3 KS-959;Kingsun KS-959 USB Infrared Adapter;c:\windows\system32\drivers\KS-959.sys [17.7.2007 13:10 19034]
S3 mak750c;mak750c;c:\windows\system32\drivers\mak750c.sys [3.12.2007 21:18 24784]
S3 mak750m;mak750m;c:\windows\system32\drivers\mak750m.sys [3.12.2007 21:18 25044]
S3 mak750u;mak750u;c:\windows\system32\drivers\mak750u.sys [3.12.2007 21:18 51797]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [12.11.2010 12:56 9728]
S3 vaxscsi;vaxscsi;c:\windows\system32\Drivers\vaxscsi.sys --> c:\windows\system32\Drivers\vaxscsi.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-02 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-07-10 15:29]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = hxxp://cs.intl.acer.yahoo.com
TCP: Interfaces\{4BBBAA92-DE04-4CB9-BF72-6A206E659119}: NameServer = 8.8.8.8,8.8.4.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-TransClock - g:\ovladače xp\prehladne hodiny.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-02 08:28
Windows 5.1.2600 Service Pack 2 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(728)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-08-02 08:30:08
ComboFix-quarantined-files.txt 2011-08-02 06:30
.
Před spuštěním: 5 206 507 520
Po spuštění: 5 151 588 352
.
- - End Of File - - 1E6FD085E36567752065997E262BB58B
Microsoft Windows XP Home Edition 5.1.2600.2.1250.420.1029.18.446.113 [GMT 2:00]
Spuštěný z: c:\documents and settings\ricki\Plocha\ComboFix.exe
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\autorun.inf
C:\comment.htt
C:\desktop.ini
c:\documents and settings\MoonDemo\Moondemo.d32
c:\documents and settings\ricki\WINDOWS
c:\recycled\Recycled
c:\windows\autorun.inf
c:\windows\iun6002.exe
c:\windows\unin0405.exe
D:\Autorun.inf
D:\comment.htt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-02 do 2011-08-02 )))))))))))))))))))))))))))))))
.
.
2011-08-01 09:20 . 2011-08-01 09:20 -------- d-----w- c:\documents and settings\ricki\Data aplikací\Malwarebytes
2011-08-01 09:20 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-01 09:20 . 2011-08-01 09:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-08-01 09:20 . 2011-08-01 09:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-01 09:20 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-31 21:08 . 2011-07-31 21:08 -------- d-----w- c:\program files\trend micro
2011-07-31 21:08 . 2011-07-31 21:08 -------- d-----w- C:\rsit
2011-07-21 12:45 . 2010-09-03 15:34 27008 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2011-07-21 12:45 . 2010-08-24 20:52 82816 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2011-07-21 12:45 . 2010-07-27 13:25 72832 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2011-07-21 12:45 . 2010-07-27 13:25 51712 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2011-07-21 12:45 . 2010-05-04 14:50 19456 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2011-07-21 12:45 . 2010-08-27 11:53 117504 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2011-07-21 12:45 . 2010-08-07 15:48 106496 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-07-21 12:45 . 2010-05-10 12:18 860928 ----a-w- c:\windows\system32\drivers\mod7700.sys
2011-07-21 12:45 . 2010-03-20 10:06 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2011-07-21 12:45 . 2007-08-09 02:13 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2011-07-21 12:45 . 2010-07-27 07:52 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2011-07-21 10:15 . 2011-07-21 10:15 -------- d-----w- c:\program files\CCleaner
2011-07-21 10:03 . 2011-07-21 10:04 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2011-07-20 09:00 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-07-20 09:00 . 2009-07-14 10:27 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-07-20 09:00 . 2009-07-14 10:27 1461992 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01009.dll
2011-07-20 09:00 . 2005-05-13 14:27 28672 ----a-w- c:\windows\system32\drivers\usbccid.sys
2011-07-20 09:00 . 2011-07-20 09:00 -------- d-----w- c:\program files\Mobile Partner
2011-07-20 08:54 . 2011-07-20 08:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DatacardService
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2000-01-07 09:53 . 2007-12-04 16:15 696320 ----a-w- c:\program files\Common Files\XCMHook.dll
2000-01-06 13:57 . 2007-12-04 16:15 24576 ----a-w- c:\program files\Common Files\XCPCMenu.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-07-10 15:28 1174920 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2006-04-14 53248]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2006-04-27 151552]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-27 16248320]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-05-30 421888]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-06-23 602112]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-18 110592]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2006-3-27 45056]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-3-6 1183744]
T-Mobile Communication Center.lnk - c:\program files\T-Mobile Communication Center\TMCC.exe [2010-11-12 761856]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MotoGP2 Demo\\motogp2_demo.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.6.2007 9:08 639224]
R0 Vax347b;Vax347b;c:\windows\system32\drivers\Vax347b.sys [18.3.2008 7:18 159616]
R0 Vax347s;Vax347s;c:\windows\system32\drivers\Vax347s.sys [18.3.2008 7:18 5248]
R1 bizVSerial;Franson VSerial;c:\windows\system32\drivers\bizVSerialNT.sys [3.4.2006 22:00 14949]
R2 DCService.exe;DCService.exe;c:\documents and settings\All Users\Data aplikací\DatacardService\DCService.exe [29.9.2010 3:33 249856]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [22.11.2010 18:16 47616]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [21.7.2011 14:45 72832]
S0 ElbyVCD;ElbyVCD;c:\windows\system32\DRIVERS\ElbyVCD.sys --> c:\windows\system32\DRIVERS\ElbyVCD.sys [?]
S0 pqir;pqir;c:\windows\system32\drivers\lyihgqvf.sys --> c:\windows\system32\drivers\lyihgqvf.sys [?]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [21.7.2011 14:45 102784]
S3 Franson GpsGate 2.0;Franson GpsGate 2.0;c:\program files\Franson\GpsGate 2.0\GpsGateService.exe [16.5.2007 12:16 253952]
S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [21.7.2011 14:45 82816]
S3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\drivers\K320bus.sys [30.11.2007 11:32 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\drivers\K320mdfl.sys [30.11.2007 11:32 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\drivers\K320mdm.sys [30.11.2007 11:32 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\K320mgmt.sys [30.11.2007 11:37 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;c:\windows\system32\drivers\K320obex.sys [30.11.2007 11:36 86368]
S3 KS-959;Kingsun KS-959 USB Infrared Adapter;c:\windows\system32\drivers\KS-959.sys [17.7.2007 13:10 19034]
S3 mak750c;mak750c;c:\windows\system32\drivers\mak750c.sys [3.12.2007 21:18 24784]
S3 mak750m;mak750m;c:\windows\system32\drivers\mak750m.sys [3.12.2007 21:18 25044]
S3 mak750u;mak750u;c:\windows\system32\drivers\mak750u.sys [3.12.2007 21:18 51797]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [12.11.2010 12:56 9728]
S3 vaxscsi;vaxscsi;c:\windows\system32\Drivers\vaxscsi.sys --> c:\windows\system32\Drivers\vaxscsi.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-02 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-07-10 15:29]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = hxxp://cs.intl.acer.yahoo.com
TCP: Interfaces\{4BBBAA92-DE04-4CB9-BF72-6A206E659119}: NameServer = 8.8.8.8,8.8.4.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-TransClock - g:\ovladače xp\prehladne hodiny.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-02 08:28
Windows 5.1.2600 Service Pack 2 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(728)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-08-02 08:30:08
ComboFix-quarantined-files.txt 2011-08-02 06:30
.
Před spuštěním: 5 206 507 520
Po spuštění: 5 151 588 352
.
- - End Of File - - 1E6FD085E36567752065997E262BB58B
Re: neaká háveď nejde už ani internet
urob este toto a napis ake su problemy s PC 
Presun ComboFix
na plochu (ak tam este nie je)
otvor si Poznamkovy blok - notepad
do neho zkopiruj skript z nasledujiceho okna:
uloz vytvoreny textovy soubor ako CFScript.txt na plochu
po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:
po aplikacii by mal vzniknut dalsi log, ten vloz sem
Presun ComboFix
na plochu (ak tam este nie je)
otvor si Poznamkovy blok - notepad
do neho zkopiruj skript z nasledujiceho okna:
Kód: Vybrat vše
Driver::
pqir
po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:
po aplikacii by mal vzniknut dalsi log, ten vloz sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: neaká háveď nejde už ani internet
ComboFix 11-08-01.05 - ricki 02.08.2011 18:29:40.2.1 - FAT32x86
Spuštěný z: c:\documents and settings\ricki\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\ricki\Plocha\CFScript.txt.txt
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_pqir
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-02 do 2011-08-02 )))))))))))))))))))))))))))))))
.
.
2011-08-01 09:20 . 2011-08-01 09:20 -------- d-----w- c:\documents and settings\ricki\Data aplikací\Malwarebytes
2011-08-01 09:20 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-01 09:20 . 2011-08-01 09:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-08-01 09:20 . 2011-08-01 09:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-01 09:20 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-31 21:08 . 2011-07-31 21:08 -------- d-----w- c:\program files\trend micro
2011-07-31 21:08 . 2011-07-31 21:08 -------- d-----w- C:\rsit
2011-07-21 12:45 . 2010-09-03 15:34 27008 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2011-07-21 12:45 . 2010-08-24 20:52 82816 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2011-07-21 12:45 . 2010-07-27 13:25 72832 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2011-07-21 12:45 . 2010-07-27 13:25 51712 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2011-07-21 12:45 . 2010-05-04 14:50 19456 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2011-07-21 12:45 . 2010-08-27 11:53 117504 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2011-07-21 12:45 . 2010-08-07 15:48 106496 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-07-21 12:45 . 2010-05-10 12:18 860928 ----a-w- c:\windows\system32\drivers\mod7700.sys
2011-07-21 12:45 . 2010-03-20 10:06 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2011-07-21 12:45 . 2007-08-09 02:13 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2011-07-21 12:45 . 2010-07-27 07:52 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2011-07-21 10:15 . 2011-07-21 10:15 -------- d-----w- c:\program files\CCleaner
2011-07-21 10:03 . 2011-07-21 10:04 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2011-07-20 09:00 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-07-20 09:00 . 2009-07-14 10:27 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-07-20 09:00 . 2009-07-14 10:27 1461992 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01009.dll
2011-07-20 09:00 . 2005-05-13 14:27 28672 ----a-w- c:\windows\system32\drivers\usbccid.sys
2011-07-20 09:00 . 2011-07-20 09:00 -------- d-----w- c:\program files\Mobile Partner
2011-07-20 08:54 . 2011-07-20 08:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DatacardService
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2000-01-07 09:53 . 2007-12-04 16:15 696320 ----a-w- c:\program files\Common Files\XCMHook.dll
2000-01-06 13:57 . 2007-12-04 16:15 24576 ----a-w- c:\program files\Common Files\XCPCMenu.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Chyba šifrovací služby !!
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-07-10 15:28 1174920 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2006-04-14 53248]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2006-04-27 151552]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-27 16248320]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-05-30 421888]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-06-23 602112]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-18 110592]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2006-3-27 45056]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-3-6 1183744]
T-Mobile Communication Center.lnk - c:\program files\T-Mobile Communication Center\TMCC.exe [2010-11-12 761856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MotoGP2 Demo\\motogp2_demo.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 ElbyVCD;ElbyVCD;c:\windows\system32\DRIVERS\ElbyVCD.sys [x]
R2 DCService.exe;DCService.exe;c:\documents and settings\All Users\Data aplikací\DatacardService\DCService.exe [2010-09-29 249856]
R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;c:\windows\system32\eLock2BurnerLockDriver.sys [x]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\eLock2FSCTLDriver.sys [x]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [2010-03-09 47616]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
R3 Franson GpsGate 2.0;Franson GpsGate 2.0;c:\program files\Franson\GpsGate 2.0\GpsGateService.exe [2007-05-16 253952]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2010-08-24 82816]
R3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
R3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\DRIVERS\K320mdfl.sys [2006-08-18 9328]
R3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\DRIVERS\K320mdm.sys [2006-08-18 97056]
R3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\K320mgmt.sys [2006-08-18 88560]
R3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\K320obex.sys [2006-08-18 86368]
R3 KS-959;Kingsun KS-959 USB Infrared Adapter;c:\windows\system32\DRIVERS\KS-959.sys [2005-10-09 19034]
R3 mak750c;mak750c;c:\windows\system32\Drivers\mak750c.sys [2005-06-16 24784]
R3 mak750m;mak750m;c:\windows\system32\Drivers\mak750m.sys [2005-06-16 25044]
R3 mak750u;mak750u;c:\windows\system32\Drivers\mak750u.sys [2005-07-04 51797]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-11-12 9728]
R3 vaxscsi;vaxscsi;c:\windows\System32\Drivers\vaxscsi.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2007-09-13 639224]
S0 Vax347b;Vax347b;c:\windows\system32\DRIVERS\Vax347b.sys [2005-04-25 159616]
S0 Vax347s;Vax347s;c:\windows\System32\Drivers\Vax347s.sys [2004-04-30 5248]
S1 bizVSerial;Franson VSerial;c:\windows\system32\drivers\bizVSerialNT.sys [2006-04-03 14949]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-07-27 72832]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MDMXSDK
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-02 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-07-10 15:29]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = hxxp://cs.intl.acer.yahoo.com
TCP: Interfaces\{4BBBAA92-DE04-4CB9-BF72-6A206E659119}: NameServer = 8.8.8.8,8.8.4.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-Wdf01000.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-02 18:38
Windows 5.1.2600 Service Pack 2 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(732)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
.
**************************************************************************
.
Celkový čas: 2011-08-02 18:38:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-02 16:38
ComboFix2.txt 2011-08-02 06:30
.
Před spuštěním: 5 172 002 816
Po spuštění: 5 074 288 640
.
- - End Of File - - A31A1EC6C5ED6D817F55C1D6DEF991A5
Spuštěný z: c:\documents and settings\ricki\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\ricki\Plocha\CFScript.txt.txt
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_pqir
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-02 do 2011-08-02 )))))))))))))))))))))))))))))))
.
.
2011-08-01 09:20 . 2011-08-01 09:20 -------- d-----w- c:\documents and settings\ricki\Data aplikací\Malwarebytes
2011-08-01 09:20 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-01 09:20 . 2011-08-01 09:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-08-01 09:20 . 2011-08-01 09:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-01 09:20 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-31 21:08 . 2011-07-31 21:08 -------- d-----w- c:\program files\trend micro
2011-07-31 21:08 . 2011-07-31 21:08 -------- d-----w- C:\rsit
2011-07-21 12:45 . 2010-09-03 15:34 27008 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2011-07-21 12:45 . 2010-08-24 20:52 82816 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2011-07-21 12:45 . 2010-07-27 13:25 72832 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2011-07-21 12:45 . 2010-07-27 13:25 51712 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2011-07-21 12:45 . 2010-05-04 14:50 19456 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2011-07-21 12:45 . 2010-08-27 11:53 117504 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2011-07-21 12:45 . 2010-08-07 15:48 106496 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-07-21 12:45 . 2010-05-10 12:18 860928 ----a-w- c:\windows\system32\drivers\mod7700.sys
2011-07-21 12:45 . 2010-03-20 10:06 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2011-07-21 12:45 . 2007-08-09 02:13 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2011-07-21 12:45 . 2010-07-27 07:52 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2011-07-21 10:15 . 2011-07-21 10:15 -------- d-----w- c:\program files\CCleaner
2011-07-21 10:03 . 2011-07-21 10:04 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2011-07-20 09:00 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-07-20 09:00 . 2009-07-14 10:27 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-07-20 09:00 . 2009-07-14 10:27 1461992 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01009.dll
2011-07-20 09:00 . 2005-05-13 14:27 28672 ----a-w- c:\windows\system32\drivers\usbccid.sys
2011-07-20 09:00 . 2011-07-20 09:00 -------- d-----w- c:\program files\Mobile Partner
2011-07-20 08:54 . 2011-07-20 08:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DatacardService
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2000-01-07 09:53 . 2007-12-04 16:15 696320 ----a-w- c:\program files\Common Files\XCMHook.dll
2000-01-06 13:57 . 2007-12-04 16:15 24576 ----a-w- c:\program files\Common Files\XCPCMenu.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Chyba šifrovací služby !!
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-07-10 15:28 1174920 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2006-04-14 53248]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2006-04-27 151552]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-27 16248320]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-05-30 421888]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 761946]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-06-23 602112]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-18 110592]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
Acer Empowering Technology.lnk - c:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2006-3-27 45056]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-3-6 1183744]
T-Mobile Communication Center.lnk - c:\program files\T-Mobile Communication Center\TMCC.exe [2010-11-12 761856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MotoGP2 Demo\\motogp2_demo.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R0 ElbyVCD;ElbyVCD;c:\windows\system32\DRIVERS\ElbyVCD.sys [x]
R2 DCService.exe;DCService.exe;c:\documents and settings\All Users\Data aplikací\DatacardService\DCService.exe [2010-09-29 249856]
R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;c:\windows\system32\eLock2BurnerLockDriver.sys [x]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\eLock2FSCTLDriver.sys [x]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [2010-03-09 47616]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
R3 Franson GpsGate 2.0;Franson GpsGate 2.0;c:\program files\Franson\GpsGate 2.0\GpsGateService.exe [2007-05-16 253952]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2010-08-24 82816]
R3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
R3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\DRIVERS\K320mdfl.sys [2006-08-18 9328]
R3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\DRIVERS\K320mdm.sys [2006-08-18 97056]
R3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\K320mgmt.sys [2006-08-18 88560]
R3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\K320obex.sys [2006-08-18 86368]
R3 KS-959;Kingsun KS-959 USB Infrared Adapter;c:\windows\system32\DRIVERS\KS-959.sys [2005-10-09 19034]
R3 mak750c;mak750c;c:\windows\system32\Drivers\mak750c.sys [2005-06-16 24784]
R3 mak750m;mak750m;c:\windows\system32\Drivers\mak750m.sys [2005-06-16 25044]
R3 mak750u;mak750u;c:\windows\system32\Drivers\mak750u.sys [2005-07-04 51797]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-11-12 9728]
R3 vaxscsi;vaxscsi;c:\windows\System32\Drivers\vaxscsi.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2007-09-13 639224]
S0 Vax347b;Vax347b;c:\windows\system32\DRIVERS\Vax347b.sys [2005-04-25 159616]
S0 Vax347s;Vax347s;c:\windows\System32\Drivers\Vax347s.sys [2004-04-30 5248]
S1 bizVSerial;Franson VSerial;c:\windows\system32\drivers\bizVSerialNT.sys [2006-04-03 14949]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-07-27 72832]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MDMXSDK
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-02 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-07-10 15:29]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = hxxp://cs.intl.acer.yahoo.com
TCP: Interfaces\{4BBBAA92-DE04-4CB9-BF72-6A206E659119}: NameServer = 8.8.8.8,8.8.4.4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-Wdf01000.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-02 18:38
Windows 5.1.2600 Service Pack 2 FAT NTAPI
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(732)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
.
**************************************************************************
.
Celkový čas: 2011-08-02 18:38:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-02 16:38
ComboFix2.txt 2011-08-02 06:30
.
Před spuštěním: 5 172 002 816
Po spuštění: 5 074 288 640
.
- - End Of File - - A31A1EC6C5ED6D817F55C1D6DEF991A5
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: neaká háveď nejde už ani internet
1. není odinstalován c:\program files\Ask.com
2. spusť znovu MBAM - zkontroluj že je vše označeno a dej Odstranit označené - log sem
3. dej aktuální RSIT
2. spusť znovu MBAM - zkontroluj že je vše označeno a dej Odstranit označené - log sem
3. dej aktuální RSIT
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: neaká háveď nejde už ani internet
počítač nabehne tak ako má ale na zobrazenie plochy si počkám tak 3-5 minút potom mi vyhodí tabulku
:
log z mbam:
Malwarebytes' Anti-Malware
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
3.8.2011 11:24:25
mbam-log-2011-08-03 (11-24-25).txt
Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 192741
Uplynulý čas: 10 minut, 44 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Rsit
:
Logfile of random's system information tool 1.09 (written by random/random)
Run by ricki at 2011-08-03 11:32:35
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 5 GB (14%) free of 35 GB
Total RAM: 446 MB (36% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} -
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2006-04-14 53248]
"PCMService"=C:\Program Files\Acer\Acer Arcade\PCMService.exe [2006-04-27 151552]
"Acer ePresentation HPD"=C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2006-03-31 204800]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-27 16248320]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-05-30 421888]
"Boot"=C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-06-23 602112]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
T-Mobile Communication Center.lnk - C:\Program Files\T-Mobile Communication Center\TMCC.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-18 239616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Acer\Acer Arcade\PCMService.exe"="C:\Program Files\Acer\Acer Arcade\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\MotoGP2 Demo\motogp2_demo.exe"="C:\Program Files\MotoGP2 Demo\motogp2_demo.exe:*:Disabled:motogp2_demo"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.l3codecp"=
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.vorbis"=vorbis.acm
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
======List of files/folders created in the last 1 month======
2011-08-02 18:42:20 ----D---- C:\WINDOWS\temp
2011-08-02 18:42:18 ----A---- C:\ComboFix.txt
2011-08-02 07:59:15 ----A---- C:\WINDOWS\zip.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\SWSC.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\SWREG.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\sed.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\PEV.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\NIRCMD.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\MBR.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\grep.exe
2011-08-02 07:59:11 ----D---- C:\WINDOWS\ERDNT
2011-08-02 07:59:05 ----AD---- C:\Qoobox
2011-08-01 11:20:42 ----D---- C:\Documents and Settings\ricki\Data aplikací\Malwarebytes
2011-08-01 11:20:34 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-08-01 11:20:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-08-01 11:20:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-08-01 11:20:30 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-31 23:19:41 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt
2011-07-31 23:08:10 ----D---- C:\Program Files\trend micro
2011-07-31 23:08:09 ----D---- C:\rsit
2011-07-30 11:41:58 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_juextctrl.sys
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_jucdcecm.sys
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_jucdcacm.sys
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_jubusenum.sys
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_hwupgrade.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\mod7700.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\ewusbnet.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\ewusbmdm.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\ewdcsc.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys
2011-07-21 14:45:29 ----A---- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys
2011-07-21 12:15:17 ----D---- C:\Program Files\CCleaner
2011-07-21 12:03:59 ----D---- C:\Program Files\Eusing Free Registry Cleaner
2011-07-20 11:06:08 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2011-07-20 11:00:52 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2011-07-20 11:00:45 ----HD---- C:\WINDOWS\$NtUninstallWdf01009$
2011-07-20 11:00:40 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-07-20 11:00:40 ----A---- C:\WINDOWS\system32\drivers\WdfCoInstaller01009.dll
2011-07-20 11:00:39 ----A---- C:\WINDOWS\system32\drivers\usbccid.sys
2011-07-20 11:00:20 ----D---- C:\Program Files\Mobile Partner
2011-07-20 10:54:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\DatacardService
======List of files/folders modified in the last 1 month======
2011-08-02 18:52:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-02 18:37:02 ----A---- C:\WINDOWS\system.ini
2011-08-01 11:15:48 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-03 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-03 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-03 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-03 43008]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2004-08-18 13952]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-18 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-12-05 20640]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-03-03 48640]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-03 41088]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-09-13 639224]
R0 Vax347b;Vax347b; C:\WINDOWS\system32\DRIVERS\Vax347b.sys [2005-04-25 159616]
R0 Vax347s;Vax347s; C:\WINDOWS\System32\Drivers\Vax347s.sys [2004-04-30 5248]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 42240]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43008]
R1 bizVSerial;Franson VSerial; C:\WINDOWS\System32\drivers\bizVSerialNT.sys [2006-04-03 14949]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys []
R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 MaVctrl;MaVctrl; C:\WINDOWS\system32\DRIVERS\MaVc2K.sys [2005-08-18 11473]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-14 12672]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-18 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys []
R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-01-24 488448]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-04-27 1540096]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-07 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-05-24 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-05-24 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-05-24 74752]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-06-12 990592]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-06-12 208384]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2010-07-27 72832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-06-02 6144]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-18 67584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-18 26496]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-06-12 727808]
S0 ElbyVCD;ElbyVCD; C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys []
S2 eLock2FSCTLDriver;eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys []
S2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-18 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-18 38016]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-18 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-18 274304]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-18 18944]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2006-01-11 194048]
S3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys [2010-08-24 82816]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\K320mdfl.sys [2006-08-18 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\K320mdm.sys [2006-08-18 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\K320mgmt.sys [2006-08-18 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\K320obex.sys [2006-08-18 86368]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 KS-959;Kingsun KS-959 USB Infrared Adapter; C:\WINDOWS\system32\DRIVERS\KS-959.sys [2005-10-09 19034]
S3 mak750c;mak750c; C:\WINDOWS\System32\Drivers\mak750c.sys [2005-06-16 24784]
S3 mak750m;mak750m; C:\WINDOWS\System32\Drivers\mak750m.sys [2005-06-16 25044]
S3 mak750u;mak750u; C:\WINDOWS\System32\Drivers\mak750u.sys [2005-07-04 51797]
S3 MaRdPnp;MaRdPnp; C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys [2005-08-18 49867]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2010-11-12 9728]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-18 59648]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-18 11136]
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2004-12-09 46592]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-18 15360]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-18 31616]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbsermpt;Motorola USB Modem Driver for MPT; C:\WINDOWS\system32\DRIVERS\usbsermpt.sys [2007-12-14 22768]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys []
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 86368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2010-11-12 105088]
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2010-11-12 105088]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2010-11-12 105088]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-04-27 405504]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [2006-04-27 254050]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [2006-04-27 114784]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [2006-04-27 61440]
R2 DCService.exe;DCService.exe; C:\Documents and Settings\All Users\Data aplikací\DatacardService\DCService.exe [2010-09-29 249856]
R2 LGScsiCommandService;LG SCSI command service; C:\WINDOWS\system32\LGScsiCommandService.exe [2010-03-09 47616]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-01-21 143360]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
S2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-03-29 28672]
S2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
S2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 Franson GpsGate 2.0;Franson GpsGate 2.0; C:\Program Files\Franson\GpsGate 2.0\GpsGateService.exe [2007-05-16 253952]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
-----------------EOF-----------------
internet stále nejde
:
Kód: Vybrat vše
http://imageshack.us/f/833/imag0013rh.jpg/Malwarebytes' Anti-Malware
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
3.8.2011 11:24:25
mbam-log-2011-08-03 (11-24-25).txt
Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 192741
Uplynulý čas: 10 minut, 44 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Rsit
:
Logfile of random's system information tool 1.09 (written by random/random)
Run by ricki at 2011-08-03 11:32:35
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 5 GB (14%) free of 35 GB
Total RAM: 446 MB (36% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} -
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2006-04-14 53248]
"PCMService"=C:\Program Files\Acer\Acer Arcade\PCMService.exe [2006-04-27 151552]
"Acer ePresentation HPD"=C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2006-03-31 204800]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-06-27 16248320]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-05-30 421888]
"Boot"=C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-03-03 761946]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-06-23 602112]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
T-Mobile Communication Center.lnk - C:\Program Files\T-Mobile Communication Center\TMCC.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-04-27 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2004-08-18 239616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Acer\Acer Arcade\PCMService.exe"="C:\Program Files\Acer\Acer Arcade\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\MotoGP2 Demo\motogp2_demo.exe"="C:\Program Files\MotoGP2 Demo\motogp2_demo.exe:*:Disabled:motogp2_demo"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.l3codecp"=
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.vorbis"=vorbis.acm
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
======List of files/folders created in the last 1 month======
2011-08-02 18:42:20 ----D---- C:\WINDOWS\temp
2011-08-02 18:42:18 ----A---- C:\ComboFix.txt
2011-08-02 07:59:15 ----A---- C:\WINDOWS\zip.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\SWSC.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\SWREG.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\sed.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\PEV.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\NIRCMD.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\MBR.exe
2011-08-02 07:59:15 ----A---- C:\WINDOWS\grep.exe
2011-08-02 07:59:11 ----D---- C:\WINDOWS\ERDNT
2011-08-02 07:59:05 ----AD---- C:\Qoobox
2011-08-01 11:20:42 ----D---- C:\Documents and Settings\ricki\Data aplikací\Malwarebytes
2011-08-01 11:20:34 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-08-01 11:20:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-08-01 11:20:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-08-01 11:20:30 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-31 23:19:41 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt
2011-07-31 23:08:10 ----D---- C:\Program Files\trend micro
2011-07-31 23:08:09 ----D---- C:\rsit
2011-07-30 11:41:58 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_juextctrl.sys
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_jucdcecm.sys
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_jucdcacm.sys
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_jubusenum.sys
2011-07-21 14:45:31 ----A---- C:\WINDOWS\system32\drivers\ew_hwupgrade.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\mod7700.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\ewusbnet.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\ewusbmdm.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\ewdcsc.sys
2011-07-21 14:45:30 ----A---- C:\WINDOWS\system32\drivers\ew_usbenumfilter.sys
2011-07-21 14:45:29 ----A---- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys
2011-07-21 12:15:17 ----D---- C:\Program Files\CCleaner
2011-07-21 12:03:59 ----D---- C:\Program Files\Eusing Free Registry Cleaner
2011-07-20 11:06:08 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2011-07-20 11:00:52 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2011-07-20 11:00:45 ----HD---- C:\WINDOWS\$NtUninstallWdf01009$
2011-07-20 11:00:40 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-07-20 11:00:40 ----A---- C:\WINDOWS\system32\drivers\WdfCoInstaller01009.dll
2011-07-20 11:00:39 ----A---- C:\WINDOWS\system32\drivers\usbccid.sys
2011-07-20 11:00:20 ----D---- C:\Program Files\Mobile Partner
2011-07-20 10:54:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\DatacardService
======List of files/folders modified in the last 1 month======
2011-08-02 18:52:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-08-02 18:37:02 ----A---- C:\WINDOWS\system.ini
2011-08-01 11:15:48 ----A---- C:\WINDOWS\ModemLog_Bluetooth DUN Modem.txt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-03 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-03 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-03 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-03 43008]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2005-04-30 28271]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2004-08-18 13952]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-18 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-12-05 20640]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-03-03 48640]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-02-23 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2004-12-03 20544]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-03 41088]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-09-13 639224]
R0 Vax347b;Vax347b; C:\WINDOWS\system32\DRIVERS\Vax347b.sys [2005-04-25 159616]
R0 Vax347s;Vax347s; C:\WINDOWS\System32\Drivers\Vax347s.sys [2004-04-30 5248]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-03 42240]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43008]
R1 bizVSerial;Franson VSerial; C:\WINDOWS\System32\drivers\bizVSerialNT.sys [2006-04-03 14949]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2004-08-03 8832]
R2 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys []
R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 MaVctrl;MaVctrl; C:\WINDOWS\system32\DRIVERS\MaVc2K.sys [2005-08-18 11473]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-14 12672]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-18 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys []
R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-01-24 488448]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-04-27 1540096]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2004-12-07 16896]
R3 EMSCR;EMSCR; C:\WINDOWS\system32\DRIVERS\EMS7SK.sys [2006-05-24 61056]
R3 ESDCR;ESDCR; C:\WINDOWS\system32\DRIVERS\ESD7SK.sys [2006-05-24 40064]
R3 ESMCR;ESMCR; C:\WINDOWS\system32\DRIVERS\ESM7SK.sys [2006-05-24 74752]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-06-12 990592]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-06-12 208384]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys [2010-07-27 72832]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-06-02 6144]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2004-08-18 67584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-03-03 192672]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-18 26496]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-06-12 727808]
S0 ElbyVCD;ElbyVCD; C:\WINDOWS\system32\DRIVERS\ElbyVCD.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-18 14848]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys []
S2 eLock2FSCTLDriver;eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys []
S2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-18 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-18 38016]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-18 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-18 274304]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-18 18944]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 102784]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2006-01-11 194048]
S3 huawei_cdcacm;huawei_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys [2010-08-24 82816]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\K320mdfl.sys [2006-08-18 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\K320mdm.sys [2006-08-18 97056]
S3 K320mgmt;Sony Ericsson K320 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\K320mgmt.sys [2006-08-18 88560]
S3 K320obex;Sony Ericsson K320 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\K320obex.sys [2006-08-18 86368]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-02-11 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-02-11 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-02-11 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-02-11 79488]
S3 KS-959;Kingsun KS-959 USB Infrared Adapter; C:\WINDOWS\system32\DRIVERS\KS-959.sys [2005-10-09 19034]
S3 mak750c;mak750c; C:\WINDOWS\System32\Drivers\mak750c.sys [2005-06-16 24784]
S3 mak750m;mak750m; C:\WINDOWS\System32\Drivers\mak750m.sys [2005-06-16 25044]
S3 mak750u;mak750u; C:\WINDOWS\System32\Drivers\mak750u.sys [2005-07-04 51797]
S3 MaRdPnp;MaRdPnp; C:\WINDOWS\system32\DRIVERS\MaRdP2K.sys [2005-08-18 49867]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\WINDOWS\system32\drivers\massfilter.sys [2010-11-12 9728]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-18 59648]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-18 11136]
S3 SMCIRDA;SMSC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2004-12-09 46592]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-18 15360]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-18 31616]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbsermpt;Motorola USB Modem Driver for MPT; C:\WINDOWS\system32\DRIVERS\usbsermpt.sys [2007-12-14 22768]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 vaxscsi;vaxscsi; C:\WINDOWS\System32\Drivers\vaxscsi.sys []
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 86368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [2010-11-12 105088]
S3 ZTEusbnmea;ZTE NMEA Port; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [2010-11-12 105088]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [2010-11-12 105088]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-04-27 405504]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [2006-04-27 254050]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [2006-04-27 114784]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [2006-04-27 61440]
R2 DCService.exe;DCService.exe; C:\Documents and Settings\All Users\Data aplikací\DatacardService\DCService.exe [2010-09-29 249856]
R2 LGScsiCommandService;LG SCSI command service; C:\WINDOWS\system32\LGScsiCommandService.exe [2010-03-09 47616]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-01-21 143360]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
S2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-03-29 28672]
S2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
S2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 Franson GpsGate 2.0;Franson GpsGate 2.0; C:\Program Files\Franson\GpsGate 2.0\GpsGateService.exe [2007-05-16 253952]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
-----------------EOF-----------------
internet stále nejde
Přispějete na provoz fóra?