prosím o pomoc

[hlada3]

Mám problém, avast mi nahlásil rootkit ve windows-system32-drivers-sfloppy. Doporučil ho odstranit a tak jsem teda učinil, jenže neodstranilo se nic... Tak jsem se zkusil vrátit přes obnovu a to také nepomohlo, tak jsem opět vrátil obnovu zpět. Jenže teˇˇd už mi nehlásí avast žádný rootkit, ale po naběhnutí systému mi na pozadí naskočí asi 3x černé okno jako by se něco spouštělo, ale je to tak rychlé že to nedokážu přečíst... Nicméně pc jede v poho, ale jakmile vlezu do složky s filmy, tak mi to hodí hlášku, že v aplikaci explorer.exe došlo k problému a je nutné ho zavřít a ptá se to jestli to chci odeslat, či nikoli... Tak jsem projel pc rootkitrevealer a ten mi našel toto a já nevím co to vlastně znamená, prosím o pomoc, protože pc mám nedávno formátované a kamarád mi dal legální win xp a nechce se mi to dělat celé znovu... Předem děkuji za rady.

výsledek z rootkitrevealer:

HKLM\SECURITY\Policy\Secrets\SAC* 7. 7. 2011 13:13 0 bytes Key name contains embedded nulls (*)
HKLM\SECURITY\Policy\Secrets\SAI* 7. 7. 2011 13:13 0 bytes Key name contains embedded nulls (*)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\DelegateFolders\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\ 10. 9. 2011 18:48 19 bytes Data mismatch between Windows API and raw hive data.
C:\Documents and Settings\Martin a Mí 8. 12. 2011 6:20 139.16 KB Hidden from Windows API.

[JaRon]

no v prvom rade, to co malo byt rootkit bol vymysel AVAST-u, takze teoreticky mas pocitac cisty, ALE vloz preventivne log RSIT

[hlada3]

tak tady to je a snad jsem to udelal dobre

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin a Míša at 2011-12-08 16:59:10
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (21%) free of 19 GB
Total RAM: 1535 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:59:29, on 8.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17103)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Documents and Settings\Martin a Míša\Local Settings\Temp\winhost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Martin a Míša\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Martin a Míša.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1750559
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Windows Defender] C:\Documents and Settings\Martin a Míša\Data aplikací\VOM2SF243J.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Windows Live] C:\Documents and Settings\Martin a Míša\Local Settings\Temp\winini.exe
O4 - HKCU\..\Run: [Windows Defender] C:\Documents and Settings\Martin a Míša\Data aplikací\VOM2SF243J.exe
O4 - HKLM\..\Policies\Explorer\Run: [Windows Defender] C:\Documents and Settings\Martin a Míša\Data aplikací\VOM2SF243J.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 6910 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-04-15 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-07 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-08-07 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-04-21 1000768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd []
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"Windows Defender"=C:\Documents and Settings\Martin a Míša\Data aplikací\VOM2SF243J.exe [2008-07-25 35320]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Windows Defender"=C:\Documents and Settings\Martin a Míša\Data aplikací\VOM2SF243J.exe [2008-07-25 35320]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Windows Live"=C:\Documents and Settings\Martin a Míša\Local Settings\Temp\winini.exe [2011-12-03 274432]
"Windows Defender"=C:\Documents and Settings\Martin a Míša\Data aplikací\VOM2SF243J.exe [2008-07-25 35320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-07-21 966712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-04-18 15146376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2009-04-21 37888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Martin a Míša\Data aplikací\VOM2SF243J.exe"="C:\Documents and Settings\Martin a Míša\Data aplikací\VOM2SF243J.exe:*:Enabled:Windows Messanger"
"C:\Documents and Settings\Martin a Míša\Local Settings\Temp\winhost.exe"="C:\Documents and Settings\Martin a Míša\Local Settings\Temp\winhost.exe:*:Enabled:Windows Messanger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"midi"=wdmaud.drv
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll

======List of files/folders created in the last 1 month======

2011-12-08 16:59:10 ----D---- C:\rsit
2011-12-08 16:59:10 ----D---- C:\Program Files\trend micro
2011-12-07 17:16:42 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2011-12-07 17:10:10 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2011-12-07 17:09:36 ----D---- C:\Documents and Settings\Martin a Míša\Data aplikací\TuneUp Software
2011-12-07 17:09:01 ----D---- C:\Program Files\TuneUp Utilities 2011
2011-12-07 17:08:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2011-12-07 17:08:38 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-12-07 15:47:01 ----HD---- C:\WINDOWS\msdownld.tmp
2011-12-07 15:42:23 ----A---- C:\WINDOWS\system32\ieencode.dll
2011-12-07 14:29:14 ----A---- C:\WINDOWS\system32\drivers\AvgArCln.sys
2011-12-07 14:29:10 ----D---- C:\Program Files\GRISOFT
2011-12-07 14:00:39 ----A---- C:\WINDOWS\ntbtlog.txt
2011-12-07 13:47:24 ----D---- C:\spoolerlogs
2011-12-07 03:07:38 ----D---- C:\WINDOWS\ie8updates
2011-12-07 03:05:55 ----D---- C:\Program Files\Seznam.cz
2011-12-06 14:38:10 ----A---- C:\WINDOWS\system32\588F2.sys
2011-12-03 19:42:36 ----H---- C:\Documents and Settings\Martin a Míša\Data aplikací\VOM2SF243J.exe
2011-11-28 00:36:31 ----D---- C:\Documents and Settings\Martin a Míša\Data aplikací\BSplayer
2011-11-10 22:58:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$
2011-11-09 16:47:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$

======List of files/folders modified in the last 1 month======

2011-12-08 16:59:10 ----RD---- C:\Program Files
2011-12-08 16:56:30 ----D---- C:\WINDOWS\Temp
2011-12-08 07:15:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-12-08 06:52:20 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-12-08 06:23:39 ----D---- C:\WINDOWS\system32
2011-12-08 06:17:05 ----D---- C:\WINDOWS\system32\drivers
2011-12-07 17:27:24 ----D---- C:\WINDOWS\Prefetch
2011-12-07 17:16:51 ----SHD---- C:\WINDOWS\Installer
2011-12-07 17:10:14 ----D---- C:\WINDOWS\system32\config
2011-12-07 17:08:39 ----D---- C:\WINDOWS
2011-12-07 16:54:11 ----D---- C:\WINDOWS\system32\wbem
2011-12-07 16:54:08 ----D---- C:\WINDOWS\Registration
2011-12-07 16:48:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-07 16:48:12 ----D---- C:\Program Files\Internet Explorer
2011-12-07 16:47:11 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-07 15:50:50 ----HD---- C:\WINDOWS\inf
2011-12-07 15:50:43 ----A---- C:\WINDOWS\imsins.BAK
2011-12-07 15:41:57 ----D---- C:\WINDOWS\system32\cs-cz
2011-12-07 15:41:36 ----D---- C:\WINDOWS\system32\CatRoot
2011-12-07 14:01:16 ----D---- C:\Documents and Settings
2011-12-07 13:46:57 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-12-07 13:38:19 ----D---- C:\WINDOWS\Media
2011-12-07 13:38:19 ----D---- C:\WINDOWS\Help
2011-12-07 03:09:16 ----HD---- C:\WINDOWS\$hf_mig$
2011-12-07 01:06:35 ----D---- C:\WINDOWS\SoftwareDistribution
2011-12-07 01:02:15 ----A---- C:\WINDOWS\win.ini
2011-12-07 01:02:15 ----A---- C:\WINDOWS\system.ini
2011-12-06 16:54:48 ----D---- C:\WINDOWS\system32\Restore
2011-12-03 00:34:12 ----D---- C:\Program Files\DAEMON Tools Toolbar
2011-12-01 20:16:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-11-28 19:01:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-11-09 16:34:14 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2002-09-06 13568]
R0 nvidesm;nvidesm; C:\WINDOWS\system32\drivers\nvidesm.sys [2002-11-13 20224]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller; C:\WINDOWS\system32\DRIVERS\si3112r.sys [2003-02-24 85265]
R0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys [2003-02-12 9600]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2011-10-10 278984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2011-10-10 25416]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
R3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2009-03-18 1512960]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-07-07 717296]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2003-07-01 733248]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PRODIGY;PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2003-02-19 46976]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-08-07 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-09-27 1526080]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-07 136176]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-07 136176]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Dobrý večer
Byla to falešná detekce Avastu. Log je také ok, jsou s počítačem nějaké problémy?

[hlada3]

Dobrý den, ano jsou s nim problémy. Zapnu pc a windows nabíhá v pohodě, ale poté co se mi už normálně zobrazí plocha, mi na pozadí naskočí asi 3 černá okna jako když se něco spouští, pouze jednou jsem stih přečíst první okno a tam bylo: VOM2SF243J.exe , jinak bohužel nestihnu přečíst co, takže pomalý start pc oproti dřívějšku a dále když vlezu do složky s filmy, tak mi po chvilce naskočí, že v explorer.exe došlo k chybě a musí být ukončen. Dám ok, složka se zavře a mohu dělat co chci a vše se zdá ok, ale jakmile vlezu opět do té složky tak se to opakuje...

[motji]

Jsem slepá , máte tam viry

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe


- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

[hlada3]

dobrý den, tak tady dávám ten log, jen nevím jestli jsem to udělal správně, protože mi se do win nepřihlašujeme...nemáme správce, tak jestli to dobře chápu správce(administrátor) jsme my


ComboFix 11-12-10.01 - Martin a Míša 11.12.2011 15:30:19.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1535.1089 [GMT 1:00]
Spuštěný z: c:\documents and settings\Martin a MÝÜa\Dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-11 do 2011-12-11 )))))))))))))))))))))))))))))))
.
.
2011-12-09 06:30 . 2011-12-09 06:46 -------- d-----w- c:\windows\system32\NtmsData
2011-12-08 16:17 . 2011-12-08 16:17 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\TuneUp Software
2011-12-08 15:59 . 2011-12-08 15:59 -------- d-----w- C:\rsit
2011-12-08 15:59 . 2011-12-08 15:59 -------- d-----w- c:\program files\trend micro
2011-12-08 05:24 . 2011-12-08 05:24 -------- d-----r- c:\documents and settings\LocalService\Dokumenty
2011-12-07 16:09 . 2011-12-07 16:09 -------- d-----w- c:\documents and settings\Martin a Míša\Data aplikací\TuneUp Software
2011-12-07 16:08 . 2011-12-07 16:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TuneUp Software
2011-12-07 16:08 . 2011-12-07 16:08 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-12-07 15:54 . 2011-12-07 15:54 -------- d-----w- c:\windows\system32\wbem\Repository
2011-12-07 15:06 . 2011-12-07 15:06 -------- d-sh--w- c:\documents and settings\Martin a Míša\IECompatCache
2011-12-07 15:02 . 2011-12-07 15:02 -------- d-sh--w- c:\documents and settings\Martin a Míša\PrivacIE
2011-12-07 14:47 . 2011-12-07 14:51 -------- d--h--w- c:\windows\msdownld.tmp
2011-12-07 14:42 . 2011-08-17 21:25 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-12-07 14:42 . 2011-08-17 21:25 78336 ----a-w- c:\windows\system32\dllcache\ieencode.dll
2011-12-07 13:29 . 2007-01-18 12:00 3968 ----a-w- c:\windows\system32\drivers\AvgArCln.sys
2011-12-07 13:01 . 2011-12-07 13:01 -------- d-----w- c:\documents and settings\Administrator
2011-12-07 12:47 . 2011-12-07 12:47 -------- d-----w- C:\spoolerlogs
2011-12-07 12:38 . 2011-12-07 12:38 -------- d-sh--w- c:\documents and settings\Martin a Míša\IETldCache
2011-12-07 02:07 . 2011-12-07 15:47 -------- d-----w- c:\windows\ie8updates
2011-12-07 02:05 . 2011-12-07 14:47 -------- d-----w- c:\program files\Seznam.cz
2011-12-07 01:47 . 2011-08-16 10:45 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-12-07 01:46 . 2011-08-22 23:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-12-07 01:46 . 2011-08-22 23:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-12-07 01:46 . 2011-08-22 23:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-12-06 13:38 . 2011-12-06 13:38 54624 ----a-w- c:\windows\system32\588F2.sys
2011-12-03 18:42 . 2008-07-25 09:16 35320 ---h--w- c:\documents and settings\Martin a Míša\Data aplikací\VOM2SF243J.exe
2011-11-27 23:36 . 2011-11-27 23:38 -------- d-----w- c:\documents and settings\Martin a Míša\Data aplikací\BSplayer
2011-11-27 23:33 . 2011-11-27 23:33 -------- d-----w- c:\documents and settings\Martin a Míša\Local Settings\Data aplikací\BS_Player
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-07-07 12:42 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-07-07 12:42 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-07-07 12:43 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-07-07 12:43 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-07-07 12:43 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-07-07 12:43 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-07-07 12:43 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-07-07 12:43 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-07-07 12:43 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-07-07 12:43 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-10-10 19:13 . 2011-10-10 19:13 278984 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-10-10 19:13 . 2011-10-10 19:13 25416 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-10-10 14:22 . 2011-07-07 11:56 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2008-04-14 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2008-04-14 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2008-04-14 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-07-21 12:01 966712 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-04-18 15:30 15146376 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-04-21 12:42 37888 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Martin a Míša\\Data aplikací\\VOM2SF243J.exe"=
.
R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [7.7.2011 13:12 85265]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.7.2011 13:43 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.7.2011 13:43 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.7.2011 13:43 20568]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.7.2011 18:36 717296]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7.7.2011 13:43 136176]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7.7.2011 13:43 136176]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [12.9.2011 16:49 32377]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A49E22EA-F7FB-1535-4EDF-ECBDB8D5E758}]
2008-07-25 09:16 35320 ---h--w- c:\documents and settings\Martin a Míša\Data aplikací\VOM2SF243J.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 12:43]
.
2011-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 12:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-CmPCIaudio - CMICNFG3.cpl
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-DAEMON Tools Lite - c:\program files\DAEMON Tools Lite\DTLite.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-11 15:40
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(728)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-12-11 15:44:51
ComboFix-quarantined-files.txt 2011-12-11 14:44
.
Před spuštěním: 6 842 118 144
Po spuštění: 6 838 722 560
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - C286CB2AC1A9D5E136471B7E8CD88478

[motji]

S počítačem to ted vypadá jak?

[hlada3]

vypada to ze je to v pohode okna uz nevyskakujou a start se zda taky dobry...mockrat dekuju... ale mel bych jeste jednu prosbicku... mame jeste nb a jak pretahujem filmy, fotky atd. tak se mi zda ze se taky nakazil... slo by taky prekontrolovat log z rsit kdyz ho sem vlozim prosim?

[motji]

Založte prosím nový topic, napište pro Motji a mrknu na to, jen mám ted málo času, takže odpovídám se zpožděním

Otestujte na www.virustotal.com

c:\windows\system32\588F2.sys

[hlada3]

Dobry den, no já s tím časem na tom právě teď taky nejsem moc dobře, takže na pc moc nejsem, ale od zítřka budu mít 3 dny volna ,ale mám špatnou zprávu... tento pc jak jsme již léčily, ještě v poho není... ta chyba exploreru ve složce s filmy stále vyskakuje a také na flash disk se posílají pomalu data... Ale pozitivní je že už mi nevyskakují ty 3 okna , tak doufám že se nezlobíte, že Vás špatně informuju a stále otravuju. Prosím poraďte co dál a ten nb by jsme vyřešily později.... Předem mockrát děkuji a doufám že se nezlobíte...

[motji]

Ještě to není ok. Otestujte ten soubor jak jsem psala

[hlada3]

Dobrý den, tak jsem to otestoval ale moc tomu nerozumím ale tohle mi vyběhlo:


Antivirus Verze Poslední aktualizace Výsledek
AhnLab-V3 2011.12.13.01 2011.12.14 -
AntiVir 7.11.19.112 2011.12.14 -
Antiy, AVL 2.0.3.7 2011.12.14 -
Avast 6.0.1289.0 2011.12.14 -
AVG 10.0.0.1190 2011.12.14 -
BitDefender 7,2 2011.12.14 -
ByteHero 1.0.0.1 12.07.2011 -
CAT-QuickHeal 12,00 2011.12.14 -
ClamAV 0.97.3.0 2011.12.14 -
Commtouch 5.3.2.6 2011.12.14 -
Comodo 10955 2011.12.14 -
DrWeb 5.0.2.03300 2011.12.14 -
Emsisoft 5.1.0.11 2011.12.14 -
eSafe 7.0.17.0 2011.12.13 -
eTrust-Vet 37.0.9623 2011.12.14 -
F-Prot 4.6.5.141 2011.12.13 -
F-Secure 9.0.16440.0 2011.12.14 -
Fortinet 4.3.388.0 2011.12.14 -
GData 22 2011.12.14 -
Ikarus T3.1.1.109.0 2011.12.14 -
Jiangmin 13.0.900 2011.12.14 -
K7AntiVirus 9.119.5684 2011.12.14 -
Kaspersky 9.0.0.837 2011.12.14 -
McAfee 5.400.0.1158 2011.12.14 -
McAfee-GW-Edition 2010.1E 2011.12.14 -
Microsoft 1,7903 2011.12.14 -
NOD32 6711 2011.12.14 -
Norman 6.07.13 2011.12.14 -
nProtect 2011-12-14.01 2011.12.14 -
Panda 10.0.3.5 2011.12.14 -
PCTools 8.0.0.5 2011.12.14 -
Prevx 3,0 2011.12.14 -
Stoupající 23.88.02.02 2011.12.14 -
Sophos 4.72.0 2011.12.14 -
SUPERAntiSpyware 4.40.0.1006 2011.12.14 -
Symantec 20111.2.0.82 2011.12.14 -
TheHacker 6.7.0.1.356 12.11.2011 -
TrendMicro 9.500.0.1008 2011.12.14 -
TrendMicro, HouseCall 9.500.0.1008 2011.12.14 -
VBA32 3.12.16.4 2011.12.14 -
VIPRE 11249 2011.12.14 -
ViRobot 2011.12.14.4825 2011.12.14 -
VirusBuster 14.1.116.0 2011.12.14 -

Další informace Zobrazit všechny
MD5: 43b0076b3ab8996b84d2cc8f990b582f
SHA1: 97d13f87d18e1829d9af7e54cd5a0b2d68d684e7
SHA256: 5787ad3e47054ed8417522330be69c9b122d33373b960a21ac52eb2d25ad3259
ssdeep: 768: Xht98mhWffPd0l3V + Vdj4AGXwZONbB0/92 + + U48swGs47 Sv9NLzbRUh: XhTbE6VFXwkb0F2
+ U4nS8J7jRe

Velikost souboru: 54624 bajtů

První pohled: 11.06.2007 10:39:08

Naposledy spatřen: 2011-12-14 16:49:25

TrID:
Win64 Executable Generic (87.2%)
Win32 Executable Generic (8,6%)
Generic Win / DOS Executable (2,0%)
DOS Executable Generic (2,0%)
Autodesk FLIC souboru s obrázky (rozšíření: FLC, FLI, cel) (0.0%)

sigcheck:
Vydavatel ....: n /
copyright ....: n / a
produkt ......: n /
popis ..: n /
Původní název: n / a
interní název: n / a
Verze souboru:. n / a
komentáře .....: n / a
signatářů ......: McAfee, Inc
VeriSign třídy 3 podepisování kódu 2004 CA
třídy 3 veřejné primární certifikační autorita
podepsáním datum:. 08:04 19 / 10/2007
ověřené .....: -

PEInfo: PE informace o struktuře

[[základní údaje]]
entrypointaddress: 0x2E005
timedatestamp ....: 0x4718573F (pátek 19.října 7:05:35 2007)
machinetype ......: 0x14c (i386) [[5 Oddíl (s ]] jméno, viradd, virsiz, rawdsiz, ntropy, md5 . textu, 0x1000, 0x9538, 0x9600, 6,46, f8bb0ff0be497fd92b3101ee9b134c78 . rdata, 0xB000, 0x204, 0x400, 2,61, c48c48509a6c34a23e4128aaf530cbcc . dat, 0xC000, 0x21674, 0xA00, 0,64, dad2fd5f4c81aa5f92ab076f0ab1a792 INIT, 0x2E000, 0x716, 0x800, 5,26, 5fec7edfff8b298bc03ef77519f7f86f reloc, 0x2F000, 0xEE2, 0x1000, 5,71, 24939863336ea437d32d34528390c4bb. [[2 import (s)]] Ntoskrnl.exe: KeInitializeSpinLock, MmMapLockedPages, MmProbeAndLockPages, MmBuildMdlForNonPagedPool, IoAllocateMdl, RtlUnicodeStringToAnsiString, RtlInitUnicodeString, ZwQuerySystemInformation, ZwClose, wcslen, wcsrchr, wcschr, IoFreeIrp, KeSetEvent, PsGetCurrentThreadId, KeInitializeEvent, KeWaitForSingleObject, KeUnstackDetachProcess, KeStackAttachProcess, ZwCreateFile, ZwQuerySymbolicLinkObject, ZwOpenProcess, ZwQueryDirectoryFile, ObfDereferenceObject, IofCallDriver, KeGetCurrentThread, IoAllocateIrp, IoGetRelatedDeviceObject, ObReferenceObjectByHandle, MmUnmapLockedPages, RtlAnsiStringToUnicodeString, RtlInitAnsiString, ZwReadFile, ZwWriteFile, ZwQueryObject, ZwOpenSymbolicLinkObject, ObQueryNameString, strstr, IoDeleteDevice, IoDeleteSymbolicLink, PsSetCreateProcessNotifyRoutine, PsGetCurrentProcessId, KeServiceDescriptorTable, IofCompleteRequest, IoGetCurrentProcess, PsCreateSystemThread, IoCreateSymbolicLink, IoCreateDevice, PsGetVersion, ZwOpenKey, ZwQueryValueKey, ZwEnumerateValueKey, ZwEnumerateKey, KeAddSystemServiceTable, _except_handler3, KeTickCount, KeBugCheckEx, MmUnlockPages, IoFreeMdl, MmIsAddressValid, ExFreePoolWithTag, RtlFreeUnicodeString, ExAllocatePoolWithTag HAL.dll: KfRaiseIrql, KeGetCurrentIrql, KfAcquireSpinLock, KfReleaseSpinLock, KfLowerIrql












ExifTool:
metadata
CodeSize: 40448
EntryPoint: 0x2e005
Velikost souboru: 53 kB
Typ: Win32 EXE
ImageVersion: 5,2
InitializedDataSize: 142336
LinkerVersion: 7,1
MimeType: application / octet-stream
MachineType: Intel 386 nebo vyšší, a kompatibilní
OSVersion: 5,2
PEType: PE32
subsystém : Nativní
SubsystemVersion: 5,2
TimeStamp: 2007:10:19 09:05:35 +02:00
UninitializedDataSize: 0
VT Společenství

Uživatel: Anonymní
Reputace: 1 kreditů
Komentář od: 08.12.2011 13:44:42 (UTC)
Tagy: Malware,


a co tedy dál???? děkuji

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

DDS::
uStart Page = hxxp://search.conduit.com?SearchSource= ... =CT1750559

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Documents and Settings\\Martin a Míša\\Data aplikací\\VOM2SF243J.exe"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]

File::
c:\documents and settings\Martin a Míša\Data aplikací\VOM2SF243J.exe

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[hlada3]

tady je:


ComboFix 11-12-15.02 - Martin a Míša 15.12.2011 14:58:09.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1535.1127 [GMT 1:00]
Spuštěný z: c:\combofix\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Martin a MÝÜa\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msmqinst.log
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-15 do 2011-12-15 )))))))))))))))))))))))))))))))
.
.
2011-12-09 06:30 . 2011-12-09 06:46 -------- d-----w- c:\windows\system32\NtmsData
2011-12-08 16:17 . 2011-12-08 16:17 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\TuneUp Software
2011-12-08 15:59 . 2011-12-08 15:59 -------- d-----w- C:\rsit
2011-12-08 15:59 . 2011-12-08 15:59 -------- d-----w- c:\program files\trend micro
2011-12-08 05:24 . 2011-12-08 05:24 -------- d-----r- c:\documents and settings\LocalService\Dokumenty
2011-12-07 16:09 . 2011-12-07 16:09 -------- d-----w- c:\documents and settings\Martin a Míša\Data aplikací\TuneUp Software
2011-12-07 16:08 . 2011-12-07 16:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TuneUp Software
2011-12-07 16:08 . 2011-12-07 16:08 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-12-07 15:54 . 2011-12-07 15:54 -------- d-----w- c:\windows\system32\wbem\Repository
2011-12-07 15:06 . 2011-12-07 15:06 -------- d-sh--w- c:\documents and settings\Martin a Míša\IECompatCache
2011-12-07 15:02 . 2011-12-07 15:02 -------- d-sh--w- c:\documents and settings\Martin a Míša\PrivacIE
2011-12-07 14:47 . 2011-12-07 14:51 -------- d--h--w- c:\windows\msdownld.tmp
2011-12-07 14:42 . 2011-10-31 23:37 78336 -c--a-w- c:\windows\system32\dllcache\ieencode.dll
2011-12-07 14:42 . 2011-10-31 23:37 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-12-07 13:29 . 2007-01-18 12:00 3968 ----a-w- c:\windows\system32\drivers\AvgArCln.sys
2011-12-07 13:01 . 2011-12-07 13:01 -------- d-----w- c:\documents and settings\Administrator
2011-12-07 12:47 . 2011-12-07 12:47 -------- d-----w- C:\spoolerlogs
2011-12-07 12:38 . 2011-12-07 12:38 -------- d-sh--w- c:\documents and settings\Martin a Míša\IETldCache
2011-12-07 02:07 . 2011-12-07 15:47 -------- d-----w- c:\windows\ie8updates
2011-12-07 02:05 . 2011-12-07 14:47 -------- d-----w- c:\program files\Seznam.cz
2011-12-07 01:47 . 2011-08-16 10:45 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-12-07 01:46 . 2011-08-22 23:41 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-12-07 01:46 . 2011-08-22 23:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-12-07 01:46 . 2011-08-22 23:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-12-06 13:38 . 2011-12-06 13:38 54624 ----a-w- c:\windows\system32\588F2.sys
2011-12-03 18:42 . 2008-07-25 09:16 35320 ---h--w- c:\documents and settings\Martin a Míša\Data aplikací\VOM2SF243J.exe
2011-11-27 23:36 . 2011-11-27 23:38 -------- d-----w- c:\documents and settings\Martin a Míša\Data aplikací\BSplayer
2011-11-27 23:33 . 2011-11-27 23:33 -------- d-----w- c:\documents and settings\Martin a Míša\Local Settings\Data aplikací\BS_Player
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-28 18:01 . 2011-07-07 12:42 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-07-07 12:42 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-07-07 12:43 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-07-07 12:43 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-07-07 12:43 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-07-07 12:43 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-07-07 12:43 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-07-07 12:43 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-07-07 12:43 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-07-07 12:43 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-23 14:40 . 2008-04-14 12:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-01 16:07 . 2008-04-14 12:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-31 23:37 . 2008-04-14 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2011-10-31 23:37 . 2008-04-14 12:00 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-10-31 23:37 . 2008-04-14 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2011-10-28 05:32 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2008-04-14 12:00 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:50 . 2008-04-14 08:06 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 19:13 . 2011-10-10 19:13 278984 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-10-10 19:13 . 2011-10-10 19:13 25416 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-10-10 14:22 . 2011-07-07 11:56 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2008-04-14 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2008-04-14 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2008-04-14 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-11_14.40.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-15 13:46 . 2011-12-15 13:46 16384 c:\windows\Temp\Perflib_Perfdata_6e0.dat
+ 2008-04-14 12:00 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
- 2008-04-14 12:00 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
+ 2008-04-14 12:00 . 2011-10-31 23:37 44544 c:\windows\system32\pngfilt.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 44544 c:\windows\system32\pngfilt.dll
- 2007-08-13 16:54 . 2011-08-17 21:25 52224 c:\windows\system32\msfeedsbs.dll
+ 2007-08-13 16:54 . 2011-10-31 23:37 52224 c:\windows\system32\msfeedsbs.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 27648 c:\windows\system32\jsproxy.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 27648 c:\windows\system32\jsproxy.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 44544 c:\windows\system32\iernonce.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 44544 c:\windows\system32\iernonce.dll
- 2008-04-14 12:00 . 2011-08-17 12:21 70656 c:\windows\system32\ie4uinit.exe
+ 2008-04-14 12:00 . 2011-10-31 20:56 70656 c:\windows\system32\ie4uinit.exe
+ 2007-08-13 16:36 . 2011-10-31 23:37 63488 c:\windows\system32\icardie.dll
- 2007-08-13 16:36 . 2011-08-17 21:25 63488 c:\windows\system32\icardie.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 44544 c:\windows\system32\dllcache\pngfilt.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2011-08-26 04:03 . 2011-10-31 23:37 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2011-08-26 04:03 . 2011-08-17 21:25 52224 c:\windows\system32\dllcache\msfeedsbs.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 27648 c:\windows\system32\dllcache\jsproxy.dll
- 2011-08-26 04:03 . 2011-08-17 12:21 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2011-08-26 04:03 . 2011-10-31 20:56 13824 c:\windows\system32\dllcache\ieudinit.exe
+ 2008-04-14 12:00 . 2011-10-31 23:37 44544 c:\windows\system32\dllcache\iernonce.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2008-04-14 12:00 . 2011-10-31 20:56 70656 c:\windows\system32\dllcache\ie4uinit.exe
- 2008-04-14 12:00 . 2011-08-17 12:21 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2011-08-26 04:03 . 2011-10-31 23:37 63488 c:\windows\system32\dllcache\icardie.dll
- 2011-08-26 04:03 . 2011-08-17 21:25 63488 c:\windows\system32\dllcache\icardie.dll
+ 2008-04-14 12:00 . 2011-10-28 05:32 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2008-04-14 12:00 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 17408 c:\windows\system32\dllcache\corpol.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 17408 c:\windows\system32\dllcache\corpol.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 44544 c:\windows\ie7updates\KB2618444-IE7\pngfilt.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 52224 c:\windows\ie7updates\KB2618444-IE7\msfeedsbs.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 27648 c:\windows\ie7updates\KB2618444-IE7\jsproxy.dll
+ 2011-12-15 13:43 . 2011-08-17 12:21 13824 c:\windows\ie7updates\KB2618444-IE7\ieudinit.exe
+ 2011-12-15 13:43 . 2011-08-17 21:25 44544 c:\windows\ie7updates\KB2618444-IE7\iernonce.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 78336 c:\windows\ie7updates\KB2618444-IE7\ieencode.dll
+ 2011-12-15 13:43 . 2011-08-17 12:21 70656 c:\windows\ie7updates\KB2618444-IE7\ie4uinit.exe
+ 2011-12-15 13:43 . 2011-08-17 21:25 63488 c:\windows\ie7updates\KB2618444-IE7\icardie.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 17408 c:\windows\ie7updates\KB2618444-IE7\corpol.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 233472 c:\windows\system32\webcheck.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 233472 c:\windows\system32\webcheck.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 106496 c:\windows\system32\url.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 106496 c:\windows\system32\url.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 102912 c:\windows\system32\occache.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 102912 c:\windows\system32\occache.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 671232 c:\windows\system32\mstime.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 671232 c:\windows\system32\mstime.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 193024 c:\windows\system32\msrating.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 193024 c:\windows\system32\msrating.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 478720 c:\windows\system32\mshtmled.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 478720 c:\windows\system32\mshtmled.dll
+ 2007-08-13 16:54 . 2011-10-31 23:37 468480 c:\windows\system32\msfeeds.dll
- 2007-08-13 16:54 . 2011-08-17 21:25 468480 c:\windows\system32\msfeeds.dll
- 2007-08-13 16:34 . 2011-08-17 21:25 268288 c:\windows\system32\iertutil.dll
+ 2007-08-13 16:34 . 2011-10-31 23:37 268288 c:\windows\system32\iertutil.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 192512 c:\windows\system32\iepeers.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 192512 c:\windows\system32\iepeers.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 384512 c:\windows\system32\iedkcs32.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 384512 c:\windows\system32\iedkcs32.dll
- 2007-07-11 10:27 . 2011-08-17 21:25 380928 c:\windows\system32\ieapfltr.dll
+ 2007-07-11 10:27 . 2011-10-31 23:37 380928 c:\windows\system32\ieapfltr.dll
- 2008-04-14 12:00 . 2011-08-17 11:00 161792 c:\windows\system32\ieakui.dll
+ 2008-04-14 12:00 . 2011-10-27 12:49 161792 c:\windows\system32\ieakui.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 230400 c:\windows\system32\ieaksie.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 230400 c:\windows\system32\ieaksie.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 153088 c:\windows\system32\ieakeng.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 153088 c:\windows\system32\ieakeng.dll
- 2011-07-07 13:43 . 2011-10-14 01:34 247904 c:\windows\system32\FNTCACHE.DAT
+ 2011-07-07 13:43 . 2011-12-15 13:45 247904 c:\windows\system32\FNTCACHE.DAT
+ 2008-04-14 12:00 . 2011-10-31 23:37 133120 c:\windows\system32\extmgr.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 133120 c:\windows\system32\extmgr.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 214528 c:\windows\system32\dxtrans.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 214528 c:\windows\system32\dxtrans.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 347136 c:\windows\system32\dxtmsft.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 347136 c:\windows\system32\dxtmsft.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 832512 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 832512 c:\windows\system32\dllcache\wininet.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 233472 c:\windows\system32\dllcache\webcheck.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 106496 c:\windows\system32\dllcache\url.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 106496 c:\windows\system32\dllcache\url.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 102912 c:\windows\system32\dllcache\occache.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 102912 c:\windows\system32\dllcache\occache.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 671232 c:\windows\system32\dllcache\mstime.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 671232 c:\windows\system32\dllcache\mstime.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 193024 c:\windows\system32\dllcache\msrating.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 193024 c:\windows\system32\dllcache\msrating.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 478720 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 478720 c:\windows\system32\dllcache\mshtmled.dll
- 2011-08-26 04:03 . 2011-08-17 21:25 468480 c:\windows\system32\dllcache\msfeeds.dll
+ 2011-08-26 04:03 . 2011-10-31 23:37 468480 c:\windows\system32\dllcache\msfeeds.dll
+ 2011-07-07 11:56 . 2011-10-31 10:46 634504 c:\windows\system32\dllcache\iexplore.exe
- 2011-08-26 04:03 . 2011-08-17 21:25 268288 c:\windows\system32\dllcache\iertutil.dll
+ 2011-08-26 04:03 . 2011-10-31 23:37 268288 c:\windows\system32\dllcache\iertutil.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 384512 c:\windows\system32\dllcache\iedkcs32.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 384512 c:\windows\system32\dllcache\iedkcs32.dll
- 2011-08-26 04:03 . 2011-08-17 21:25 380928 c:\windows\system32\dllcache\ieapfltr.dll
+ 2011-08-26 04:03 . 2011-10-31 23:37 380928 c:\windows\system32\dllcache\ieapfltr.dll
- 2008-04-14 12:00 . 2011-08-17 11:00 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2008-04-14 12:00 . 2011-10-27 12:49 161792 c:\windows\system32\dllcache\ieakui.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 230400 c:\windows\system32\dllcache\ieaksie.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 133120 c:\windows\system32\dllcache\extmgr.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2008-04-14 12:00 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll
- 2008-04-14 12:00 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 214528 c:\windows\system32\dllcache\dxtrans.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 124928 c:\windows\system32\dllcache\advpack.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 124928 c:\windows\system32\dllcache\advpack.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 124928 c:\windows\system32\advpack.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 124928 c:\windows\system32\advpack.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 832512 c:\windows\ie7updates\KB2618444-IE7\wininet.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 233472 c:\windows\ie7updates\KB2618444-IE7\webcheck.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 106496 c:\windows\ie7updates\KB2618444-IE7\url.dll
+ 2011-12-15 13:43 . 2010-07-05 13:13 391032 c:\windows\ie7updates\KB2618444-IE7\spuninst\updspapi.dll
+ 2011-12-15 13:43 . 2010-07-05 13:13 233848 c:\windows\ie7updates\KB2618444-IE7\spuninst\spuninst.exe
+ 2011-12-15 13:43 . 2011-08-17 21:25 102912 c:\windows\ie7updates\KB2618444-IE7\occache.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 671232 c:\windows\ie7updates\KB2618444-IE7\mstime.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 193024 c:\windows\ie7updates\KB2618444-IE7\msrating.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 478720 c:\windows\ie7updates\KB2618444-IE7\mshtmled.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 468480 c:\windows\ie7updates\KB2618444-IE7\msfeeds.dll
+ 2011-12-15 13:43 . 2011-08-17 11:01 634632 c:\windows\ie7updates\KB2618444-IE7\iexplore.exe
+ 2011-12-15 13:43 . 2011-08-17 21:25 268288 c:\windows\ie7updates\KB2618444-IE7\iertutil.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 192512 c:\windows\ie7updates\KB2618444-IE7\iepeers.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 384512 c:\windows\ie7updates\KB2618444-IE7\iedkcs32.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 380928 c:\windows\ie7updates\KB2618444-IE7\ieapfltr.dll
+ 2011-12-15 13:43 . 2011-08-17 11:00 161792 c:\windows\ie7updates\KB2618444-IE7\ieakui.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 230400 c:\windows\ie7updates\KB2618444-IE7\ieaksie.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 153088 c:\windows\ie7updates\KB2618444-IE7\ieakeng.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 133120 c:\windows\ie7updates\KB2618444-IE7\extmgr.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 214528 c:\windows\ie7updates\KB2618444-IE7\dxtrans.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 347136 c:\windows\ie7updates\KB2618444-IE7\dxtmsft.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 124928 c:\windows\ie7updates\KB2618444-IE7\advpack.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 1168896 c:\windows\system32\urlmon.dll
- 2008-04-14 12:00 . 2011-08-17 21:25 1168896 c:\windows\system32\urlmon.dll
+ 2008-04-14 12:00 . 2011-11-04 15:17 3616256 c:\windows\system32\mshtml.dll
- 2007-08-13 16:54 . 2011-08-17 21:25 6076416 c:\windows\system32\ieframe.dll
+ 2007-08-13 16:54 . 2011-10-31 23:37 6076416 c:\windows\system32\ieframe.dll
+ 2008-04-14 12:00 . 2011-11-23 14:40 1859584 c:\windows\system32\dllcache\win32k.sys
- 2008-04-14 12:00 . 2011-08-17 21:25 1168896 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-14 12:00 . 2011-10-31 23:37 1168896 c:\windows\system32\dllcache\urlmon.dll
+ 2008-04-14 12:00 . 2011-11-01 16:07 1288192 c:\windows\system32\dllcache\ole32.dll
+ 2011-08-24 15:31 . 2011-10-26 10:50 2194944 c:\windows\system32\dllcache\ntoskrnl.exe
- 2011-08-24 15:31 . 2010-12-09 15:14 2194944 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2011-08-24 15:31 . 2011-10-26 10:49 2029056 c:\windows\system32\dllcache\ntkrpamp.exe
- 2011-08-24 15:31 . 2010-12-09 15:14 2029056 c:\windows\system32\dllcache\ntkrpamp.exe
- 2011-08-24 15:31 . 2010-12-09 15:14 2071552 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2011-08-24 15:31 . 2011-10-26 10:50 2071552 c:\windows\system32\dllcache\ntkrnlpa.exe
+ 2011-08-24 15:31 . 2011-10-26 10:49 2150912 c:\windows\system32\dllcache\ntkrnlmp.exe
- 2011-08-24 15:31 . 2010-12-09 15:14 2150912 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2008-04-14 12:00 . 2011-11-04 15:17 3616256 c:\windows\system32\dllcache\mshtml.dll
+ 2011-08-26 04:03 . 2011-10-31 23:37 6076416 c:\windows\system32\dllcache\ieframe.dll
- 2011-08-26 04:03 . 2011-08-17 21:25 6076416 c:\windows\system32\dllcache\ieframe.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 1168896 c:\windows\ie7updates\KB2618444-IE7\urlmon.dll
+ 2011-12-15 13:43 . 2011-09-05 07:45 3615744 c:\windows\ie7updates\KB2618444-IE7\mshtml.dll
+ 2011-12-15 13:43 . 2011-08-17 21:25 6076416 c:\windows\ie7updates\KB2618444-IE7\ieframe.dll
- 2011-08-24 15:31 . 2010-12-09 15:14 2194944 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2011-08-24 15:31 . 2011-10-26 10:50 2194944 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2011-08-24 15:31 . 2010-12-09 15:14 2029056 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2011-08-24 15:31 . 2011-10-26 10:49 2029056 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2011-08-24 15:31 . 2010-12-09 15:14 2071552 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2011-08-24 15:31 . 2011-10-26 10:50 2071552 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2011-08-24 15:31 . 2010-12-09 15:14 2150912 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-08-24 15:31 . 2011-10-26 10:49 2150912 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2011-07-07 18:31 . 2011-12-15 13:29 52988224 c:\windows\system32\MRT.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-07-21 12:01 966712 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-04-18 15:30 15146376 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-04-21 12:42 37888 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Martin a Míša\\Data aplikací\\VOM2SF243J.exe"=
.
R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [7.7.2011 13:12 85265]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.7.2011 13:43 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.7.2011 13:43 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.7.2011 13:43 20568]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.7.2011 18:36 717296]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7.7.2011 13:43 136176]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7.7.2011 13:43 136176]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [12.9.2011 16:49 32377]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A49E22EA-F7FB-1535-4EDF-ECBDB8D5E758}]
2008-07-25 09:16 35320 ---h--w- c:\documents and settings\Martin a Míša\Data aplikací\VOM2SF243J.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-12-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 12:43]
.
2011-12-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 12:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1750559
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-15 15:09
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
C:\## aswSnx private storage
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(736)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2011-12-15 15:13:44
ComboFix-quarantined-files.txt 2011-12-15 14:13
ComboFix2.txt 2011-12-11 14:44
.
Před spuštěním: 6 285 172 736
Po spuštění: 6 264 832 000
.
- - End Of File - - 33AC5559BB0753D96EAB43D8BC0FDCA9