Prosím o kontrolu logu
Logfile of random's system information tool 1.09 (written by random/random)
Run by Maťo at 2012-01-11 20:37:40
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 20 GB (58%) free of 35 GB
Total RAM: 1918 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:37:58, on 11. 1. 2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Launch Manager\WButton.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Launch Manager\WisLMSvc.exe
C:\Documents and Settings\Maťo\Dokumenty\Preberanie\RSIT.exe
C:\Program Files\trend micro\Maťo.exe
C:\WINDOWS\system32\HPZipm12.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [Wbutton] C:\Program Files\Launch Manager\WButton.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Rychlý začátek s aplikací HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3626392578
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe
--
End of file - 5794 bytes
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Maťo\Data aplikací\Mozilla\Firefox\Profiles\0s4qjpbe.default
prefs.js - "browser.startup.homepage" - "www.google.sk"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-10 16126464]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2005-07-25 32768]
"HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2006-12-14 192512]
"LMgrVolOSD"=C:\Program Files\Launch Manager\OSD.exe [2006-12-26 180224]
"LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2006-08-29 241664]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"AtiPTA"=C:\WINDOWS\system32\atiptaxx.exe [2006-02-22 344064]
"Wbutton"=C:\Program Files\Launch Manager\WButton.exe [2006-11-09 86016]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-12-09 4616064]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Rychlý začátek s aplikací HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-09-29 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"F:\setup\HPZNET01.EXE"="F:\setup\HPZNET01.EXE:*:Enabled:hpznet01.exe"
"F:\setup\HPONICIFS01.EXE"="F:\setup\HPONICIFS01.EXE:*:Enabled:hponicifs01.exe"
"C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe:*:Enabled:Spooler SubSystem App"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=serwvdrv.dll
"vidc.LEAD"=LCODCCMP.DLL
======List of files/folders created in the last 1 month======
2012-01-11 20:37:41 ----D---- C:\Program Files\trend micro
2012-01-11 20:37:40 ----D---- C:\rsit
2012-01-11 19:38:01 ----HDC---- C:\WINDOWS\$NtUninstallWudf01009$
2012-01-11 19:37:51 ----D---- C:\WINDOWS\LastGood
2012-01-11 19:05:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-11 19:04:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-11 18:56:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-11 18:56:08 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2012-01-11 18:52:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-11 18:45:55 ----A---- C:\WINDOWS\imsins.BAK
2012-01-11 18:45:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-11 18:36:34 ----A---- C:\WINDOWS\system32\drivers\ar5211.sys
2012-01-11 18:28:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Atheros
2012-01-11 18:08:40 ----ASH---- C:\pagefile.sys
2012-01-10 23:26:21 ----D---- C:\Program Files\Microsoft Sync Framework
2012-01-10 22:27:51 ----D---- C:\WINDOWS\system32\VITrans(2)
2012-01-10 22:06:30 ----D---- C:\WINDOWS\system32\XPSViewer
2012-01-10 22:06:25 ----D---- C:\Program Files\MSBuild
2012-01-10 22:06:16 ----D---- C:\Program Files\Reference Assemblies
2012-01-10 22:05:39 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2012-01-10 22:05:39 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2012-01-10 22:05:39 ----N---- C:\WINDOWS\system32\prntvpt.dll
2012-01-10 19:45:05 ----D---- C:\Documents and Settings\Maťo\Data aplikací\ViSplore
2012-01-10 19:45:03 ----D---- C:\Documents and Settings\Maťo\Data aplikací\ViGlance
2012-01-10 19:45:01 ----D---- C:\Documents and Settings\Maťo\Data aplikací\ViStart
2012-01-09 18:52:11 ----D---- C:\Program Files\Microsoft Silverlight
2012-01-09 18:48:20 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2012-01-09 18:48:15 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2012-01-09 18:35:41 ----N---- C:\WINDOWS\system32\spmsg.dll
2012-01-09 18:35:40 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2012-01-09 18:35:20 ----D---- C:\Program Files\Windows Media Connect 2
2012-01-09 18:35:03 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2012-01-09 18:03:32 ----D---- C:\WINDOWS\system32\en-US
2012-01-09 18:03:24 ----D---- C:\Program Files\Microsoft.NET
2012-01-09 17:48:56 ----D---- C:\Program Files\Sony Ericsson
2012-01-09 17:48:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sony Ericsson
2012-01-07 20:55:44 ----D---- C:\Documents and Settings\Maťo\Data aplikací\SUPERAntiSpyware.com
2012-01-07 20:54:58 ----D---- C:\Program Files\SUPERAntiSpyware
2012-01-07 20:54:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2012-01-07 15:34:43 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2012-01-04 22:46:29 ----D---- C:\Documents and Settings\Maťo\Data aplikací\Malwarebytes
2012-01-04 22:46:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2012-01-04 22:46:19 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-01-04 22:46:19 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2012-01-02 17:38:58 ----A---- C:\WINDOWS\system32\drivers\serscan.sys
2012-01-02 17:38:49 ----A---- C:\WINDOWS\system32\AddPort.ini
2012-01-02 17:37:29 ----A---- C:\WINDOWS\hpntwksetup.ini
2012-01-02 17:36:55 ----D---- C:\TEMP
2011-12-24 13:27:21 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2011-12-24 13:26:58 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2011-12-24 13:26:49 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2011-12-21 21:57:54 ----D---- C:\Documents and Settings\Maťo\Data aplikací\Ashampoo
2011-12-18 13:05:07 ----D---- C:\FORM studio 2009
2011-12-16 15:09:56 ----D---- C:\Documents and Settings\Maťo\Data aplikací\Opera
2011-12-16 15:09:43 ----D---- C:\Program Files\Opera
2011-12-15 22:19:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-15 22:19:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-15 22:10:44 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2011-12-15 22:10:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-15 22:10:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-15 22:07:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-15 22:06:51 ----D---- C:\Program Files\MSXML 4.0
2011-12-15 22:06:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-15 22:06:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2011-12-15 22:04:43 ----D---- C:\WINDOWS\pss
2011-12-12 18:19:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2011-12-12 18:19:04 ----D---- C:\Documents and Settings\Maťo\Data aplikací\PC Suite
2011-12-12 18:18:10 ----D---- C:\Program Files\Common Files\Nokia
2011-12-12 18:18:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nokia
2011-12-12 18:17:28 ----D---- C:\Program Files\DIFX
2011-12-12 18:17:27 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2011-12-12 18:17:16 ----D---- C:\Program Files\PC Connectivity Solution
2011-12-12 18:17:01 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2011-12-12 18:17:00 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2011-12-12 18:16:59 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011-12-12 18:16:58 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-12-12 18:16:58 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-12-12 18:16:58 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2011-12-12 18:16:58 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2011-12-12 18:16:58 ----A---- C:\WINDOWS\system32\ccdcmbwu.dll
2011-12-12 18:16:57 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2011-12-12 18:15:33 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2011-12-12 18:15:03 ----D---- C:\WINDOWS\system32\LogFiles
2011-12-12 18:15:03 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-12-12 18:14:53 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2011-12-12 18:14:03 ----D---- C:\Program Files\Nokia
2011-12-12 18:14:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
2011-12-12 18:08:49 ----D---- C:\Documents and Settings\Maťo\Data aplikací\Google
2011-12-12 17:10:35 ----D---- C:\Documents and Settings\Maťo\Data aplikací\HP
2011-12-12 17:10:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\HP
2011-12-12 17:07:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sonic
2011-12-12 17:07:25 ----D---- C:\Program Files\Common Files\Sonic Shared
2011-12-12 17:04:42 ----RSD---- C:\WINDOWS\assembly
2011-12-12 17:04:41 ----D---- C:\WINDOWS\Microsoft.NET
2011-12-12 17:04:39 ----D---- C:\WINDOWS\system32\URTTemp
2011-12-12 17:04:09 ----D---- C:\Program Files\Common Files\HP
2011-12-12 17:02:28 ----D---- C:\Program Files\Hewlett-Packard
2011-12-12 17:02:02 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2011-12-12 17:01:32 ----RA---- C:\WINDOWS\system32\drivers\HPZipr12.sys
2011-12-12 17:01:26 ----RA---- C:\WINDOWS\system32\drivers\HPZid412.sys
2011-12-12 17:00:44 ----RA---- C:\WINDOWS\system32\HPZIDS01.dll
2011-12-12 17:00:42 ----A---- C:\WINDOWS\system32\hpz3l054.dll
2011-12-12 17:00:18 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2011-12-12 16:59:18 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2011-12-12 16:59:18 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2011-12-12 16:59:18 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2011-12-12 16:59:18 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2011-12-12 16:59:17 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2011-12-12 16:59:17 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2011-12-12 16:59:15 ----A---- C:\WINDOWS\IsUninst.exe
2011-12-12 16:58:22 ----D---- C:\Program Files\HP
2011-12-12 16:55:14 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2011-12-12 16:55:09 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2011-12-12 16:54:58 ----HD---- C:\Config.Msi
2011-12-12 16:54:23 ----A---- C:\WINDOWS\hpoins11.dat
2011-12-12 16:39:54 ----A---- C:\WINDOWS\system32\hidserv.dll
2011-12-12 16:39:46 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2011-12-12 16:39:37 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2011-12-12 16:39:24 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2011-12-12 16:39:19 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
======List of files/folders modified in the last 1 month======
2012-01-11 20:37:41 ----RD---- C:\Program Files
2012-01-11 20:31:35 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-11 20:28:33 ----D---- C:\WINDOWS\Temp
2012-01-11 20:13:47 ----D---- C:\WINDOWS
2012-01-11 20:13:05 ----HD---- C:\WINDOWS\inf
2012-01-11 20:11:29 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-11 19:42:55 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-11 19:38:27 ----D---- C:\WINDOWS\system32\drivers
2012-01-11 19:38:16 ----D---- C:\WINDOWS\system32
2012-01-11 19:14:16 ----SHD---- C:\WINDOWS\Installer
2012-01-11 19:14:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-11 19:13:40 ----D---- C:\WINDOWS\WinSxS
2012-01-11 19:05:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-01-11 19:05:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-11 18:56:48 ----D---- C:\WINDOWS\Debug
2012-01-11 18:56:38 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-11 18:56:21 ----D---- C:\WINDOWS\system32\CatRoot
2012-01-11 18:52:05 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-10 23:32:53 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-01-10 23:22:44 ----SD---- C:\Documents and Settings\Maťo\Data aplikací\Microsoft
2012-01-10 22:45:01 ----D---- C:\Documents and Settings\Maťo\Data aplikací\Winamp
2012-01-10 22:40:46 ----D---- C:\WINDOWS\system32\config
2012-01-10 22:40:31 ----D---- C:\WINDOWS\system32\wbem
2012-01-10 22:40:30 ----D---- C:\WINDOWS\Registration
2012-01-10 22:39:21 ----D---- C:\WINDOWS\system32\spool
2012-01-10 22:38:38 ----D---- C:\Program Files\Outlook Express
2012-01-10 22:38:38 ----D---- C:\Program Files\Internet Explorer
2012-01-10 22:38:35 ----D---- C:\WINDOWS\system32\Restore
2012-01-10 22:38:35 ----D---- C:\Program Files\Windows Media Player
2012-01-10 22:38:34 ----D---- C:\WINDOWS\Media
2012-01-10 22:06:21 ----RSD---- C:\WINDOWS\Fonts
2012-01-10 20:10:25 ----D---- C:\WINDOWS\Cursors
2012-01-09 18:52:57 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-01-09 18:35:30 ----A---- C:\WINDOWS\win.ini
2012-01-09 18:35:14 ----D---- C:\WINDOWS\Help
2012-01-09 18:07:15 ----D---- C:\WINDOWS\system32\cs-cz
2012-01-09 18:07:02 ----D---- C:\WINDOWS\Prefetch
2012-01-09 17:22:01 ----D---- C:\Documents and Settings
2012-01-07 14:29:51 ----D---- C:\WINDOWS\twain_32
2012-01-07 14:29:45 ----SHD---- C:\System Volume Information
2012-01-07 14:29:43 ----SD---- C:\WINDOWS\Tasks
2012-01-07 14:29:33 ----D---- C:\WINDOWS\system32\drivers\etc
2012-01-07 14:19:09 ----SHD---- C:\RECYCLER
2012-01-07 14:13:30 ----D---- C:\Program Files\Mozilla Firefox
2012-01-07 13:45:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-12-21 21:57:38 ----D---- C:\Program Files\CCleaner
2011-12-15 22:19:10 ----D---- C:\WINDOWS\ie8updates
2011-12-12 18:46:13 ----D---- C:\WINDOWS\system
2011-12-12 18:18:10 ----D---- C:\Program Files\Common Files
2011-12-12 18:08:27 ----D---- C:\Program Files\Google
2011-12-12 17:06:05 ----D---- C:\WINDOWS\system32\mui
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-06-21 547072]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-09-29 2456064]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-10 4397568]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2007-01-29 984832]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-12 116608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-09-29 483328]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 WisLMSvc;WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [2006-11-17 118784]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-09-15 516096]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 HP Port Resolver;HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-10-27 718384]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problem po odinstalaci seven transformation pack
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problem po odinstalaci seven transformation pack
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na MoveIt!. PC by měl být restartován.:files
C:\Program Files\Google\Update
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problem po odinstalaci seven transformation pack
Vykonane ale stale pri prihlaseni mi na kratku dobu vypise ikona nieco o firewale a velmi dlho trva nabehnutie ikon sietoveho aj bezdrotoveho pripojenia. Tu je log
All processes killed
========== FILES ==========
C:\Program Files\Google\Update\Offline\{11F8B4E6-B58C-4367-BE40-5DB15D4E1202} folder moved successfully.
C:\Program Files\Google\Update\Offline folder moved successfully.
C:\Program Files\Google\Update\Install\{04F17760-E9D2-475A-B7FC-2D233C9A0CC9} folder moved successfully.
C:\Program Files\Google\Update\Install folder moved successfully.
C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96} folder moved successfully.
C:\Program Files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0 folder moved successfully.
C:\Program Files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB} folder moved successfully.
C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\16.0.912.75 folder moved successfully.
C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D} folder moved successfully.
C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.79 folder moved successfully.
C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D} folder moved successfully.
C:\Program Files\Google\Update\Download folder moved successfully.
C:\Program Files\Google\Update\1.3.21.79 folder moved successfully.
C:\Program Files\Google\Update folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Maeo
User: Maťo
->Temp folder emptied: 53884206 bytes
->Temporary Internet Files folder emptied: 5663521 bytes
->FireFox cache emptied: 75269991 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 931 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 99840 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1105036 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 79511732 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 206,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: Maeo
User: Maťo
->Flash cache emptied: 0 bytes
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.19.0 log created on 01112012_205214
Files moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== FILES ==========
C:\Program Files\Google\Update\Offline\{11F8B4E6-B58C-4367-BE40-5DB15D4E1202} folder moved successfully.
C:\Program Files\Google\Update\Offline folder moved successfully.
C:\Program Files\Google\Update\Install\{04F17760-E9D2-475A-B7FC-2D233C9A0CC9} folder moved successfully.
C:\Program Files\Google\Update\Install folder moved successfully.
C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96} folder moved successfully.
C:\Program Files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0 folder moved successfully.
C:\Program Files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB} folder moved successfully.
C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\16.0.912.75 folder moved successfully.
C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D} folder moved successfully.
C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.79 folder moved successfully.
C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D} folder moved successfully.
C:\Program Files\Google\Update\Download folder moved successfully.
C:\Program Files\Google\Update\1.3.21.79 folder moved successfully.
C:\Program Files\Google\Update folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Maeo
User: Maťo
->Temp folder emptied: 53884206 bytes
->Temporary Internet Files folder emptied: 5663521 bytes
->FireFox cache emptied: 75269991 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 931 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 99840 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1105036 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 79511732 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 206,00 mb
[EMPTYFLASH]
User: All Users
User: Default User
User: LocalService
User: Maeo
User: Maťo
->Flash cache emptied: 0 bytes
User: NetworkService
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.19.0 log created on 01112012_205214
Files moved on Reboot...
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problem po odinstalaci seven transformation pack
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problem po odinstalaci seven transformation pack
Tak tu je log
ComboFix 12-01-10.02 - Maťo . 01. 2012 21:21:48.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1918.1297 [GMT 1:00]
Spuštěný z: c:\documents and settings\MaŁo\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-11 do 2012-01-11 )))))))))))))))))))))))))))))))
.
.
2012-01-11 19:52 . 2012-01-11 19:52 -------- d-----w- C:\_OTM
2012-01-11 19:37 . 2012-01-11 19:37 -------- d-----w- c:\program files\trend micro
2012-01-11 19:37 . 2012-01-11 19:38 -------- d-----w- C:\rsit
2012-01-11 17:36 . 2007-06-21 04:30 547072 ----a-w- c:\windows\system32\drivers\ar5211.sys
2012-01-11 17:28 . 2012-01-11 17:28 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Atheros
2012-01-10 22:26 . 2012-01-10 22:26 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-01-10 21:40 . 2012-01-10 21:40 -------- d-----w- c:\windows\system32\wbem\Repository
2012-01-10 21:27 . 2012-01-10 21:37 -------- d-----w- c:\windows\system32\VITrans(2)
2012-01-10 21:06 . 2012-01-10 21:39 -------- d-----w- c:\windows\system32\XPSViewer
2012-01-10 21:06 . 2012-01-10 21:06 -------- d-----w- c:\program files\MSBuild
2012-01-10 21:06 . 2012-01-10 21:06 -------- d-----w- c:\program files\Reference Assemblies
2012-01-10 21:06 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2012-01-10 21:05 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2012-01-10 21:05 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2012-01-10 21:05 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2012-01-10 21:05 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2012-01-10 21:05 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2012-01-10 21:05 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2012-01-10 21:05 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2012-01-10 21:05 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2012-01-10 18:45 . 2012-01-10 18:58 -------- d-----w- c:\documents and settings\Maťo\Data aplikací\ViSplore
2012-01-10 18:45 . 2012-01-10 18:48 -------- d-----w- c:\documents and settings\Maťo\Data aplikací\ViGlance
2012-01-10 18:45 . 2012-01-10 18:45 -------- d-----w- c:\documents and settings\Maťo\Data aplikací\ViStart
2012-01-09 18:44 . 2012-01-09 18:44 -------- d-----w- c:\documents and settings\Maťo\Local Settings\Data aplikací\Sony Ericsson
2012-01-09 17:57 . 2008-04-14 06:52 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2012-01-09 17:52 . 2012-01-09 17:52 -------- d-----w- c:\program files\Microsoft Silverlight
2012-01-09 17:35 . 2012-01-09 17:35 -------- d-----w- c:\program files\Windows Media Connect 2
2012-01-09 17:03 . 2012-01-09 17:03 -------- d-----w- c:\program files\Microsoft.NET
2012-01-09 16:48 . 2012-01-09 16:48 -------- d-----w- c:\program files\Sony Ericsson
2012-01-09 16:48 . 2012-01-09 16:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Sony Ericsson
2012-01-09 16:22 . 2012-01-09 16:22 -------- d-----w- c:\documents and settings\Maeo
2012-01-07 19:55 . 2012-01-07 19:55 -------- d-----w- c:\documents and settings\Maťo\Data aplikací\SUPERAntiSpyware.com
2012-01-07 19:54 . 2012-01-07 19:55 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-07 19:54 . 2012-01-07 19:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2012-01-07 14:34 . 2012-01-07 14:34 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-01-07 13:13 . 2012-01-07 13:13 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-07 13:13 . 2012-01-07 13:13 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-07 13:13 . 2012-01-07 13:13 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-07 13:13 . 2012-01-07 13:13 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-04 21:46 . 2012-01-04 21:46 -------- d-----w- c:\documents and settings\Maťo\Data aplikací\Malwarebytes
2012-01-04 21:46 . 2012-01-04 21:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-01-04 21:46 . 2012-01-04 21:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-04 21:46 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-02 16:38 . 2001-10-24 11:02 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2012-01-02 16:38 . 2001-10-24 11:02 6784 ----a-w- c:\windows\system32\drivers\serscan.sys
2012-01-02 16:36 . 2012-01-02 16:38 -------- d-----w- C:\TEMP
2011-12-24 12:27 . 2008-04-13 23:15 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2011-12-24 12:27 . 2008-04-13 23:15 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2011-12-24 12:26 . 2008-11-07 17:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-12-21 20:57 . 2011-12-21 20:57 -------- d-----w- c:\documents and settings\Maťo\Data aplikací\Ashampoo
2011-12-18 12:05 . 2011-12-18 12:46 -------- d-----w- C:\FORM studio 2009
2011-12-16 14:09 . 2011-12-16 14:09 -------- d-----w- c:\documents and settings\Maťo\Local Settings\Data aplikací\Opera
2011-12-16 14:09 . 2011-12-16 14:09 -------- d-----w- c:\program files\Opera
2011-12-15 21:06 . 2011-12-15 21:06 -------- d-----w- c:\program files\MSXML 4.0
2011-12-13 11:28 . 2011-12-13 11:28 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-04 21:37 . 2011-12-11 19:08 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-11 17:51 . 2011-12-11 17:51 451072 ----a-w- c:\windows\Radeon Omega Drivers v3.8.421 Uninstall.exe
2011-12-11 16:21 . 2011-12-11 16:21 315392 ----a-w- c:\windows\HideWin.exe
2011-11-28 18:01 . 2011-12-11 16:54 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-12-11 16:54 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-12-11 16:55 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-12-11 16:55 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-12-11 16:55 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-12-11 16:55 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-12-11 16:55 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-12-11 16:55 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-12-11 16:55 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-12-11 16:54 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-25 21:57 . 2008-04-14 06:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2008-04-14 05:45 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2008-04-14 06:52 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-04 19:13 . 2008-04-14 06:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 19:13 . 2008-04-14 06:52 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2008-04-14 06:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 11:23 . 2008-04-14 05:50 385024 ------w- c:\windows\system32\html.iec
2011-11-03 15:29 . 2008-04-14 06:51 1294848 ----a-w- c:\windows\system32\quartz.dll
2011-11-03 15:29 . 2008-04-14 06:51 386560 ----a-w- c:\windows\system32\qdvd.dll
2011-11-01 16:07 . 2008-04-14 06:51 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2008-04-14 06:51 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:49 . 2008-04-14 08:06 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:49 . 2008-04-14 06:06 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-18 11:13 . 2008-04-14 06:51 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-14 14:47 . 2008-04-14 06:52 174592 ----a-w- c:\windows\system32\winmm.dll
2011-10-14 14:47 . 2008-04-14 06:51 23040 ----a-w- c:\windows\system32\mciseq.dll
2012-01-07 13:13 . 2011-12-11 18:59 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16126464]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-12-14 192512]
"LMgrVolOSD"="c:\program files\Launch Manager\OSD.exe" [2006-12-26 180224]
"LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2006-08-29 241664]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"AtiPTA"="atiptaxx.exe" [2006-02-22 344064]
"Wbutton"="c:\program files\Launch Manager\WButton.exe" [2006-11-09 86016]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Rychlý začátek s aplikací HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-12-09 00:44 4616064 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11. 12. 2011 17:55 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11. 12. 2011 17:55 314456]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22. 7. 2011 17:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12. 7. 2011 22:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12. 8. 2011 0:38 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11. 12. 2011 17:55 20568]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18. 3. 2010 13:16 130384]
R3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [11. 12. 2011 17:26 118784]
S1 mailKmd;mailKmd; [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9. 1. 2010 20:37 4640000]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [9. 1. 2012 17:49 155344]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18. 3. 2010 13:16 753504]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.2.101
FF - ProfilePath - c:\documents and settings\Maťo\Data aplikací\Mozilla\Firefox\Profiles\0s4qjpbe.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-CtrlVol - c:\program files\Launch Manager\CtrlVol.exe
AddRemove-XPv3.8.421 - c:\windows\Radeon Omega Drivers v3.8.421
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-11 21:30
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Wbutton = c:\program files\Launch Manager\WButton.exe?x???0???\???????0??????????? ??|???|???????|????????L????????h????F?????????????h?????????????B????? ??|`??|????]??|[?A?????????z?A?d??v??7~??????F?4^@???????????????A?8??v????z?A???@??g??6u@??g?????v??@??h?????
CtrlVol = c:\program files\Launch Manager\CtrlVol.exe?x???0???\???????0??????????? ??|???|???????|????????L????????h????F?????????????h?????????????B????? ??|`??|????]??|[?A?????????z?A?Q+????7~??????F?4^@???????????????A? ???????z?A???@??g??6u@??g??9+????@??h?????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(624)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2012-01-11 21:34:38
ComboFix-quarantined-files.txt 2012-01-11 20:34
.
Před spuštěním: Volných bajtů: 21 533 114 368
Po spuštění: Volných bajtů: 21 472 079 872
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 7E8F4910B674D47DFE4F8A741C7CE521
ComboFix 12-01-10.02 - Maťo . 01. 2012 21:21:48.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1918.1297 [GMT 1:00]
Spuštěný z: c:\documents and settings\MaŁo\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-11 do 2012-01-11 )))))))))))))))))))))))))))))))
.
.
2012-01-11 19:52 . 2012-01-11 19:52 -------- d-----w- C:\_OTM
2012-01-11 19:37 . 2012-01-11 19:37 -------- d-----w- c:\program files\trend micro
2012-01-11 19:37 . 2012-01-11 19:38 -------- d-----w- C:\rsit
2012-01-11 17:36 . 2007-06-21 04:30 547072 ----a-w- c:\windows\system32\drivers\ar5211.sys
2012-01-11 17:28 . 2012-01-11 17:28 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Atheros
2012-01-10 22:26 . 2012-01-10 22:26 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-01-10 21:40 . 2012-01-10 21:40 -------- d-----w- c:\windows\system32\wbem\Repository
2012-01-10 21:27 . 2012-01-10 21:37 -------- d-----w- c:\windows\system32\VITrans(2)
2012-01-10 21:06 . 2012-01-10 21:39 -------- d-----w- c:\windows\system32\XPSViewer
2012-01-10 21:06 . 2012-01-10 21:06 -------- d-----w- c:\program files\MSBuild
2012-01-10 21:06 . 2012-01-10 21:06 -------- d-----w- c:\program files\Reference Assemblies
2012-01-10 21:06 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2012-01-10 21:05 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2012-01-10 21:05 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2012-01-10 21:05 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2012-01-10 21:05 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2012-01-10 21:05 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2012-01-10 21:05 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2012-01-10 21:05 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2012-01-10 21:05 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2012-01-10 18:45 . 2012-01-10 18:58 -------- d-----w- c:\documents and settings\Maťo\Data aplikací\ViSplore
2012-01-10 18:45 . 2012-01-10 18:48 -------- d-----w- c:\documents and settings\Maťo\Data aplikací\ViGlance
2012-01-10 18:45 . 2012-01-10 18:45 -------- d-----w- c:\documents and settings\Maťo\Data aplikací\ViStart
2012-01-09 18:44 . 2012-01-09 18:44 -------- d-----w- c:\documents and settings\Maťo\Local Settings\Data aplikací\Sony Ericsson
2012-01-09 17:57 . 2008-04-14 06:52 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2012-01-09 17:52 . 2012-01-09 17:52 -------- d-----w- c:\program files\Microsoft Silverlight
2012-01-09 17:35 . 2012-01-09 17:35 -------- d-----w- c:\program files\Windows Media Connect 2
2012-01-09 17:03 . 2012-01-09 17:03 -------- d-----w- c:\program files\Microsoft.NET
2012-01-09 16:48 . 2012-01-09 16:48 -------- d-----w- c:\program files\Sony Ericsson
2012-01-09 16:48 . 2012-01-09 16:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Sony Ericsson
2012-01-09 16:22 . 2012-01-09 16:22 -------- d-----w- c:\documents and settings\Maeo
2012-01-07 19:55 . 2012-01-07 19:55 -------- d-----w- c:\documents and settings\Maťo\Data aplikací\SUPERAntiSpyware.com
2012-01-07 19:54 . 2012-01-07 19:55 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-07 19:54 . 2012-01-07 19:54 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2012-01-07 14:34 . 2012-01-07 14:34 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-01-07 13:13 . 2012-01-07 13:13 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-07 13:13 . 2012-01-07 13:13 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-07 13:13 . 2012-01-07 13:13 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-07 13:13 . 2012-01-07 13:13 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-04 21:46 . 2012-01-04 21:46 -------- d-----w- c:\documents and settings\Maťo\Data aplikací\Malwarebytes
2012-01-04 21:46 . 2012-01-04 21:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-01-04 21:46 . 2012-01-04 21:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-04 21:46 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-02 16:38 . 2001-10-24 11:02 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2012-01-02 16:38 . 2001-10-24 11:02 6784 ----a-w- c:\windows\system32\drivers\serscan.sys
2012-01-02 16:36 . 2012-01-02 16:38 -------- d-----w- C:\TEMP
2011-12-24 12:27 . 2008-04-13 23:15 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2011-12-24 12:27 . 2008-04-13 23:15 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2011-12-24 12:26 . 2008-11-07 17:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2011-12-21 20:57 . 2011-12-21 20:57 -------- d-----w- c:\documents and settings\Maťo\Data aplikací\Ashampoo
2011-12-18 12:05 . 2011-12-18 12:46 -------- d-----w- C:\FORM studio 2009
2011-12-16 14:09 . 2011-12-16 14:09 -------- d-----w- c:\documents and settings\Maťo\Local Settings\Data aplikací\Opera
2011-12-16 14:09 . 2011-12-16 14:09 -------- d-----w- c:\program files\Opera
2011-12-15 21:06 . 2011-12-15 21:06 -------- d-----w- c:\program files\MSXML 4.0
2011-12-13 11:28 . 2011-12-13 11:28 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-04 21:37 . 2011-12-11 19:08 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-11 17:51 . 2011-12-11 17:51 451072 ----a-w- c:\windows\Radeon Omega Drivers v3.8.421 Uninstall.exe
2011-12-11 16:21 . 2011-12-11 16:21 315392 ----a-w- c:\windows\HideWin.exe
2011-11-28 18:01 . 2011-12-11 16:54 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-12-11 16:54 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-12-11 16:55 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-12-11 16:55 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-12-11 16:55 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-12-11 16:55 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-12-11 16:55 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-12-11 16:55 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-12-11 16:55 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-12-11 16:54 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-25 21:57 . 2008-04-14 06:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2008-04-14 05:45 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2008-04-14 06:52 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-04 19:13 . 2008-04-14 06:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 19:13 . 2008-04-14 06:52 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2008-04-14 06:51 43520 ------w- c:\windows\system32\licmgr10.dll
2011-11-04 11:23 . 2008-04-14 05:50 385024 ------w- c:\windows\system32\html.iec
2011-11-03 15:29 . 2008-04-14 06:51 1294848 ----a-w- c:\windows\system32\quartz.dll
2011-11-03 15:29 . 2008-04-14 06:51 386560 ----a-w- c:\windows\system32\qdvd.dll
2011-11-01 16:07 . 2008-04-14 06:51 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2008-04-14 06:51 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:49 . 2008-04-14 08:06 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:49 . 2008-04-14 06:06 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-18 11:13 . 2008-04-14 06:51 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-14 14:47 . 2008-04-14 06:52 174592 ----a-w- c:\windows\system32\winmm.dll
2011-10-14 14:47 . 2008-04-14 06:51 23040 ----a-w- c:\windows\system32\mciseq.dll
2012-01-07 13:13 . 2011-12-11 18:59 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16126464]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2005-07-25 32768]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2006-12-14 192512]
"LMgrVolOSD"="c:\program files\Launch Manager\OSD.exe" [2006-12-26 180224]
"LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2006-08-29 241664]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"AtiPTA"="atiptaxx.exe" [2006-02-22 344064]
"Wbutton"="c:\program files\Launch Manager\WButton.exe" [2006-11-09 86016]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Rychlý začátek s aplikací HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-12-09 00:44 4616064 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [11. 12. 2011 17:55 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11. 12. 2011 17:55 314456]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22. 7. 2011 17:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12. 7. 2011 22:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12. 8. 2011 0:38 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11. 12. 2011 17:55 20568]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18. 3. 2010 13:16 130384]
R3 WisLMSvc;WisLMSvc;c:\program files\Launch Manager\WisLMSvc.exe [11. 12. 2011 17:26 118784]
S1 mailKmd;mailKmd; [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9. 1. 2010 20:37 4640000]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [9. 1. 2012 17:49 155344]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18. 3. 2010 13:16 753504]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.2.101
FF - ProfilePath - c:\documents and settings\Maťo\Data aplikací\Mozilla\Firefox\Profiles\0s4qjpbe.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-CtrlVol - c:\program files\Launch Manager\CtrlVol.exe
AddRemove-XPv3.8.421 - c:\windows\Radeon Omega Drivers v3.8.421
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-11 21:30
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Wbutton = c:\program files\Launch Manager\WButton.exe?x???0???\???????0??????????? ??|???|???????|????????L????????h????F?????????????h?????????????B????? ??|`??|????]??|[?A?????????z?A?d??v??7~??????F?4^@???????????????A?8??v????z?A???@??g??6u@??g?????v??@??h?????
CtrlVol = c:\program files\Launch Manager\CtrlVol.exe?x???0???\???????0??????????? ??|???|???????|????????L????????h????F?????????????h?????????????B????? ??|`??|????]??|[?A?????????z?A?Q+????7~??????F?4^@???????????????A? ???????z?A???@??g??6u@??g??9+????@??h?????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(624)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2012-01-11 21:34:38
ComboFix-quarantined-files.txt 2012-01-11 20:34
.
Před spuštěním: Volných bajtů: 21 533 114 368
Po spuštění: Volných bajtů: 21 472 079 872
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 7E8F4910B674D47DFE4F8A741C7CE521
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problem po odinstalaci seven transformation pack
Měco málo CF smazal, zbytek logu vypadá čistý. nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problem po odinstalaci seven transformation pack
Je to to iste co bolo. Pri spusteni vypisuje neni zapnuta zadna brana firewal a potom nabehnu ikony pripojenia.
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problem po odinstalaci seven transformation pack
Zkusil jste fw zapnout ručně?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problem po odinstalaci seven transformation pack
Ano. Zda sa mi ze dost dlho nacitava po prihlaseni ani okna sa nedaju hned otvorit
Re: Problem po odinstalaci seven transformation pack
Octavo:
Já být tebou, tak provedu reinstal, kdo ví, co všechno transformation pack rozhodil. Takové packy upravují klidně stovky systémových souborů a nastavení a ono to vrátit do původního stavu ani moc nejde a dojde k rozhození systému. Určitě takové packy nedoporučuju používat, pokud chceš změnit vzhled, tak jen decentně (já na XP používal vzhled royale přímo od ms což mi uplně stačilo). Pokud chceš vzhled 7 tak si pořiď win 7
Já být tebou, tak provedu reinstal, kdo ví, co všechno transformation pack rozhodil. Takové packy upravují klidně stovky systémových souborů a nastavení a ono to vrátit do původního stavu ani moc nejde a dojde k rozhození systému. Určitě takové packy nedoporučuju používat, pokud chceš změnit vzhled, tak jen decentně (já na XP používal vzhled royale přímo od ms což mi uplně stačilo). Pokud chceš vzhled 7 tak si pořiď win 7
Re: Problem po odinstalaci seven transformation pack
Pc konecne slape jak ma. Nebol reinstal ale uz sa to ustalilo
-
Rudy
- Site Admin
- Příspěvky: 119515
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problem po odinstalaci seven transformation pack
OK, to jsme rádi!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?