Po připojení k internetu počítač zatuhne

[jap.biker]

Dobrý den,
rád bych požádal o pomoc při vyčištění počítače. Je to PC tchána, moc toho o něm nevím.
Nicméně chování je následující: Když PC zapnu s vytaženým síťovým kabelem, vcelku svižně naběhne a chová se tak, jak bych očekával, žádný problém nepozoruji. Ale jakmile připojím síťový kabel, který vede až do internetu, tak se PC zasekne a reakce na kliknutí je v řádu desítek minut. I když kabel opětovně vytáhnu, tak zůstane PC nepoužitelné. Jediné řešení je HW restart.
V případě že síťový kabel nevede do internetu (lokální LAN), tak se zdá, že vše funguje OK - jde nasdílet složku a po LAN do/z ní nakopírovat data. PC se celkově chová pěkně svižně.

Můžete mi, prosím, kouknout do logů zda tam něco ošklivého není?

Děkuji Honza P.

LOGY:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:52:15, on 24.3.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3456729093
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe

--
End of file - 6690 bytes


*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-

ComboFix 13-03-24.03 - Syd 24.03.2013 21:56:27.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1534.972 [GMT 1:00]
Spuštěný z: c:\documents and settings\Syd\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Syd\WINDOWS
c:\windows\IsUn0405.exe
c:\windows\system32\Oleaut32.1
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-24 do 2013-03-24 )))))))))))))))))))))))))))))))
.
.
2013-03-24 20:49 . 2013-03-24 16:16 388608 ----a-w- c:\program files\hijackthis.exe
2013-03-24 19:21 . 2013-03-24 19:21 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2013-03-24 19:01 . 2013-03-24 19:01 -------- d-----w- c:\program files\Windows Defender
2013-03-24 13:26 . 2013-03-24 13:26 -------- d-----w- c:\program files\CCleaner
2013-03-24 13:18 . 2013-03-24 13:18 -------- d-----w- c:\documents and settings\Syd\Data aplikací\GlarySoft
2013-03-24 13:18 . 2013-03-24 13:19 -------- d-----w- c:\program files\Glary Utilities
2013-03-17 19:18 . 2013-03-17 19:18 -------- d-----w- c:\documents and settings\Syd\Data aplikací\SUPERAntiSpyware.com
2013-03-17 19:18 . 2013-03-24 10:56 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-03-17 19:18 . 2013-03-17 19:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2013-03-17 18:50 . 2013-03-17 18:50 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\TuneUp Software
2013-03-17 18:45 . 2013-01-18 14:20 32032 ----a-w- c:\windows\system32\TURegOpt.exe
2013-03-17 18:45 . 2013-03-17 18:45 -------- d-----w- c:\documents and settings\Syd\Data aplikací\TuneUp Software
2013-03-17 18:44 . 2013-03-17 18:45 -------- d-----w- c:\program files\TuneUp Utilities 2013
2013-03-17 18:44 . 2013-03-17 18:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TuneUp Software
2013-03-17 18:44 . 2013-03-17 18:52 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-03-17 18:44 . 2013-03-17 18:44 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-07 05:42 . 2012-04-03 05:31 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-07 05:42 . 2011-06-06 14:38 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-26 03:55 . 2004-08-17 13:49 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 07:26 . 2004-08-17 15:45 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2004-08-17 13:45 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2004-08-17 13:44 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-17 13:49 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-17 13:49 1294848 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:20 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:19 . 2004-08-17 13:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-26 20:19 . 2004-08-17 13:49 1469440 ------w- c:\windows\system32\inetcpl.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 4763008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-02-10 15969280]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MP10_EnsureFileVer]
2008-04-14 03:22 208896 ----a-w- c:\windows\inf\unregmp2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-09-06 14:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
2011-10-21 13:06 433872 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 10:59 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-11-03 16:27 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"=
"d:\\Hry\\aoe2\\age2_x1.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"d:\\Hry\\War III CZ\\Warcraft III.exe"=
"d:\\Hry\\HF\\HL.EXE"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [26.6.2011 22:44 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.9.2010 17:54 361032]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 17:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 22:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [11.7.2012 19:54 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.9.2010 17:54 21256]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [18.1.2013 15:20 1724192]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [23.11.2010 0:52 27632]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [16.11.2012 16:51 10088]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [23.11.2010 0:31 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [23.11.2010 0:32 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [23.11.2010 0:32 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [23.11.2010 0:33 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [23.11.2010 0:34 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [23.11.2010 0:32 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [23.11.2010 0:33 109864]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [29.12.2010 0:31 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [29.12.2010 0:31 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [29.12.2010 0:31 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [29.12.2010 0:31 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [29.12.2010 0:31 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [29.12.2010 0:31 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [29.12.2010 0:31 123504]
S4 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [27.3.2011 15:21 247608]
S4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [29.12.2010 0:30 155344]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WINDEFEND
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 11:22 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 05:42]
.
2013-03-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2013-03-24 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-09-22 22:50]
.
2013-03-24 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2013-03-24 12:10]
.
2013-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-03 16:27]
.
2013-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-03 16:27]
.
2013-03-24 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
2013-03-17 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 59cebd4a-5bb1-40c8-8a87-c2e017094dea.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
2013-03-24 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 5c7340d1-f842-45e5-9cff-c3387ee8b06d.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-24 22:02
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(572)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2013-03-24 22:03:54
ComboFix-quarantined-files.txt 2013-03-24 21:03
.
Před spuštěním: Volných bajtů: 82 198 806 528
Po spuštění: Volných bajtů: 83 014 352 896
.
- - End Of File - - BEE78AD68BA5BF792EB6CEA9397E43CF

[Márty84]

Zdravim.

Proc jste spoustel ComboFix?

Kdybyste si precetl pravidla fora http://forum.viry.cz/viewtopic.php?f=12&t=5601 , docetl byste se mimo jine toto

2. Před položením dotazu použijte tlačítko Hledat. Možná již někdo problém podobným Vašemu řešil. Pokud ale ve vyřešeném tématu budou aplikovány různé utility\aplikace, nespouštějte je. Utility se používají až na pokyn rádce, jelikož mohou mazat stopy po havěti a v rukou ne-oborníka může mít jejich použití nedozírné následky.

3. Zvláště utilitu ComboFix nespouštějte i když Vám ji poradil kamarád\nějaký rádoby odborný web. Naše fórum je jediné z CZ-SK antivirových fór, která mají právo luštit logy z ComboFixu a mámě též plnou podporu autora této utility a přístup k nejaktuálnějším informacím a návodům.

CF smaze veskere stopy pripadne nakazy. A ja ted muzu tak akorat varit z vody, jak se rika
Jste tady poprve, takze se na to zkusime podivat, ale pokud se to bude opakovat, bude pomoc odmitnuta.
A taky upozornuji, ze se to mozna protahne a vysledek vubec neni jisty.



Odinstalujte ICQToolBar a Google Toolbar

Doporucuji odinstalovat i TuneUp. Tento program dokaze udelat v pc peknou paseku.

Dejte sem log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

[jap.biker]

Omlouvám se za ten ComboFix, ale registrace/čtení pravidel proběhlo až po jeho spuštění

Zde LOG RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Syd at 2013-03-25 13:07:39
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 79 GB (67%) free of 118 GB
Total RAM: 1534 MB (66% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 59cebd4a-5bb1-40c8-8a87-c2e017094dea.job
C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 5c7340d1-f842-45e5-9cff-c3387ee8b06d.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-12-14 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2012-12-14 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-05-04 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-12-14 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-02-10 15969280]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-11-01 4763008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MP10_EnsureFileVer]
C:\WINDOWS\inf\unregmp2.exe [2008-04-14 208896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-10-21 433872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-11-03 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\InterVideo\DVD8\WinDVD.exe"="C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Enabled:WinDVD"
"D:\Hry\aoe2\age2_x1.exe"="D:\Hry\aoe2\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\Hry\War III CZ\Warcraft III.exe"="D:\Hry\War III CZ\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\Hry\HF\HL.EXE"="D:\Hry\HF\HL.EXE:*:Enabled:Half-Life Launcher"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll

======List of files/folders created in the last 1 month======

2013-03-25 13:07:39 ----D---- C:\rsit
2013-03-25 13:07:39 ----D---- C:\Program Files\trend micro
2013-03-25 13:06:22 ----D---- C:\Program Files\RSIT
2013-03-25 08:57:07 ----D---- C:\Program Files\HijackThis
2013-03-24 22:03:56 ----D---- C:\WINDOWS\temp
2013-03-24 22:03:55 ----A---- C:\ComboFix.txt
2013-03-24 21:54:53 ----A---- C:\WINDOWS\zip.exe
2013-03-24 21:54:53 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-03-24 21:54:53 ----A---- C:\WINDOWS\SWSC.exe
2013-03-24 21:54:53 ----A---- C:\WINDOWS\SWREG.exe
2013-03-24 21:54:53 ----A---- C:\WINDOWS\sed.exe
2013-03-24 21:54:53 ----A---- C:\WINDOWS\PEV.exe
2013-03-24 21:54:53 ----A---- C:\WINDOWS\NIRCMD.exe
2013-03-24 21:54:53 ----A---- C:\WINDOWS\MBR.exe
2013-03-24 21:54:53 ----A---- C:\WINDOWS\grep.exe
2013-03-24 21:54:42 ----D---- C:\Qoobox
2013-03-24 21:54:30 ----D---- C:\WINDOWS\erdnt
2013-03-24 20:01:05 ----D---- C:\Program Files\Windows Defender
2013-03-24 14:26:09 ----D---- C:\Program Files\CCleaner
2013-03-24 14:18:53 ----D---- C:\Documents and Settings\Syd\Data aplikací\GlarySoft
2013-03-24 14:18:51 ----D---- C:\Program Files\Glary Utilities
2013-03-17 20:18:54 ----D---- C:\Documents and Settings\Syd\Data aplikací\SUPERAntiSpyware.com
2013-03-17 20:18:26 ----D---- C:\Program Files\SUPERAntiSpyware
2013-03-17 20:18:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2013-03-17 19:45:29 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2013-03-17 19:45:14 ----D---- C:\Documents and Settings\Syd\Data aplikací\TuneUp Software
2013-03-17 19:44:59 ----D---- C:\Program Files\TuneUp Utilities 2013
2013-03-17 19:44:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2013-03-17 19:44:23 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-03-17 19:44:23 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2013-03-17 18:34:48 ----D---- C:\WINDOWS\pss

======List of files/folders modified in the last 1 month======

2013-03-25 13:07:39 ----RD---- C:\Program Files
2013-03-25 12:23:22 ----D---- C:\WINDOWS\Prefetch
2013-03-25 08:31:15 ----D---- C:\upload
2013-03-25 08:10:08 ----SD---- C:\WINDOWS\Tasks
2013-03-25 08:09:23 ----D---- C:\WINDOWS
2013-03-25 08:08:06 ----D---- C:\WINDOWS\system32\CatRoot2
2013-03-25 08:07:17 ----D---- C:\WINDOWS\system32\Lang
2013-03-25 06:43:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-03-25 04:53:21 ----D---- C:\WINDOWS\system32\config
2013-03-24 22:02:16 ----A---- C:\WINDOWS\system.ini
2013-03-24 22:02:06 ----D---- C:\WINDOWS\system32\drivers\etc
2013-03-24 22:01:37 ----D---- C:\WINDOWS\system32
2013-03-24 21:59:25 ----D---- C:\WINDOWS\system32\drivers
2013-03-24 21:59:24 ----D---- C:\WINDOWS\AppPatch
2013-03-24 21:59:20 ----D---- C:\Program Files\Common Files
2013-03-24 20:01:25 ----SHD---- C:\WINDOWS\Installer
2013-03-24 20:01:12 ----HD---- C:\WINDOWS\inf
2013-03-24 20:01:05 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-03-24 17:11:06 ----D---- C:\WINDOWS\Debug
2013-03-24 14:28:37 ----D---- C:\Documents and Settings\Syd\Data aplikací\Winamp
2013-03-24 14:28:36 ----D---- C:\Documents and Settings\Syd\Data aplikací\TS3Client
2013-03-24 14:28:28 ----D---- C:\WINDOWS\Minidump
2013-03-24 14:28:28 ----D---- C:\WINDOWS\Logs
2013-03-17 20:00:45 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2013-03-17 20:00:45 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2013-03-17 20:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$
2013-03-17 20:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2013-03-17 20:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2013-03-17 20:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2013-03-17 20:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2013-03-17 20:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2013-03-17 20:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB981957$
2013-03-17 20:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2013-03-17 20:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2013-03-17 20:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$
2013-03-17 20:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2013-03-17 20:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2013-03-17 20:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$
2013-03-17 20:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2013-03-17 20:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$
2013-03-17 20:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2013-03-17 20:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2013-03-17 20:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2013-03-17 20:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$
2013-03-17 20:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2013-03-17 20:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$
2013-03-17 20:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2013-03-17 20:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$
2013-03-17 20:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2013-03-17 20:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$
2013-03-17 20:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2013-03-17 20:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$
2013-03-17 20:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2013-03-17 20:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2013-03-17 20:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2013-03-17 20:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2013-03-17 20:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$
2013-03-17 20:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2013-03-17 20:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$
2013-03-17 20:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2013-03-17 20:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$
2013-03-17 20:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2013-03-17 20:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2013-03-17 20:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2013-03-17 20:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2013-03-17 20:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2013-03-17 20:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2013-03-17 20:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2013-03-17 20:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2013-03-17 20:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$
2013-03-17 20:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2013-03-17 20:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2013-03-17 20:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2013-03-17 20:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2013-03-17 20:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2013-03-17 20:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2013-03-17 20:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2013-03-17 20:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2013-03-17 20:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2013-03-17 20:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2013-03-17 20:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2013-03-17 20:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2013-03-17 20:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2013-03-17 20:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2013-03-17 20:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2013-03-17 20:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2013-03-17 20:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2013-03-17 20:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2013-03-17 20:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2013-03-17 20:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2013-03-17 20:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2013-03-17 20:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2013-03-17 20:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2013-03-17 20:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2013-03-17 20:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2013-03-17 20:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2013-03-17 20:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2013-03-17 20:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2013-03-17 20:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2013-03-17 20:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2013-03-17 20:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2013-03-17 20:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2013-03-17 20:00:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2013-03-17 20:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2013-03-17 20:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2013-03-17 20:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2013-03-17 20:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2013-03-17 20:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2013-03-17 20:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2013-03-17 20:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2013-03-17 20:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2013-03-17 20:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2013-03-17 20:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2013-03-17 20:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2013-03-17 20:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2013-03-17 20:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2013-03-17 20:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2013-03-17 20:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2013-03-17 20:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2013-03-17 20:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2013-03-17 20:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2013-03-17 20:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2013-03-17 20:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2013-03-17 20:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2013-03-17 20:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2013-03-17 20:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2013-03-17 20:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2013-03-17 20:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2013-03-17 20:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2013-03-17 20:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2013-03-17 20:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2013-03-17 20:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2013-03-17 20:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2013-03-17 20:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2013-03-17 20:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2013-03-17 20:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2013-03-17 20:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2013-03-17 20:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2013-03-17 20:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2013-03-17 20:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2013-03-17 20:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2013-03-17 20:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2013-03-17 20:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2013-03-17 20:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2013-03-17 20:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2013-03-17 20:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2013-03-17 20:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2013-03-17 20:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2013-03-17 20:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2013-03-17 20:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2013-03-17 20:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2013-03-17 20:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2013-03-17 20:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2013-03-17 20:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2013-03-17 20:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2013-03-17 20:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2013-03-17 20:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2013-03-17 20:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2013-03-17 20:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2013-03-17 20:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2013-03-17 20:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2013-03-17 20:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2013-03-17 20:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2013-03-17 20:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2013-03-17 20:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2013-03-17 20:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2013-03-17 20:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2013-03-17 20:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2013-03-17 20:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2013-03-17 20:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2013-03-17 20:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2013-03-17 20:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2013-03-17 20:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2013-03-17 20:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2013-03-17 20:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2013-03-17 20:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2013-03-17 20:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2013-03-17 20:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2799494$
2013-03-17 20:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2013-03-17 20:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2779562$
2013-03-17 20:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2779030$
2013-03-17 20:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2778344$
2013-03-17 20:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$
2013-03-17 20:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2761226$
2013-03-17 20:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$
2013-03-17 20:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$
2013-03-17 20:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2756822$
2013-03-17 20:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842-v2$
2013-03-17 20:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842$
2013-03-17 20:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$
2013-03-17 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$
2013-03-17 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847$
2013-03-17 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2013-03-17 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2724197$
2013-03-17 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135$
2013-03-17 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2013-03-17 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2718704$
2013-03-17 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2013-03-17 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2013-03-17 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2709162$
2013-03-17 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2707511$
2013-03-17 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$
2013-03-17 20:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2013-03-17 20:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2695962$
2013-03-17 20:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2013-03-17 20:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2013-03-17 20:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2685939$
2013-03-17 20:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2013-03-17 20:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2013-03-17 20:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2661254-v2$
2013-03-17 20:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2013-03-17 20:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2013-03-17 20:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2013-03-17 20:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2013-03-17 20:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2647518$
2013-03-17 20:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2013-03-17 20:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$
2013-03-17 20:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2013-03-17 20:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2013-03-17 20:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2013-03-17 20:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2013-03-17 20:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2013-03-17 20:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2013-03-17 20:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2621440$
2013-03-17 20:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2013-03-17 20:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2013-03-17 20:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2013-03-17 20:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2616676$
2013-03-17 20:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2607712$
2013-03-17 20:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2013-03-17 20:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2013-03-17 20:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2013-03-17 20:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2013-03-17 20:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2013-03-17 20:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2013-03-17 20:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$
2013-03-17 20:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2013-03-17 20:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2013-03-17 20:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2013-03-17 20:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2013-03-17 20:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2013-03-17 20:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2013-03-17 20:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2013-03-17 20:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2013-03-17 20:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893$
2013-03-17 20:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2013-03-17 20:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2013-03-17 20:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276$
2013-03-17 20:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2013-03-17 20:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2013-03-17 20:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2013-03-17 20:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2013-03-17 20:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2013-03-17 20:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2013-03-17 20:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2013-03-17 20:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2013-03-17 20:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2013-03-17 20:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2013-03-17 20:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2503665$
2013-03-17 20:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2013-03-17 20:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2013-03-17 20:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2013-03-17 20:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2013-03-17 20:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2013-03-17 20:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2013-03-17 20:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2013-03-17 20:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2013-03-17 20:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2013-03-17 20:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2013-03-17 20:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2013-03-17 20:00:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2013-03-17 20:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2013-03-17 20:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2013-03-17 20:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2013-03-17 20:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2013-03-17 20:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2013-03-17 20:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2013-03-17 20:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2013-03-17 20:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2013-03-17 20:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2013-03-17 20:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2013-03-17 20:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2013-03-17 20:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2013-03-17 20:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2013-03-17 20:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2013-03-17 20:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2013-03-17 20:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2013-03-17 20:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2279986$
2013-03-17 20:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2013-03-17 20:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$
2013-03-17 20:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2013-03-17 20:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2013-03-17 20:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2013-03-17 20:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2013-03-17 20:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2013-03-17 20:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2013-03-17 20:00:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2013-03-17 20:00:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2013-03-17 19:52:04 ----D---- C:\Documents and Settings\Syd\Data aplikací\Nero
2013-03-17 19:41:10 ----SH---- C:\boot.ini
2013-03-17 19:41:10 ----A---- C:\WINDOWS\win.ini
2013-03-04 14:15:42 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2005-12-22 5685]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2012-10-30 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
R3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\system32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-02-16 4156416]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys []
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 catchme;catchme; \??\C:\DOCUME~1\Syd\LOCALS~1\Temp\catchme.sys []
S3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2005-03-18 42496]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1039bus.sys [2010-03-15 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys [2010-03-15 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1039mdm.sys [2010-03-15 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys [2010-03-15 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1039nd5.sys [2010-03-15 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1039obex.sys [2010-03-15 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1039unic.sys [2010-03-15 123504]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2013-01-18 1724192]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-07 251248]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-03 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-03 136176]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-15 194032]
S4 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
S4 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2006-12-05 112152]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-05-04 153376]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]

-----------------EOF-----------------

[Márty84]

A co cteni jeho licencnich podminek
Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby



Odinstalovaval jste to co jsem napsal?


Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Spustte ho.
Kliknete na Prohledat a program zacne pracovat.
Az skonci, vyplivne na vas log (pokud ne, najdete ho zde C:\AdwCleaner[R?].txt ), ten mi sem zkopirujte.

[jap.biker]

Jo jo ty toolbary jsem odinstaloval, stejně tak TuneUp. Bez zlepšení.

LOG z AdwCleaner:

# AdwCleaner v2.115 - Log vytvooen 25/03/2013 v 19:43:25
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Syd - SEMPRON
# Spuštin systém : Normální
# Spuštino z : C:\iNSTALL\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Nalezeno : C:\Documents and Settings\Syd\Data aplikací\Desktopicon
Složka Nalezeno : C:\Program Files\ICQ6Toolbar
Soubor Nalezeno : C:\Documents and Settings\Syd\Nabídka Start\eBay.lnk
Soubor Nalezeno : C:\Documents and Settings\Syd\Plocha\eBay.lnk

***** [Registry] *****

Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Google Chrome v24.0.1312.57

Soubor : C:\Documents and Settings\Syd\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R3].txt - [1484 octets] - [25/03/2013 19:43:25]

########## EOF - C:\AdwCleaner[R3].txt - [1544 octets] ##########

[Márty84]

No, ja jen ze v logu to porad vsechno bylo, takze jste to asi odinstaloval az po pouziti RSIT.


Znovu ukoncete vsechny programy a spustte AdwCleaner.
Tentokrat kliknete na Smazat
Program zacne pracovat (muze dojit k restartu pc) a vyplivne dalsi log (pripadne bude zde C:\AdwCleaner [S1].txt ). Ten mi sem zase zkopirujte.


Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[jap.biker]

Po AdwCleaner/smazat pořád tuhne..

LOGY:

# AdwCleaner v2.115 - Log vytvooen 26/03/2013 v 07:45:01
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Microsoft Windows XP Service Pack 3 (32 bits)
# Uživatel : Syd - SEMPRON
# Spuštin systém : Normální
# Spuštino z : C:\iNSTALL\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Vymazáno : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar
Složka Vymazáno : C:\Documents and Settings\Syd\Data aplikací\Desktopicon
Složka Vymazáno : C:\Program Files\ICQ6Toolbar
Soubor Vymazáno : C:\Documents and Settings\Syd\Nabídka Start\eBay.lnk
Soubor Vymazáno : C:\Documents and Settings\Syd\Plocha\eBay.lnk

***** [Registry] *****

Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v8.0.6001.18702

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Google Chrome v24.0.1312.57

Soubor : C:\Documents and Settings\Syd\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R3].txt - [1613 octets] - [25/03/2013 19:43:25]
AdwCleaner[S1].txt - [1579 octets] - [26/03/2013 07:45:01]

########## EOF - C:\AdwCleaner[S1].txt - [1639 octets] ##########


Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2012.12.14.11

Windows XP Service Pack 3 x86 FAT
Internet Explorer 8.0.6001.18702
Syd :: SEMPRON [administrátor]

Ochrana: Zakázána

26.3.2013 8:14:25
MBAM-log-2013-03-26 (12-09-07).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 339012
Uplynulý čas: 3 hodin, 43 minut, 53 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 4
C:\iNSTALL\ZPS12\CORE10k.EXE (Dont.Steal.Our.Software) -> Nebyla provedena žádná instrukce.
C:\iNSTALL\ZPS12\cr-11c07\CORE10k.EXE (Dont.Steal.Our.Software) -> Nebyla provedena žádná instrukce.
D:\Hry\HF\PATCH.EXE (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.
D:\Hry\HF\KEYGEN\CDKEYGEN.EXE (RiskWare.Tool.CK) -> Nebyla provedena žádná instrukce.

(konec)

[Márty84]

Nalezy MBAM nechte odstranit.

Jak dlouho ten problem trva?



Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu a spustte.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

[jap.biker]

Nálezy MBAM odstraněny (s jedním restartem),

Problém se objevil asi tak před měsícem, měsícem a půl. V té době jsem byl v nemocnici, tak tchán čekal, až se vrátím...

LOG RogueKiller:

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Syd [Práva správce]
Mód : Kontrola -- Datum : 03/26/2013 19:07:23
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{B6F63C72-D461-4CC2-90F9-CF7335704472} : NameServer (172.16.0.5) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD400BB-00GFA0 +++++
--- User ---
[MBR] 9442381b91785491ea6d779f176dd7c0
[BSP] dc52ce41d420e1a804f06912eefcfa17 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38162 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: HDS722512VLAT80 +++++
--- User ---
[MBR] 70ad21e25dcbacbe5216682d7b07e6ee
[BSP] 22228258baf37162c551ce32528b8973 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 117796 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive3: Generic Flash Disk USB Device +++++
--- User ---
[MBR] 959c04abf7dfd27b65700ce8d933bc56
[BSP] a4d4617b3acea9e8bb70783f1010d7dc : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 504 | Size: 1919 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[1]_S_03262013_02d1907.txt >>
RKreport[1]_S_03262013_02d1907.txt

[Márty84]

Znovu spustte RogueKiller (pokud jste ho jeste nezavrel/a, rovnou kliknete na napis Smazat)
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Smazat.
Pak kliknete na napis Zprava a objevi se log. Ten mi sem vlozte.
Pak kliknete na napis Oprava Host a Zprava.
Objevi se dalsi log. I ten mi sem vlozte.


Pouzijte WinsockFix http://www.softpedia.com/get/Tweak/Netw ... kFix.shtml
Pozor, program resetuje protokol tcp/ip. Jestli mate parametry site zadavany rucne, budete je muset znovu nastavit podle smlouvy s poskytovatelem.

[jap.biker]

Požadované LOGY:

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Syd [Práva správce]
Mód : Odebrat -- Datum : 03/27/2013 19:26:37
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{B6F63C72-D461-4CC2-90F9-CF7335704472} : NameServer (172.16.0.5) -> NEBYLO ODSTRANĚNO, POUŽIJTE DNSFIX
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD400BB-00GFA0 +++++
--- User ---
[MBR] 9442381b91785491ea6d779f176dd7c0
[BSP] dc52ce41d420e1a804f06912eefcfa17 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 38162 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: HDS722512VLAT80 +++++
--- User ---
[MBR] 70ad21e25dcbacbe5216682d7b07e6ee
[BSP] 22228258baf37162c551ce32528b8973 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 117796 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[3]_D_03272013_02d1926.txt >>
RKreport[1]_S_03262013_02d1907.txt ; RKreport[2]_S_03272013_02d1925.txt ; RKreport[3]_D_03272013_02d1926.txt

*-*-*-*-*-*-*-*-*-*-*-*--*-*-*-*-*-*-*-*-*-*-*-

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Syd [Práva správce]
Mód : Oprava HOSTS -- Datum : 03/27/2013 19:29:30
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[4]_H_03272013_02d1929.txt >>
RKreport[1]_S_03262013_02d1907.txt ; RKreport[2]_S_03272013_02d1925.txt ; RKreport[3]_D_03272013_02d1926.txt ; RKreport[4]_H_03272013_02d1929.txt

[jap.biker]

Ještě jsem zapomněl zhodnotit stávající stav (po RogueKiller) :

suběktivně trvá o pár sekund déle, než počítač po připojení internetu zamrzne, ale jinak žádná změna..

[Márty84]

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=-
"ISUSPM"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[jap.biker]

Stav po combofix: beze změny..

LOG:

ComboFix 13-03-24.03 - Syd 28.03.2013 0:06.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1534.1101 [GMT 1:00]
Spuštěný z: c:\documents and settings\Syd\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Syd\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-27 do 2013-03-27 )))))))))))))))))))))))))))))))
.
.
2013-03-27 18:32 . 2013-03-27 18:25 1413120 ----a-w- c:\program files\winsockfix.exe
2013-03-26 21:01 . 2013-03-26 21:01 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\PCHealth
2013-03-26 07:00 . 2013-03-26 07:00 -------- d-----w- c:\documents and settings\Syd\Data aplikací\Malwarebytes
2013-03-26 07:00 . 2013-03-26 07:00 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-03-26 07:00 . 2013-03-26 07:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-26 07:00 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-25 12:07 . 2013-03-25 12:07 -------- d-----w- C:\rsit
2013-03-25 12:07 . 2013-03-25 12:07 -------- d-----w- c:\program files\trend micro
2013-03-25 12:06 . 2013-03-25 12:06 -------- d-----w- c:\program files\RSIT
2013-03-24 19:21 . 2013-03-24 19:21 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2013-03-24 19:01 . 2013-03-24 19:01 -------- d-----w- c:\program files\Windows Defender
2013-03-24 13:26 . 2013-03-24 13:26 -------- d-----w- c:\program files\CCleaner
2013-03-24 13:18 . 2013-03-24 13:18 -------- d-----w- c:\documents and settings\Syd\Data aplikací\GlarySoft
2013-03-24 13:18 . 2013-03-24 13:19 -------- d-----w- c:\program files\Glary Utilities
2013-03-17 19:18 . 2013-03-17 19:18 -------- d-----w- c:\documents and settings\Syd\Data aplikací\SUPERAntiSpyware.com
2013-03-17 19:18 . 2013-03-24 10:56 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-03-17 19:18 . 2013-03-17 19:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2013-03-17 18:50 . 2013-03-17 18:50 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\TuneUp Software
2013-03-17 18:45 . 2013-03-17 18:45 -------- d-----w- c:\documents and settings\Syd\Data aplikací\TuneUp Software
2013-03-17 18:44 . 2013-03-17 18:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TuneUp Software
2013-03-17 18:44 . 2013-03-17 18:52 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-03-17 18:44 . 2013-03-17 18:44 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-07 05:42 . 2012-04-03 05:31 697712 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-07 05:42 . 2011-06-06 14:38 74096 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-26 03:55 . 2004-08-17 13:49 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 07:26 . 2004-08-17 15:45 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2004-08-17 13:45 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2004-08-17 13:44 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-17 13:49 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-17 13:49 1294848 ----a-w- c:\windows\system32\quartz.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-02-10 15969280]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MP10_EnsureFileVer]
2008-04-14 03:22 208896 ----a-w- c:\windows\inf\unregmp2.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"=
"d:\\Hry\\aoe2\\age2_x1.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"d:\\Hry\\War III CZ\\Warcraft III.exe"=
"d:\\Hry\\HF\\HL.EXE"=
"c:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [26.6.2011 22:44 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.9.2010 17:54 361032]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 17:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12.7.2011 22:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [11.7.2012 19:54 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.9.2010 17:54 21256]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [23.11.2010 0:52 27632]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [26.3.2013 8:00 682344]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [26.3.2013 8:00 21104]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [23.11.2010 0:31 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [23.11.2010 0:32 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [23.11.2010 0:32 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [23.11.2010 0:33 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [23.11.2010 0:34 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [23.11.2010 0:32 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [23.11.2010 0:33 109864]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM);c:\windows\system32\drivers\s1039bus.sys [29.12.2010 0:31 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;c:\windows\system32\drivers\s1039mdfl.sys [29.12.2010 0:31 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;c:\windows\system32\drivers\s1039mdm.sys [29.12.2010 0:31 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1039mgmt.sys [29.12.2010 0:31 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1039nd5.sys [29.12.2010 0:31 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;c:\windows\system32\drivers\s1039obex.sys [29.12.2010 0:31 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1039unic.sys [29.12.2010 0:31 123504]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [29.12.2010 0:30 155344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 11:22 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 05:42]
.
2013-03-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2013-03-27 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-09-22 22:50]
.
2013-03-27 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2013-03-24 12:10]
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-03 16:27]
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-03 16:27]
.
2013-03-27 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
2013-03-25 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 59cebd4a-5bb1-40c8-8a87-c2e017094dea.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
2013-03-26 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 5c7340d1-f842-45e5-9cff-c3387ee8b06d.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 10.10.10.10
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-eBay Icon - c:\documents and settings\Syd\Data aplikací\Desktopicon\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-28 00:16
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(456)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3356)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Celkový čas: 2013-03-28 00:21:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-27 23:21
ComboFix2.txt 2013-03-24 21:03
.
Před spuštěním: Volných bajtů: 82 814 070 784
Po spuštění: Volných bajtů: 82 804 797 440
.
- - End Of File - - 8E6046FF2167047EE01BC1898ABA8521

[Márty84]

Dejte novy log z RSIT