pls poradte sem bezradnej

Zpráva

danny-13 · #46 Příspěvek od **danny-13** » 14 bře 2008 21:58

jj diky:)
jeste posledni dotazek;) mam v planu se venovat PC v budoucnu a zajiumalo by me kde se daji dozvedet ty veci ktery vy radite lidem jkdyz maji problem ?:-))

#47 Příspěvek od **riffman** » 14 bře 2008 22:10

intuice+www.google.com+snaha se naucit neco noveho=uspech

danny-13 · #48 Příspěvek od **danny-13** » 14 bře 2008 22:44

no tak jo

od malicka sme v pc tak myslim ze to problem nebude

kdyby neco mam tu váš

danny-13 · #49 Příspěvek od **danny-13** » 14 bře 2008 23:21

mam dotaz nikde sem to nenasel sda se v keriu nastavit max upload pro nejaky pripojeni??:)

#50 Příspěvek od **riffman** » 15 bře 2008 07:20

myslim ze ne...

krisa · #51 Příspěvek od **krisa** » 30 říj 2010 10:01

Cbych se zeptat co je proces "disvc exe" ? neni to vir?

#52 Příspěvek od **riffman** » 30 říj 2010 10:43

jak jste k nemu prisel?

btw neni vam blby po dvou letech tahat na svet jiz uzavreny thread?

krisa · #53 Příspěvek od **krisa** » 31 říj 2010 09:23

nevím furt ten proces chtel od firewallu pristup na net nebo neco takeho(moc se v tom nevyznam)

#54 Příspěvek od **riffman** » 31 říj 2010 09:42

hele, vsichni sem davaji logy z RSIT, co kdybyste to zkusil taky, protoze vesteni z koule nam porad moc nejde...?

krisa · #55 Příspěvek od **krisa** » 31 říj 2010 12:55

Problém je ze nevím co je RSIT

#56 Příspěvek od **riffman** » 31 říj 2010 13:33

ach jo, clovece...co se takhle rozhlidnout po foru

http://www.viry.cz/forum/viewtopic.php?f=13&t=105895

krisa · #57 Příspěvek od **krisa** » 01 lis 2010 17:31

Logfile of random's system information tool 1.08 (written by random/random)
Run by doma at 2010-11-01 17:11:35
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (39%) free of 14 GB
Total RAM: 767 MB (26% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:12:27, on 1.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\IObit\Game Booster 2\GameBox.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\devldr32.exe
D:\RSIT.exe
C:\Program Files\trend micro\doma.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://jookz.toolbaroptions.com/?tmp=to ... b04ie&v=15
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://jookz.toolbaroptions.com/?tmp=to ... b04ie&v=15
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://jookz.toolbaroptions.com/?tmp=to ... b04ie&v=15
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://jookz.toolbaroptions.com/?tmp=to ... b04ie&v=15
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O4 - HKLM\..\Run: [ZDWlan.EXE] "C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.EXE"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Display Driver] C:\DOCUME~1\doma\LOCALS~1\Temp\disvc.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\doma\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\doma\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\WINDOWS\system32\shdocvw.dll (HKCU)
O10 - Unknown file in Winsock LSP: d:\gimp\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: d:\gimp\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: d:\gimp\advanced systemcare 3\spictrl.dll
O10 - Unknown file in Winsock LSP: d:\gimp\advanced systemcare 3\spictrl.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Registry Management Service (RegManServ) - Unknown owner - D:\gimp\Advanced Registry Doctor\RegManServ.exe (file missing)
O23 - Service: TabDiscover Service - Unknown owner - C:\Documents and Settings\All Users\Data aplikací\TabDiscover\tabdiscover143.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)

--
End of file - 6729 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-10-26 1623392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ZDWlan.EXE"=C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.EXE [2009-01-14 491520]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-06-04 1038848]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-10-04 2067808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Display Driver"=C:\DOCUME~1\doma\LOCALS~1\Temp\disvc.exe [2010-10-29 22449]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-09-29 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStatusMessages"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoSharedDocuments"=1
"NoInstrumentation"=1
"NoWindowsUpdate"=1
"NoResolveTrack"=1
"NoFolderOptions"=0
"NoViewContextMenu"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceClassicControlPanel"=1
"NoViewContextMenu"=0
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\mu\hudba\Counter-Strike Source\hl2.exe"="D:\mu\hudba\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Sony Ericsson\Update Service\Update Service.exe"="C:\Program Files\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"D:\mu\sg dailing\stbc.exe"="D:\mu\sg dailing\stbc.exe:*:Enabled:stbc"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"E:\AirRivals_EN\Launcher.atm"="E:\AirRivals_EN\Launcher.atm:Enabled:GameExe2"
"E:\AirRivals_EN\Res-Voip\SCVoIP.exe"="E:\AirRivals_EN\Res-Voip\SCVoIP.exe:Enabled:GameVoIP"
"C:\Documents and Settings\doma\Local Settings\Temp\disvc.exe"="C:\Documents and Settings\doma\Local Settings\Temp\disvc.exe:*:Enabled:Windows Updates"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-11-01 17:11:35 ----D---- C:\rsit
2010-11-01 17:11:35 ----D---- C:\Program Files\trend micro
2010-10-30 10:08:18 ----D---- C:\Zalohy 1.7.2007
2010-10-30 09:52:24 ----A---- C:\WINDOWS\zip.exe
2010-10-30 09:52:24 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-10-30 09:52:24 ----A---- C:\WINDOWS\SWSC.exe
2010-10-30 09:52:24 ----A---- C:\WINDOWS\SWREG.exe
2010-10-30 09:52:24 ----A---- C:\WINDOWS\sed.exe
2010-10-30 09:52:24 ----A---- C:\WINDOWS\PEV.exe
2010-10-30 09:52:24 ----A---- C:\WINDOWS\NIRCMD.exe
2010-10-30 09:52:24 ----A---- C:\WINDOWS\MBR.exe
2010-10-30 09:52:24 ----A---- C:\WINDOWS\grep.exe
2010-10-30 09:51:27 ----D---- C:\WINDOWS\ERDNT
2010-10-30 09:51:20 ----SD---- C:\ComboFix
2010-10-30 09:48:47 ----D---- C:\Qoobox
2010-10-30 09:30:20 ----A---- C:\WINDOWS\system32\SX5363S.DLL
2010-10-30 09:30:20 ----A---- C:\WINDOWS\system32\Sx5363.ini
2010-10-30 09:30:19 ----A---- C:\WINDOWS\system32\RV32RTP.dll
2010-10-28 11:50:46 ----D---- C:\Program Files\Zrychleni Pocitace
2010-10-28 09:59:37 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2010-10-28 09:59:32 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-10-28 09:58:37 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-10-28 09:58:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2010-10-21 14:12:07 ----D---- C:\Documents and Settings\doma\Data aplikací\Google
2010-10-21 14:09:37 ----D---- C:\Program Files\Google
2010-10-04 16:02:25 ----D---- C:\Documents and Settings\doma\Data aplikací\DVDVideoSoft

======List of files/folders modified in the last 1 months======

2010-11-01 17:12:09 ----D---- C:\WINDOWS\Internet Logs
2010-11-01 17:11:35 ----RD---- C:\Program Files
2010-11-01 17:10:30 ----D---- C:\Program Files\Common Files\Akamai
2010-11-01 17:07:48 ----D---- C:\WINDOWS\Temp
2010-11-01 17:06:46 ----D---- C:\WINDOWS\system32\CatRoot2
2010-10-31 11:01:14 ----D---- C:\WINDOWS\system32\drivers
2010-10-31 10:28:26 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-31 09:43:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-10-31 09:36:00 ----D---- C:\WINDOWS
2010-10-31 09:19:47 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-10-31 09:16:00 ----D---- C:\WINDOWS\system32
2010-10-31 09:16:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-31 09:12:37 ----SHD---- C:\WINDOWS\CSC
2010-10-30 10:04:06 ----SD---- C:\WINDOWS\Tasks
2010-10-30 10:03:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\IObit
2010-10-30 09:48:37 ----D---- C:\WINDOWS\Prefetch
2010-10-30 09:37:37 ----D---- C:\WINDOWS\system32\drivers\etc
2010-10-30 08:40:28 ----D---- C:\Program Files\Defraggler
2010-10-29 17:18:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-10-29 16:05:24 ----D---- C:\Program Files\Mozilla Firefox
2010-10-28 10:05:26 ----RSD---- C:\WINDOWS\Fonts
2010-10-28 10:01:48 ----RSH---- C:\boot.ini
2010-10-28 09:59:42 ----SHD---- C:\WINDOWS\Installer
2010-10-28 09:59:41 ----SHD---- C:\Config.Msi
2010-10-24 13:49:21 ----D---- C:\Documents and Settings\doma\Data aplikací\gtk-2.0
2010-10-21 17:28:11 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2010-10-04 16:02:24 ----RSD---- C:\WINDOWS\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 IdeBusDr;IdeBusDr; C:\WINDOWS\system32\DRIVERS\IdeBusDr.sys [2002-10-14 13891]
R0 IdeChnDr;Intel(R) Ultra ATA Controller; C:\WINDOWS\system32\DRIVERS\IdeChnDr.sys [2002-10-14 101431]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-26 691696]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-09-29 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-09-29 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-09-29 243024]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-06-02 528128]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2004-05-17 41984]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-04-14 701440]
R3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\WINDOWS\system32\DRIVERS\seehcri.sys [2010-04-10 27632]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 ZD1211BU(TP-LINK);TP-LINK Wireless USB Adapter Driver(TP-LINK); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2009-01-05 500736]
R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2009-01-05 17664]
S0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys []
S2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys []
S3 BRGSp50;BRGSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\BRGSp50.sys [2009-01-05 20608]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2010-01-21 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2010-01-21 25512]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-04-21 47360]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-09-29 308136]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-09-30 1051968]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-06-04 2436664]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-21 136176]
S2 RegManServ;Registry Management Service; D:\gimp\Advanced Registry Doctor\RegManServ.exe []
S2 TabDiscover Service;TabDiscover Service; C:\Documents and Settings\All Users\Data aplikací\TabDiscover\tabdiscover143.exe C:\Program Files\TabDiscover\tabdiscover.dll efzrhxhufm []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-10-28 435008]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
PS-ten proces vždy po zapnuti pc vypinam

#58 Příspěvek od **riffman** » 01 lis 2010 17:35

stahnete a ulozte na plochu ComboFix

pote spustte aplikaci pod uctem s administratorskym opravnenim (nikoli pod uctem s omezenym opravnenim)

v operacnich systemech Windows Vista a Windows 7 spoustejte aplikaci jako spravce (kliknutim pravym mysitkem na ikonu aplikace a volbou "Spustit jako spravce"

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano:

Obrázek

dale muze dojit k varovani ohledne rezidentniho stitu vaseho antiviru a upozorneni na nenainstalovanou konzoli pro zotaveni; tu zatim neinstalujte.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, deaktivujte jeho rezidentni stit, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim Combofixu s rezidentem antispyware

po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem

krisa · #59 Příspěvek od **krisa** » 02 lis 2010 16:44

ComboFix 10-10-29.03 - doma 02.11.2010 16:21:18.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.767.353 [GMT 1:00]
Spuštěný z: D:\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Pro Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\INSTALL.LOG
c:\program files\TabDiscover
c:\program files\TabDiscover\tabdiscover.exe
c:\windows\system32\arp.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TABDISCOVER_SERVICE
-------\Service_TabDiscover Service

((((((((((((((((((((((((( Soubory vytvořené od 2010-10-02 do 2010-11-02 )))))))))))))))))))))))))))))))
.

2010-11-01 16:11 . 2010-11-01 16:12 -------- d-----w- C:\rsit
2010-11-01 16:11 . 2010-11-01 16:12 -------- d-----w- c:\program files\trend micro
2010-10-30 09:08 . 2010-10-30 09:09 -------- d-----w- C:\Zalohy 1.7.2007
2010-10-30 08:30 . 2004-05-10 10:14 118272 ----a-w- c:\windows\system32\SX5363S.DLL
2010-10-30 08:30 . 2004-05-10 10:14 102400 ----a-w- c:\windows\system32\RV32RTP.dll
2010-10-28 10:50 . 2010-10-29 14:51 -------- d-----w- c:\program files\Zrychleni Pocitace
2010-10-28 08:59 . 2010-09-30 15:15 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-10-28 08:59 . 2010-09-30 15:09 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-10-28 08:58 . 2010-10-28 08:59 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-10-28 08:58 . 2010-10-28 08:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TuneUp Software
2010-10-21 13:15 . 2010-10-21 13:15 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Google
2010-10-21 13:10 . 2010-10-22 12:25 -------- d-----w- c:\documents and settings\doma\Local Settings\Data aplikací\Temp
2010-10-21 13:10 . 2010-10-21 13:10 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Google
2010-10-21 13:09 . 2010-10-21 16:25 -------- d-----w- c:\program files\Google
2010-10-21 13:09 . 2010-10-21 13:12 -------- d-----w- c:\documents and settings\doma\Local Settings\Data aplikací\Google
2010-10-04 15:02 . 2010-10-04 15:02 -------- d-----w- c:\documents and settings\doma\Data aplikací\DVDVideoSoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-29 16:11 . 2010-09-29 16:11 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-09-29 16:11 . 2010-09-29 16:11 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-09-29 16:10 . 2010-09-29 16:10 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-09-29 16:10 . 2010-09-29 16:10 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-18 16:58 . 2010-08-17 15:20 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
.

------- Sigcheck -------

[-] 2009-08-25 . B1C66D7B244FC4E2B034D50E86E4E991 . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

[-] 2004-11-28 13:36 . AB3D62010AF342203FFA60C2D94DBC68 . 8704 . . [1] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZDWlan.EXE"="c:\program files\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.EXE" [2009-01-14 491520]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-04 1038848]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-10-04 2067808]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableStatusMessages"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-09-29 16:11 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"d:\\mu\\hudba\\Counter-Strike Source\\hl2.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"d:\\mu\\sg dailing\\stbc.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"e:\airrivals_en\Launcher.atm"= e:\airrivals_en\Launcher.atm:Enabled:GameExe2
"e:\airrivals_en\Res-Voip\SCVoIP.exe"= e:\airrivals_en\Res-Voip\SCVoIP.exe:Enabled:GameVoIP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1042:TCP"= 1042:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-21 136176]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-01-21 13224]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-26 691696]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-09-29 216400]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-09-29 243024]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-04-14 14336]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-09-29 308136]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-09-30 1051968]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-04-10 27632]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 ZD1211BU(TP-LINK);TP-LINK Wireless USB Adapter Driver(TP-LINK);c:\windows\system32\DRIVERS\zd1211Bu.sys [2009-01-05 500736]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-11-02 c:\windows\Tasks\Game_Booster_Startup.job
- c:\program files\IObit\Game Booster 2\GameBox.exe [2010-10-30 20:47]

2010-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-21 13:09]

2010-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-21 13:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://jookz.toolbaroptions.com/?tmp=toolbar_results_jookz_v2_homepage&prt=jkwbtb04ie&v=15
uDefault_Search_URL = hxxp://search.qip.ru
uLocal Page = hxxp://jookz.toolbaroptions.com/?tmp=toolbar_results_jookz_v2_homepage&prt=jkwbtb04ie&v=15
mLocal Page = hxxp://jookz.toolbaroptions.com/?tmp=toolbar_results_jookz_v2_homepage&prt=jkwbtb04ie&v=15
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Free YouTube Download - c:\documents and settings\doma\Data aplikací\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\documents and settings\doma\Data aplikací\DVDVideoSoftIEHelpers\youtubetomp3.htm
LSP: d:\gimp\Advanced SystemCare 3\SPICtrl.dll
FF - ProfilePath - c:\documents and settings\doma\Data aplikací\Mozilla\Firefox\Profiles\0gvs208e.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - XfireXO Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

SafeBoot-Wdf01000.sys
AddRemove-{ECCA8FE7-767A-4C8A-9DAA-BAB60F877C41} - c:\documents and settings\doma\Local Settings\Data aplikací\{0E8E33D8-193A-414A-A909-0F101A142D26}\setup.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-02 16:34
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3756)
c:\windows\system32\msi.dll
d:\gimp\Advanced SystemCare 3\SPICtrl.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\devldr32.exe
.
**************************************************************************
.
Celkový čas: 2010-11-02 16:39:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-02 15:39

Před spuštěním: 5 595 410 432
Po spuštění: 5 438 574 592

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /FASTDETECT /TUTag=BAYZW2

- - End Of File - - 22AA2E74EF827AD4858E03C8B9627C9A

#60 Příspěvek od **riffman** » 02 lis 2010 18:42

poprosim o aktualni log z RSITu

VIRY.CZ

pls poradte sem bezradnej

Re: pls poradte sem bezradnej

Re: pls poradte sem bezradnej

Re: pls poradte sem bezradnej

Re: pls poradte sem bezradnej

Re: pls poradte sem bezradnej

Re: pls poradte sem bezradnej

Re: pls poradte sem bezradnej

Re: pls poradte sem bezradnej

Re: pls poradte sem bezradnej

Re: pls poradte sem bezradnej