Dobrý den!Prosím o kontrolu logu,nejdou mi totiž rozbalovat archivy,tak bych se chtěl ujistit,zda je vše vpořádku.Děkuji.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Mirek at 2010-02-01 20:31:01
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (14%) free of 123 GB
Total RAM: 3071 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:31:53, on 1.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\Mirek\Desktop\Dokumenty\Miruna\Miranda IM Bagr pack\miranda32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\cFosSpeed\spd.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft SQL Server\MSSQL$SPZSQL2009\Binn\sqlservr.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\IObit\Advanced WindowsCare V2 Pro\Awc.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Program Files\uTorrent\utorrent.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Mirek\Desktop\Dokumenty\Programy\RSIT.exe
C:\Program Files\trend micro\Mirek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - (no file)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [Miranda IM] C:\Documents and Settings\Mirek\Desktop\Dokumenty\Miruna\Miranda IM Bagr pack\miranda32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) -
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se5483.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
O16 - DPF: {813A45F9-744F-435F-A815-19E2DF35A9D8} (O2C-Player - area constructor view (ELECO Software GmbH)) - http://www.o2c.de/download/o2cplayerac.cab
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} (Java Plug-in 1.6.0_01) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://195.113.207.238/activex/AMC.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ED1C9A12-3658-4439-9CFF-A4B04B1BA579}: NameServer = 212.96.161.6,212.96.160.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Služba Google Update (gupdate1c9f8f75277681c) (gupdate1c9f8f75277681c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 12708 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Advanced WindowsCare V2 Pro.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\AwcProUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-15 1218000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2010-01-14 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-10-14 863688]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-15 1218000]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2007-05-17 269632]
{2C688203-7EB3-4327-9995-1CB417BA23F9} - []
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2009-10-19 1345336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"SpywareTerminator"=C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe [2008-11-02 1783808]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-08-17 13877248]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Miranda IM"=C:\Documents and Settings\Mirek\Desktop\Dokumenty\Miruna\Miranda IM Bagr pack\miranda32.exe [2007-10-19 550996]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"NoDriveAutoRun"=4294967295
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Mirek\Desktop\Dokumenty\Miruna\Miranda IM Bagr pack\miranda32.exe"="C:\Documents and Settings\Mirek\Desktop\Dokumenty\Miruna\Miranda IM Bagr pack\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe"="C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe:*:Disabled:Alcohol 120%"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Documents and Settings\Mirek\Desktop\Dokumenty\Mirunovič\mIRC_6.21\mirc.exe"="C:\Documents and Settings\Mirek\Desktop\Dokumenty\Mirunovič\mIRC_6.21\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Documents and Settings\Mirek\Desktop\Dokumenty\Programy\PES6ONLINEvn\CODE\GoalServer6.exe"="C:\Documents and Settings\Mirek\Desktop\Dokumenty\Programy\PES6ONLINEvn\CODE\GoalServer6.exe:*:Enabled:GoalServer6"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Documents and Settings\Mirek\Desktop\Dokumenty\Programy\MIRC_GAMEWAY\mIRC_6.21\mirc.exe"="C:\Documents and Settings\Mirek\Desktop\Dokumenty\Programy\MIRC_GAMEWAY\mIRC_6.21\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\KONAMI\Pro Evolution Soccer 6\PES6.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 6\PES6.exe:*:Disabled:pes6.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - E:\autorun_PES2008.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{34db64a8-a77a-11dd-a378-806d6172696f}]
shell\AutoRun\command - E:\autorun_PES2008.exe
======List of files/folders created in the last 1 months======
2010-02-01 20:31:02 ----D---- C:\Program Files\trend micro
2010-02-01 20:31:01 ----D---- C:\rsit
2010-02-01 19:12:40 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-02-01 19:12:40 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2010-02-01 19:12:40 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2010-02-01 14:18:48 ----D---- C:\Documents and Settings\All Users\Application Data\ConeXware
2010-02-01 10:17:42 ----D---- C:\Program Files\7-Zip
2010-01-28 22:32:09 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-01-28 22:32:08 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-01-28 22:32:08 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-01-28 22:32:07 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-01-28 22:32:07 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-01-28 22:32:07 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-01-28 22:32:06 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-01-28 21:28:21 ----D---- C:\Program Files\Activision
2010-01-27 17:48:10 ----A---- C:\WINDOWS\system32\uxt6.tmp
2010-01-26 21:47:43 ----D---- C:\Documents and Settings\All Users\Application Data\KONAMI
2010-01-23 21:32:45 ----A---- C:\WINDOWS\cFosSpeed_Setup_Log.txt
2010-01-14 10:18:17 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2010-01-13 12:20:49 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-09 18:29:43 ----D---- C:\Program Files\Microsoft Silverlight
======List of files/folders modified in the last 1 months======
2010-02-01 20:31:40 ----D---- C:\Documents and Settings\Mirek\Application Data\uTorrent
2010-02-01 20:31:02 ----RD---- C:\Program Files
2010-02-01 20:31:01 ----D---- C:\WINDOWS\Prefetch
2010-02-01 20:02:52 ----D---- C:\WINDOWS\Temp
2010-02-01 20:00:06 ----D---- C:\WINDOWS\system32
2010-02-01 20:00:06 ----D---- C:\WINDOWS
2010-02-01 20:00:06 ----A---- C:\WINDOWS\msvrc20.dll
2010-02-01 19:47:15 ----D---- C:\download
2010-02-01 19:13:11 ----D---- C:\Program Files\TuneUp Utilities 2009
2010-02-01 19:12:41 ----SHD---- C:\WINDOWS\Installer
2010-02-01 19:12:41 ----HD---- C:\Config.Msi
2010-02-01 19:12:40 ----SD---- C:\WINDOWS\Tasks
2010-02-01 19:04:06 ----D---- C:\Program Files\Mozilla Firefox
2010-02-01 19:02:45 ----D---- C:\Program Files\cFosSpeed
2010-02-01 19:02:23 ----D---- C:\Program Files\WinRAR
2010-02-01 16:16:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-01 12:38:21 ----AC---- C:\WINDOWS\wincmd.ini
2010-01-31 17:34:59 ----D---- C:\Documents and Settings\Mirek\Application Data\ICQ
2010-01-31 11:54:51 ----D---- C:\WINDOWS\system32\Restore
2010-01-31 11:44:29 ----D---- C:\Documents and Settings\Mirek\Application Data\Spyware Terminator
2010-01-30 19:43:37 ----D---- C:\Program Files\KONAMI
2010-01-30 12:54:58 ----D---- C:\Documents and Settings\Mirek\Application Data\Skype
2010-01-30 10:53:08 ----D---- C:\Documents and Settings\Mirek\Application Data\skypePM
2010-01-29 23:39:48 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-29 20:49:50 ----D---- C:\WINDOWS\system32\DirectX
2010-01-29 20:49:49 ----RSD---- C:\WINDOWS\assembly
2010-01-29 12:49:25 ----HD---- C:\WINDOWS\inf
2010-01-28 18:32:07 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-26 21:50:20 ----D---- C:\Program Files\Spyware Terminator
2010-01-23 21:32:15 ----D---- C:\WINDOWS\Debug
2010-01-22 19:00:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-22 19:00:29 ----D---- C:\WINDOWS\system32\en-US
2010-01-22 19:00:29 ----D---- C:\Program Files\Internet Explorer
2010-01-22 19:00:23 ----D---- C:\WINDOWS\ie7updates
2010-01-22 12:00:59 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-16 23:03:39 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-16 23:00:36 ----SHD---- C:\System Volume Information
2010-01-14 10:19:18 ----D---- C:\Program Files\Common Files\Real
2010-01-14 10:19:14 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2010-01-14 10:18:57 ----A---- C:\WINDOWS\system32\pndx5032.dll
2010-01-14 10:18:56 ----A---- C:\WINDOWS\system32\pndx5016.dll
2010-01-14 10:18:21 ----A---- C:\WINDOWS\system32\pncrt.dll
2010-01-13 18:31:41 ----D---- C:\WINDOWS\AppPatch
2010-01-13 12:21:25 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-01-13 12:20:57 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-08 17:11:42 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-01-06 12:11:09 ----D---- C:\Program Files\DkZ Studio
2010-01-05 11:00:29 ----A---- C:\WINDOWS\system32\wininet.dll
2010-01-05 11:00:28 ----A---- C:\WINDOWS\system32\webcheck.dll
2010-01-05 11:00:28 ----A---- C:\WINDOWS\system32\urlmon.dll
2010-01-05 11:00:28 ----A---- C:\WINDOWS\system32\url.dll
2010-01-05 11:00:28 ----A---- C:\WINDOWS\system32\pngfilt.dll
2010-01-05 11:00:28 ----A---- C:\WINDOWS\system32\occache.dll
2010-01-05 11:00:28 ----A---- C:\WINDOWS\system32\mstime.dll
2010-01-05 11:00:27 ----A---- C:\WINDOWS\system32\msrating.dll
2010-01-05 11:00:27 ----A---- C:\WINDOWS\system32\mshtmled.dll
2010-01-05 11:00:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2010-01-05 11:00:25 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-01-05 11:00:24 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-01-05 11:00:24 ----A---- C:\WINDOWS\system32\jsproxy.dll
2010-01-05 11:00:24 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-01-05 11:00:24 ----A---- C:\WINDOWS\system32\iernonce.dll
2010-01-05 11:00:24 ----A---- C:\WINDOWS\system32\iepeers.dll
2010-01-05 11:00:23 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-01-05 11:00:21 ----A---- C:\WINDOWS\system32\ieencode.dll
2010-01-05 11:00:21 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2010-01-05 11:00:21 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-01-05 11:00:21 ----A---- C:\WINDOWS\system32\ieaksie.dll
2010-01-05 11:00:21 ----A---- C:\WINDOWS\system32\ieakeng.dll
2010-01-05 11:00:21 ----A---- C:\WINDOWS\system32\icardie.dll
2010-01-05 11:00:21 ----A---- C:\WINDOWS\system32\extmgr.dll
2010-01-05 11:00:21 ----A---- C:\WINDOWS\system32\dxtrans.dll
2010-01-05 11:00:20 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2010-01-05 11:00:20 ----A---- C:\WINDOWS\system32\corpol.dll
2010-01-05 11:00:20 ----A---- C:\WINDOWS\system32\advpack.dll
2010-01-05 01:17:46 ----AC---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-06-24 34312]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 27656]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 cFosSpeed;cFosSpeed Miniport; C:\WINDOWS\system32\DRIVERS\cfosspeed.sys [2008-07-03 732376]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-10 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-04 4745216]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-08-16 7729568]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-27 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-10 5888]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-17 33792]
S3 a7ebd2ji;a7ebd2ji; C:\WINDOWS\system32\drivers\a7ebd2ji.sys []
S3 ajvrejlj;ajvrejlj; C:\WINDOWS\system32\drivers\ajvrejlj.sys []
S3 Bridge;MAC Bridge; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;MAC Bridge Miniport; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-06-24 38920]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2007-12-27 166520]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 cFosSpeedS;cFosSpeed System Service; C:\Program Files\cFosSpeed\spd.exe [2008-07-03 314584]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-10 237568]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-09-08 450560]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MSSQL$SPZSQL2009;MSSQL$SPZSQL2009; C:\Program Files\Microsoft SQL Server\MSSQL$SPZSQL2009\Binn\sqlservr.exe [2002-12-17 7520337]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-09-08 184320]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-08-17 168004]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-08-31 75064]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-11-02 570880]
R2 Start BT in service;Start BT in service; C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-12-27 51816]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-02-01 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 gupdate1c9f8f75277681c;Služba Google Update (gupdate1c9f8f75277681c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-29 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$SPZSQL2009;SQLAgent$SPZSQL2009; C:\Program Files\Microsoft SQL Server\MSSQL$SPZSQL2009\Binn\sqlagent.EXE [2002-12-17 311872]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-02-01 360192]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Archivy nejdou rozbalit
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Archivy nejdou rozbalit
Log vypadá čistý. Používáte systémový dekomprimátor, či nějaký jiný (WinZip a pod.)?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Archivy nejdou rozbalit
Jj,mám winrar,7zipa a power archivar.ani jedním to nerozbalím,pořád to háže chyby,ale pokaždé jiné.
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Archivy nejdou rozbalit
Udělejte sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Archivy nejdou rozbalit
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3677
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
2.2.2010 11:08:15
mbam-log-2010-02-02 (11-08-08).txt
Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 119107
Uplynulý čas: 5 minute(s), 34 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 1
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> No action taken.
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
C:\WINDOWS\system32\8ehoH5V1.exe.a_a (Trojan.Agent) -> No action taken.
Verze databáze: 3677
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
2.2.2010 11:08:15
mbam-log-2010-02-02 (11-08-08).txt
Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 119107
Uplynulý čas: 5 minute(s), 34 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 1
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> No action taken.
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
C:\WINDOWS\system32\8ehoH5V1.exe.a_a (Trojan.Agent) -> No action taken.
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Archivy nejdou rozbalit
Vše smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Archivy nejdou rozbalit
Smazáno,ale stejně nic!Mockrát děkuju za ty logy i za ostatní! 
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Archivy nejdou rozbalit
Dejte ještě log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Archivy nejdou rozbalit
ComboFix 10-02-03.03 - Mirek 03.02.2010 21:15:58.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.3071.2520 [GMT 1:00]
Spuštěný z: c:\documents and settings\Mirek\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100203-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Mirek\Application Data\inst.exe
c:\program files\Internet Explorer\SET4C.tmp
c:\program files\Internet Explorer\SET50.tmp
c:\program files\Internet Explorer\SET51.tmp
c:\program files\Internet Explorer\SET78.tmp
c:\program files\Internet Explorer\SET7C.tmp
c:\program files\Internet Explorer\SET7D.tmp
c:\program files\Internet Explorer\SETA5.tmp
c:\program files\Internet Explorer\SETA9.tmp
c:\program files\Internet Explorer\SETAA.tmp
c:\windows\kb913800.exe
c:\windows\msvrc20.dll
c:\windows\system32\Thumbs.db
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-03 do 2010-02-03 )))))))))))))))))))))))))))))))
.
2010-02-02 12:39 . 2010-02-02 12:39 -------- d-----w- C:\call2
2010-02-02 11:52 . 2010-02-03 18:19 -------- d-----w- C:\call1
2010-02-02 09:48 . 2010-02-02 09:48 -------- d-----w- c:\documents and settings\Mirek\Application Data\Malwarebytes
2010-02-02 09:48 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-02 09:48 . 2010-02-02 09:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-02-02 09:48 . 2010-02-02 09:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-02 09:48 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-01 19:31 . 2010-02-01 19:31 -------- d-----w- c:\program files\trend micro
2010-02-01 19:31 . 2010-02-01 19:31 -------- d-----w- C:\rsit
2010-02-01 18:12 . 2010-02-01 18:12 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2010-02-01 18:12 . 2010-02-01 18:12 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2010-02-01 18:12 . 2008-12-11 12:31 27904 ----a-w- c:\windows\system32\uxtuneup.dll
2010-02-01 13:18 . 2010-02-01 13:18 -------- d-----w- c:\documents and settings\All Users\Application Data\ConeXware
2010-02-01 09:17 . 2010-02-01 09:17 -------- d-----w- c:\program files\7-Zip
2010-01-28 21:32 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-01-28 21:32 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2010-01-28 21:32 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-01-28 21:32 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-01-28 21:32 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2010-01-28 21:32 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2010-01-28 21:32 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-01-26 20:47 . 2010-01-26 20:47 -------- d-----w- c:\documents and settings\All Users\Application Data\KONAMI
2010-01-09 17:29 . 2010-01-22 08:29 -------- d-----w- c:\program files\Microsoft Silverlight
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-03 20:18 . 2008-11-04 17:38 -------- d-----w- c:\program files\cFosSpeed
2010-02-03 20:11 . 2008-11-02 14:22 -------- d-----w- c:\documents and settings\Mirek\Application Data\ICQ
2010-02-03 17:33 . 2008-11-03 04:31 -------- d-----w- c:\documents and settings\Mirek\Application Data\uTorrent
2010-02-02 18:09 . 2008-11-02 12:38 -------- d-----w- c:\documents and settings\Mirek\Application Data\Spyware Terminator
2010-02-02 18:09 . 2008-11-02 12:38 -------- d-----w- c:\program files\Spyware Terminator
2010-02-02 09:39 . 2009-11-17 18:28 -------- d-----w- c:\program files\TuneUp Utilities 2009
2010-01-30 18:43 . 2009-01-31 11:37 -------- d-----w- c:\program files\KONAMI
2010-01-30 11:54 . 2008-12-12 19:53 -------- d-----w- c:\documents and settings\Mirek\Application Data\Skype
2010-01-30 09:53 . 2008-12-12 19:56 -------- d-----w- c:\documents and settings\Mirek\Application Data\skypePM
2010-01-28 17:32 . 2008-11-01 03:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-16 22:03 . 2008-11-09 10:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-14 09:19 . 2009-06-29 20:23 -------- d-----w- c:\program files\Common Files\Real
2010-01-13 11:21 . 2008-11-17 13:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-08 16:11 . 2008-12-12 19:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-01-06 11:11 . 2009-02-17 18:31 -------- d-----w- c:\program files\DkZ Studio
2010-01-05 10:00 . 2004-08-10 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 10:00 . 2009-06-06 15:06 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 10:00 . 2004-08-10 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-29 16:28 . 2009-07-15 16:34 -------- d-----w- c:\program files\ICQ6.5
2009-12-27 21:59 . 2008-11-02 12:38 -------- d-----w- c:\program files\Crawler
2009-12-26 17:57 . 2008-11-02 12:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-12-21 16:42 . 2009-12-14 15:54 -------- d-----w- c:\documents and settings\Mirek\Application Data\HpUpdate
2009-12-16 19:33 . 2009-12-16 19:32 -------- d-----w- c:\documents and settings\All Users\Application Data\SweetIM
2009-12-16 19:33 . 2009-12-16 19:32 -------- d-----w- c:\program files\SweetIM
2009-12-14 16:01 . 2009-12-14 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2009-12-14 15:58 . 2009-01-06 14:00 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT
2009-12-14 15:54 . 2008-11-02 03:35 -------- d-----w- c:\program files\HP
2009-12-14 15:52 . 2008-11-02 12:23 -------- d-----w- c:\documents and settings\Mirek\Application Data\Image Zone Express
2009-12-14 10:22 . 2008-11-20 14:55 -------- d-----w- c:\documents and settings\Mirek\Application Data\Vso
2009-12-12 18:50 . 2009-02-28 18:24 -------- d-----w- c:\program files\GRETECH
2009-11-24 23:54 . 2008-11-01 03:34 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2008-11-01 03:35 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2008-11-01 03:35 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2008-11-01 03:35 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2008-11-01 03:35 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2008-11-01 03:35 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 15:51 . 2009-12-27 22:00 1206508 ----a-w- c:\windows\AppPatch\SETE4.tmp
2009-11-21 15:51 . 2004-08-10 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 15:15 1345336 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Miranda IM"="c:\documents and settings\Mirek\Desktop\Dokumenty\Miruna\Miranda IM Bagr pack\miranda32.exe" [2007-10-19 550996]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-11-02 1783808]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"Microsoft Office Outlook"=c:\progra~1\MICROS~2\Office12\OUTLOOK.EXE /recycle
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" -autorun
"Miranda IM"=c:\documents and settings\Mirek\Desktop\Dokumenty\Miruna\Miranda IM Bagr pack\miranda32.exe
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"cFosSpeed"=c:\program files\cFosSpeed\cFosSpeed.exe
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_01\bin\jusched.exe"
"ehTray"=c:\windows\ehome\ehtray.exe
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /install
"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"USB Storage Toolbox"=c:\program files\USB Disk Win98 Driver\Res.EXE
"amd_dc_opt"=c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
"Alcmtr"=ALCMTR.EXE
"RTHDCPL"=RTHDCPL.EXE
"SweetIM"=c:\program files\SweetIM\Messenger\SweetIM.exe
"SMail"="c:\program files\Seznam\Postak\Postak.exe"
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Documents and Settings\\Mirek\\Desktop\\Dokumenty\\Miruna\\Miranda IM Bagr pack\\miranda32.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Alcohol Soft\\Alcohol 120\\Alcohol.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Documents and Settings\\Mirek\\Desktop\\Dokumenty\\Mirunovič\\mIRC_6.21\\mirc.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Documents and Settings\\Mirek\\Desktop\\Dokumenty\\Programy\\PES6ONLINEvn\\CODE\\GoalServer6.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre1.6.0_01\\bin\\javaw.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\Mirek\\Desktop\\Dokumenty\\Programy\\MIRC_GAMEWAY\\mIRC_6.21\\mirc.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3478:UDP"= 3478:UDP:stun
"3479:UDP"= 3479:UDP:stun 2
"6112:UDP"= 6112:UDP:stun 3
"5730:UDP"= 5730:UDP:game
"5739:UDP"= 5739:UDP:game 1
"9001:TCP"= 9001:TCP:game 2
"11881:TCP"= 11881:TCP:game 3
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [1.11.2008 4:35 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2.11.2008 13:38 141312]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.11.2008 4:35 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2.11.2008 15:22 222968]
R2 MSSQL$SPZSQL2009;MSSQL$SPZSQL2009;c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2009\Binn\sqlservr.exe -sSPZSQL2009 --> c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2009\Binn\sqlservr.exe -sSPZSQL2009 [?]
R2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [27.12.2007 15:39 51816]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2.11.2008 13:34 717296]
S2 gupdate1c9f8f75277681c;Služba Google Update (gupdate1c9f8f75277681c);c:\program files\Google\Update\GoogleUpdate.exe [29.6.2009 21:22 133104]
S3 SQLAgent$SPZSQL2009;SQLAgent$SPZSQL2009;c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2009\Binn\sqlagent.EXE -i SPZSQL2009 --> c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2009\Binn\sqlagent.EXE -i SPZSQL2009 [?]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [28.1.2009 21:30 23600]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-02-03 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
2010-02-03 c:\windows\Tasks\Advanced WindowsCare V2 Pro.job
- c:\program files\IObit\Advanced WindowsCare V2 Pro\AutoCare.exe [2009-02-18 16:49]
2010-02-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-02-03 c:\windows\Tasks\AwcProUpdate.job
- c:\program files\IObit\Advanced WindowsCare V2 Pro\AutoUpdate.exe [2009-02-18 15:47]
2010-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 20:22]
2010-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 20:22]
2010-02-03 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://home.sweetim.com
uInternet Settings,ProxyOverride = *.local
IE: Add to AMV Convert Tool... - c:\program files\MP3 Player Utilities 4.00\AMVConverter\grab.html
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.00\MediaManager\grab.html
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
LSP: %SYSTEMROOT%\system32\nvLsp.dll
TCP: {ED1C9A12-3658-4439-9CFF-A4B04B1BA579} = 212.96.161.6,212.96.160.1
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Mirek\Application Data\Mozilla\Firefox\Profiles\g2az8zit.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\progra~1\Crawler\firefox\components\xcomm.dll
FF - component: c:\progra~1\Crawler\firefox\components\xshared.dll
FF - component: c:\progra~1\Crawler\firefox\components\xsupport.dll
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 600000
FF - user.js: nglayout.initialpaint.delay - 600
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-03 21:18
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1004336348-1645522239-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:fc,a3,1a,0b,34,28,3f,55,f5,ce,44,71,29,ab,a8,fa,fd,2b,7e,ed,4a,3b,23,
a7,1c,7a,7e,67,26,33,a8,36,31,e6,98,17,9c,9b,d0,46,a2,db,9f,a8,38,07,bd,ca,\
"??"=hex:a5,49,32,6b,94,8c,7f,7f,a5,b7,23,68,a8,af,7c,dd
[HKEY_USERS\S-1-5-21-1004336348-1645522239-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:b7,91,0e,8b,e2,8f,90,01,5f,74,54,60,47,a0,07,27,b3,87,15,a7,44,
55,ac,62,f2,3f,21,f0,08,58,ab,a5,6c,03,4e,21,e9,ea,56,ac,21,b6,49,e0,af,35,\
"rkeysecu"=hex:e8,a0,6c,1f,ee,3e,c8,ae,9f,52,55,e8,8b,ff,3d,a3
.
Celkový čas: 2010-02-03 21:20:30
ComboFix-quarantined-files.txt 2010-02-03 20:20
Před spuštěním: 27 198 640 128 bytes free
Po spuštění: Volných bajtů: 27 197 288 448
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect /usepmtimer
- - End Of File - - AEA5986DBA00AE4C2CC3E0D951E3484E
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1033.18.3071.2520 [GMT 1:00]
Spuštěný z: c:\documents and settings\Mirek\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100203-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Mirek\Application Data\inst.exe
c:\program files\Internet Explorer\SET4C.tmp
c:\program files\Internet Explorer\SET50.tmp
c:\program files\Internet Explorer\SET51.tmp
c:\program files\Internet Explorer\SET78.tmp
c:\program files\Internet Explorer\SET7C.tmp
c:\program files\Internet Explorer\SET7D.tmp
c:\program files\Internet Explorer\SETA5.tmp
c:\program files\Internet Explorer\SETA9.tmp
c:\program files\Internet Explorer\SETAA.tmp
c:\windows\kb913800.exe
c:\windows\msvrc20.dll
c:\windows\system32\Thumbs.db
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-03 do 2010-02-03 )))))))))))))))))))))))))))))))
.
2010-02-02 12:39 . 2010-02-02 12:39 -------- d-----w- C:\call2
2010-02-02 11:52 . 2010-02-03 18:19 -------- d-----w- C:\call1
2010-02-02 09:48 . 2010-02-02 09:48 -------- d-----w- c:\documents and settings\Mirek\Application Data\Malwarebytes
2010-02-02 09:48 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-02 09:48 . 2010-02-02 09:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-02-02 09:48 . 2010-02-02 09:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-02 09:48 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-01 19:31 . 2010-02-01 19:31 -------- d-----w- c:\program files\trend micro
2010-02-01 19:31 . 2010-02-01 19:31 -------- d-----w- C:\rsit
2010-02-01 18:12 . 2010-02-01 18:12 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2010-02-01 18:12 . 2010-02-01 18:12 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2010-02-01 18:12 . 2008-12-11 12:31 27904 ----a-w- c:\windows\system32\uxtuneup.dll
2010-02-01 13:18 . 2010-02-01 13:18 -------- d-----w- c:\documents and settings\All Users\Application Data\ConeXware
2010-02-01 09:17 . 2010-02-01 09:17 -------- d-----w- c:\program files\7-Zip
2010-01-28 21:32 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-01-28 21:32 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2010-01-28 21:32 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-01-28 21:32 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-01-28 21:32 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2010-01-28 21:32 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2010-01-28 21:32 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-01-26 20:47 . 2010-01-26 20:47 -------- d-----w- c:\documents and settings\All Users\Application Data\KONAMI
2010-01-09 17:29 . 2010-01-22 08:29 -------- d-----w- c:\program files\Microsoft Silverlight
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-03 20:18 . 2008-11-04 17:38 -------- d-----w- c:\program files\cFosSpeed
2010-02-03 20:11 . 2008-11-02 14:22 -------- d-----w- c:\documents and settings\Mirek\Application Data\ICQ
2010-02-03 17:33 . 2008-11-03 04:31 -------- d-----w- c:\documents and settings\Mirek\Application Data\uTorrent
2010-02-02 18:09 . 2008-11-02 12:38 -------- d-----w- c:\documents and settings\Mirek\Application Data\Spyware Terminator
2010-02-02 18:09 . 2008-11-02 12:38 -------- d-----w- c:\program files\Spyware Terminator
2010-02-02 09:39 . 2009-11-17 18:28 -------- d-----w- c:\program files\TuneUp Utilities 2009
2010-01-30 18:43 . 2009-01-31 11:37 -------- d-----w- c:\program files\KONAMI
2010-01-30 11:54 . 2008-12-12 19:53 -------- d-----w- c:\documents and settings\Mirek\Application Data\Skype
2010-01-30 09:53 . 2008-12-12 19:56 -------- d-----w- c:\documents and settings\Mirek\Application Data\skypePM
2010-01-28 17:32 . 2008-11-01 03:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-16 22:03 . 2008-11-09 10:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-01-14 09:19 . 2009-06-29 20:23 -------- d-----w- c:\program files\Common Files\Real
2010-01-13 11:21 . 2008-11-17 13:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-08 16:11 . 2008-12-12 19:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-01-06 11:11 . 2009-02-17 18:31 -------- d-----w- c:\program files\DkZ Studio
2010-01-05 10:00 . 2004-08-10 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-05 10:00 . 2009-06-06 15:06 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 10:00 . 2004-08-10 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-29 16:28 . 2009-07-15 16:34 -------- d-----w- c:\program files\ICQ6.5
2009-12-27 21:59 . 2008-11-02 12:38 -------- d-----w- c:\program files\Crawler
2009-12-26 17:57 . 2008-11-02 12:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-12-21 16:42 . 2009-12-14 15:54 -------- d-----w- c:\documents and settings\Mirek\Application Data\HpUpdate
2009-12-16 19:33 . 2009-12-16 19:32 -------- d-----w- c:\documents and settings\All Users\Application Data\SweetIM
2009-12-16 19:33 . 2009-12-16 19:32 -------- d-----w- c:\program files\SweetIM
2009-12-14 16:01 . 2009-12-14 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2009-12-14 15:58 . 2009-01-06 14:00 20 ---h--w- c:\documents and settings\All Users\Application Data\PKP_DLdu.DAT
2009-12-14 15:54 . 2008-11-02 03:35 -------- d-----w- c:\program files\HP
2009-12-14 15:52 . 2008-11-02 12:23 -------- d-----w- c:\documents and settings\Mirek\Application Data\Image Zone Express
2009-12-14 10:22 . 2008-11-20 14:55 -------- d-----w- c:\documents and settings\Mirek\Application Data\Vso
2009-12-12 18:50 . 2009-02-28 18:24 -------- d-----w- c:\program files\GRETECH
2009-11-24 23:54 . 2008-11-01 03:34 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2008-11-01 03:35 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:49 . 2008-11-01 03:35 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2008-11-01 03:35 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2008-11-01 03:35 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2008-11-01 03:35 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 15:51 . 2009-12-27 22:00 1206508 ----a-w- c:\windows\AppPatch\SETE4.tmp
2009-11-21 15:51 . 2004-08-10 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 15:15 1345336 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Miranda IM"="c:\documents and settings\Mirek\Desktop\Dokumenty\Miruna\Miranda IM Bagr pack\miranda32.exe" [2007-10-19 550996]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-11-02 1783808]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"Microsoft Office Outlook"=c:\progra~1\MICROS~2\Office12\OUTLOOK.EXE /recycle
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" -autorun
"Miranda IM"=c:\documents and settings\Mirek\Desktop\Dokumenty\Miruna\Miranda IM Bagr pack\miranda32.exe
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"cFosSpeed"=c:\program files\cFosSpeed\cFosSpeed.exe
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_01\bin\jusched.exe"
"ehTray"=c:\windows\ehome\ehtray.exe
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /install
"SpywareTerminator"="c:\progra~1\SPYWAR~1\SpywareTerminatorShield.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"USB Storage Toolbox"=c:\program files\USB Disk Win98 Driver\Res.EXE
"amd_dc_opt"=c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
"Alcmtr"=ALCMTR.EXE
"RTHDCPL"=RTHDCPL.EXE
"SweetIM"=c:\program files\SweetIM\Messenger\SweetIM.exe
"SMail"="c:\program files\Seznam\Postak\Postak.exe"
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Documents and Settings\\Mirek\\Desktop\\Dokumenty\\Miruna\\Miranda IM Bagr pack\\miranda32.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Alcohol Soft\\Alcohol 120\\Alcohol.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Documents and Settings\\Mirek\\Desktop\\Dokumenty\\Mirunovič\\mIRC_6.21\\mirc.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Documents and Settings\\Mirek\\Desktop\\Dokumenty\\Programy\\PES6ONLINEvn\\CODE\\GoalServer6.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Java\\jre1.6.0_01\\bin\\javaw.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Documents and Settings\\Mirek\\Desktop\\Dokumenty\\Programy\\MIRC_GAMEWAY\\mIRC_6.21\\mirc.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3478:UDP"= 3478:UDP:stun
"3479:UDP"= 3479:UDP:stun 2
"6112:UDP"= 6112:UDP:stun 3
"5730:UDP"= 5730:UDP:game
"5739:UDP"= 5739:UDP:game 1
"9001:TCP"= 9001:TCP:game 2
"11881:TCP"= 11881:TCP:game 3
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [1.11.2008 4:35 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2.11.2008 13:38 141312]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.11.2008 4:35 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2.11.2008 15:22 222968]
R2 MSSQL$SPZSQL2009;MSSQL$SPZSQL2009;c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2009\Binn\sqlservr.exe -sSPZSQL2009 --> c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2009\Binn\sqlservr.exe -sSPZSQL2009 [?]
R2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [27.12.2007 15:39 51816]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2.11.2008 13:34 717296]
S2 gupdate1c9f8f75277681c;Služba Google Update (gupdate1c9f8f75277681c);c:\program files\Google\Update\GoogleUpdate.exe [29.6.2009 21:22 133104]
S3 SQLAgent$SPZSQL2009;SQLAgent$SPZSQL2009;c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2009\Binn\sqlagent.EXE -i SPZSQL2009 --> c:\program files\Microsoft SQL Server\MSSQL$SPZSQL2009\Binn\sqlagent.EXE -i SPZSQL2009 [?]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [28.1.2009 21:30 23600]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-02-03 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
2010-02-03 c:\windows\Tasks\Advanced WindowsCare V2 Pro.job
- c:\program files\IObit\Advanced WindowsCare V2 Pro\AutoCare.exe [2009-02-18 16:49]
2010-02-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-02-03 c:\windows\Tasks\AwcProUpdate.job
- c:\program files\IObit\Advanced WindowsCare V2 Pro\AutoUpdate.exe [2009-02-18 15:47]
2010-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 20:22]
2010-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-29 20:22]
2010-02-03 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://home.sweetim.com
uInternet Settings,ProxyOverride = *.local
IE: Add to AMV Convert Tool... - c:\program files\MP3 Player Utilities 4.00\AMVConverter\grab.html
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.00\MediaManager\grab.html
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
LSP: %SYSTEMROOT%\system32\nvLsp.dll
TCP: {ED1C9A12-3658-4439-9CFF-A4B04B1BA579} = 212.96.161.6,212.96.160.1
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Mirek\Application Data\Mozilla\Firefox\Profiles\g2az8zit.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - component: c:\progra~1\Crawler\firefox\components\xcomm.dll
FF - component: c:\progra~1\Crawler\firefox\components\xshared.dll
FF - component: c:\progra~1\Crawler\firefox\components\xsupport.dll
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 600000
FF - user.js: nglayout.initialpaint.delay - 600
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-03 21:18
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1004336348-1645522239-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:fc,a3,1a,0b,34,28,3f,55,f5,ce,44,71,29,ab,a8,fa,fd,2b,7e,ed,4a,3b,23,
a7,1c,7a,7e,67,26,33,a8,36,31,e6,98,17,9c,9b,d0,46,a2,db,9f,a8,38,07,bd,ca,\
"??"=hex:a5,49,32,6b,94,8c,7f,7f,a5,b7,23,68,a8,af,7c,dd
[HKEY_USERS\S-1-5-21-1004336348-1645522239-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:b7,91,0e,8b,e2,8f,90,01,5f,74,54,60,47,a0,07,27,b3,87,15,a7,44,
55,ac,62,f2,3f,21,f0,08,58,ab,a5,6c,03,4e,21,e9,ea,56,ac,21,b6,49,e0,af,35,\
"rkeysecu"=hex:e8,a0,6c,1f,ee,3e,c8,ae,9f,52,55,e8,8b,ff,3d,a3
.
Celkový čas: 2010-02-03 21:20:30
ComboFix-quarantined-files.txt 2010-02-03 20:20
Před spuštěním: 27 198 640 128 bytes free
Po spuštění: Volných bajtů: 27 197 288 448
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect /usepmtimer
- - End Of File - - AEA5986DBA00AE4C2CC3E0D951E3484E
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Archivy nejdou rozbalit
Několik položek bylo smazáno, zbytek logu vypadá čistý. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Archivy nejdou rozbalit
No,zdá se,že by to mohlo být v pořádku!I se mi zdá,že PC chodí nějak rychleji!Moc,moc děkuji!!!Pošlu příspěvek. 
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Archivy nejdou rozbalit
Nemáte zač a za příspěvek děkujeme!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?