Kontrola logu..........Seká se notebook

Zpráva

Sykoriam · #1 Příspěvek od **Sykoriam** » 27 led 2010 15:06

Dobrý den,
V poslední době se mi často seká Notebook. Vše probíhá tak, že notebook zapnu ten v pohodě běží 30-60 min. a najednou se všechno kousne....nefunguje nic, ani správce úloh....jediná možnost je ho natvrdo vypnout....A také se mi kdysi objevovala tabulka o tom že jsou problémy s HDD...někdy také nedokončí CHKDSK, prostě se zasekne....Mohli byste poradit????

Zde je log:

ComboFix 10-01-24.05 - Mates 25.01.2010 15:42:44.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3066.2229 [GMT 1:00]
Spuštěný z: c:\users\Mates\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ICQ6.5\ICQLRun.exe
c:\program files\Search Settings
c:\program files\Search Settings\kb128\SearchSettings.dll
c:\program files\Search Settings\kb128\SearchSettingsRes409.dll
c:\program files\Search Settings\SearchSettings.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\LINKMAGIC.lnk
c:\recycler\S-1-5-21-1085031214-1957994488-725345543-1003
c:\users\Mates\AppData\Roaming\inst.exe
c:\users\Mates\Documents\cc_20091223_130512.reg
c:\windows\Suyin.reg
c:\windows\system32\bcmwl6.inf
c:\windows\system32\SIntf16.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-25 do 2010-01-25 )))))))))))))))))))))))))))))))
.

2010-01-25 14:58 . 2010-01-25 14:59 -------- d-----w- c:\users\Mates\AppData\Local\temp
2010-01-25 14:58 . 2010-01-25 14:58 -------- d-----w- c:\users\Guest\AppData\Local\temp
2010-01-25 14:58 . 2010-01-25 14:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-01-25 14:42 . 2010-01-25 14:42 -------- d-----w- c:\users\Mates\AppData\Local\ESET
2010-01-23 16:40 . 2010-01-23 16:40 -------- d-----w- c:\windows\system32\Uniblue
2010-01-22 18:59 . 2010-01-23 21:26 -------- d-----w- c:\program files\ESET
2010-01-22 18:42 . 2009-09-02 09:20 652 ----a-w- c:\windows\FIX.reg
2010-01-22 18:42 . 2008-11-01 12:23 280 ----a-w- c:\windows\reset.reg
2010-01-22 15:42 . 2008-01-21 02:24 9216 -c--a-w- c:\programdata\Microsoft\Windows\WER\ReportQueue\Report02eafb4f\LogonUI.exe
2010-01-22 15:14 . 2008-07-31 09:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2010-01-22 15:14 . 2008-07-31 09:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2010-01-22 15:14 . 2008-07-31 09:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2010-01-22 15:14 . 2008-07-12 07:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2010-01-22 15:14 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2010-01-22 15:14 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2010-01-19 16:10 . 2010-01-19 17:43 -------- d-----w- c:\programdata\POPWWPROFILES
2010-01-19 15:41 . 2010-01-19 15:41 -------- d-----w- C:\QIP
2010-01-19 15:40 . 2010-01-19 15:42 -------- d-----w- c:\program files\QIP Infium
2010-01-19 15:05 . 2008-07-01 12:16 388096 ----a-w- c:\windows\system32\netr28.sys
2010-01-19 15:05 . 2008-07-01 12:13 217088 ----a-w- c:\windows\system32\RaCoInst.dll
2010-01-19 15:05 . 2008-07-01 12:13 14028 ----a-w- c:\windows\system32\RaCoInst.dat
2010-01-19 15:05 . 2010-01-19 15:05 -------- d-----w- c:\programdata\Ralink
2010-01-19 15:04 . 2008-04-23 16:19 442368 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-01-19 15:03 . 2010-01-19 15:03 -------- d-----w- c:\program files\Broadcom
2010-01-19 14:52 . 2010-01-19 14:52 -------- d-----w- c:\programdata\Broadcom
2010-01-19 14:45 . 2008-03-18 10:36 54824 ------w- c:\windows\system32\agrsmdel.exe
2010-01-19 14:45 . 2007-12-11 10:40 13312 ------w- c:\windows\system32\agrscoin.dll
2010-01-19 14:45 . 2010-01-19 14:45 -------- d-----w- c:\program files\Apoint2K
2010-01-19 14:40 . 2010-01-19 14:40 -------- d-----w- c:\windows\Options
2010-01-19 14:40 . 2010-01-19 14:40 -------- d-----w- c:\program files\Atheros
2010-01-19 14:40 . 2008-08-14 17:37 921600 ----a-w- c:\windows\system32\athr.sys
2010-01-19 14:39 . 2010-01-19 14:39 -------- d-----w- c:\programdata\Atheros
2010-01-19 14:31 . 2008-01-31 22:14 166448 ----a-w- c:\windows\system32\drivers\Apfiltr.sys
2010-01-19 14:31 . 2008-01-19 15:53 100546 ----a-w- c:\windows\system32\Vxdif.dll
2010-01-18 17:25 . 2010-01-19 15:59 -------- d-----w- C:\dell
2010-01-14 16:14 . 2008-12-04 00:25 120832 ----a-w- c:\users\Mates\AppData\Roaming\Mozilla\Firefox\Profiles\y3zw9ejq.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}\plugins\npietab.dll
2010-01-14 16:01 . 2010-01-14 16:20 -------- d-----w- c:\program files\Windows Live Safety Center
2010-01-13 15:39 . 2010-01-24 18:10 -------- d-----w- c:\users\Mates\AppData\Roaming\Winamp
2010-01-13 15:39 . 2010-01-13 15:40 -------- d-----w- c:\program files\Winamp
2010-01-13 13:58 . 2010-01-13 13:58 -------- d-----w- c:\programdata\POP3Profiles
2010-01-13 05:20 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 05:20 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-09 18:27 . 2009-01-16 02:27 11264 ----a-w- c:\windows\system32\atimuixx.dll
2010-01-09 18:19 . 2010-01-09 18:19 -------- d-----w- C:\ATI
2010-01-09 18:13 . 2010-01-09 18:13 49408000 ----a-w- c:\users\Mates\AppData\Roaming\Uniblue\DriverScanner\Download\hdaudio_func_01_ven_1002_dev_aa015_00_60000_52.exe
2010-01-09 17:27 . 2009-07-06 03:18 2644135 -c--a-w- c:\programdata\{8A09CD83-59E1-4DB1-AAFC-E25174FC6706}\Uniblue DiskRescue.exe
2010-01-09 17:27 . 2009-07-06 03:23 2653048 -c--a-w- c:\programdata\{66E2F539-12B6-4870-A500-7689CDE75C5E}\DriverScanner_Setup.exe
2010-01-09 17:27 . 2008-09-10 15:22 836880 -c--a-w- c:\programdata\{8A09CD83-59E1-4DB1-AAFC-E25174FC6706}\UniblueDiskRescue\B4B74A3\3826204\UBDefrag.DLL
2010-01-09 17:26 . 2008-11-14 13:32 774144 -c--a-w- c:\programdata\{66E2F539-12B6-4870-A500-7689CDE75C5E}\driverscanner\3FBA627D\1A9B0B16\ScanPluginView.dll
2010-01-09 17:23 . 2010-01-09 17:27 -------- dc-h--w- c:\programdata\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2010-01-09 15:28 . 2009-07-06 03:40 2838454 -c--a-w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\speedupmypc2009.exe
2010-01-09 15:28 . 2009-04-29 09:45 845128 -c--a-w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\SpeedUpMyPC2009\58D97068\B74607BA\System.Data.SQLite.dll
2010-01-09 15:28 . 2009-04-29 09:45 771368 -c--a-w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\SpeedUpMyPC2009\9966075F\B74607BA\UBSysMan.dll
2010-01-09 15:28 . 2009-04-29 09:45 54608 -c--a-w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\SpeedUpMyPC2009\D720648F\B74607BA\Interop.IWshRuntimeLibrary.dll
2010-01-09 15:28 . 2009-04-29 09:45 519168 -c--a-w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\SpeedUpMyPC2009\78B94F67\B74607BA\IsLicense40.dll
2010-01-09 15:28 . 2009-04-29 09:45 474408 -c--a-w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\SpeedUpMyPC2009\62A3297F\B74607BA\AvalonCommon.dll
2010-01-09 15:28 . 2009-04-29 09:45 395048 -c--a-w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\SpeedUpMyPC2009\C77843B\B74607BA\SUMPBackend.dll
2010-01-09 15:28 . 2009-04-29 09:45 345008 -c--a-w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\SpeedUpMyPC2009\4BF757A\B74607BA\IsLicense30.dll
2010-01-09 15:28 . 2009-04-29 09:45 236840 -c--a-w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\SpeedUpMyPC2009\683B013A\B74607BA\PowerSuiteBackendUtils.dll
2010-01-09 15:28 . 2009-04-29 09:45 197968 -c--a-w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\SpeedUpMyPC2009\6A0591D6\B74607BA\ICSharpCode.SharpZipLib.dll
2010-01-09 15:28 . 2009-04-29 09:45 614696 -c--a-w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\SpeedUpMyPC2009\7AEFAE8C\B74607BA\Launcher.exe
2010-01-09 15:28 . 2009-04-29 09:45 1250600 -c--a-w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}\SpeedUpMyPC2009\B430549D\B74607BA\SUMP.exe
2010-01-09 15:27 . 2010-01-09 15:28 -------- dc-h--w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2010-01-09 11:14 . 2010-01-09 11:16 3175784 ----a-w- c:\users\Mates\AppData\Roaming\Uniblue\RegistryBooster 2010\_temp\ub.exe
2010-01-09 10:50 . 2010-01-09 17:27 -------- d-----w- c:\program files\Uniblue
2010-01-06 15:02 . 2010-01-09 17:34 -------- d-----w- c:\users\Mates\AppData\Roaming\Uniblue
2010-01-06 14:57 . 2010-01-06 14:57 -------- d-----w- c:\programdata\Vso
2010-01-06 14:31 . 2010-01-06 14:31 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-01-06 14:31 . 2010-01-06 14:31 47360 ----a-w- c:\users\Mates\AppData\Roaming\pcouffin.sys
2010-01-06 14:31 . 2010-01-06 15:29 -------- d-----w- c:\users\Mates\AppData\Roaming\Vso
2010-01-06 14:30 . 2010-01-06 14:30 -------- d-----w- c:\program files\VSO

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-25 14:57 . 2009-07-21 05:44 -------- d-----w- c:\program files\ICQ6.5
2010-01-25 14:46 . 2008-05-20 04:12 602086 ----a-w- c:\windows\system32\perfh005.dat
2010-01-25 14:46 . 2008-05-20 04:12 116182 ----a-w- c:\windows\system32\perfc005.dat
2010-01-25 14:37 . 2009-05-31 20:04 12 ----a-w- c:\windows\bthservsdp.dat
2010-01-25 14:37 . 2009-06-06 14:24 -------- d-----w- c:\users\Mates\AppData\Roaming\uTorrent
2010-01-25 14:36 . 2009-06-06 17:03 -------- d-----w- c:\users\Mates\AppData\Roaming\Skype
2010-01-25 14:22 . 2009-08-17 12:04 -------- d-----w- c:\program files\NetSoftware
2010-01-23 18:22 . 2009-08-08 09:08 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-01-23 13:03 . 2009-11-29 20:20 1356 ----a-w- c:\users\Mates\AppData\Local\d3d9caps.dat
2010-01-22 22:16 . 2009-06-09 20:04 -------- d-----w- c:\program files\Moje Aplikace
2010-01-22 21:37 . 2009-05-31 20:23 -------- d-----w- c:\programdata\eSobi
2010-01-22 21:36 . 2009-06-06 17:37 -------- d-----w- c:\users\Mates\AppData\Roaming\eSobi
2010-01-22 14:53 . 2008-05-19 18:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-22 10:28 . 2009-09-02 16:50 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-20 14:24 . 2009-08-08 08:34 -------- d-----w- c:\program files\IObit
2010-01-19 14:50 . 2009-05-31 20:07 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-01-19 14:45 . 2010-01-19 14:45 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2010-01-18 21:39 . 2009-06-21 14:18 -------- d-----w- c:\users\Mates\AppData\Roaming\BSplayer Pro
2010-01-17 23:07 . 2009-06-07 08:11 -------- d-----w- c:\users\Mates\AppData\Roaming\skypePM
2010-01-16 08:10 . 2009-06-17 18:52 58 ----a-w- c:\windows\system32\sp701asm.dat
2010-01-14 17:20 . 2010-01-09 17:26 -------- d-----w- c:\programdata\DriverScanner
2010-01-14 10:12 . 2009-10-02 23:35 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-13 15:36 . 2009-06-07 11:34 -------- d-----w- c:\program files\Ubisoft
2010-01-13 13:58 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-01-10 10:14 . 2009-05-31 20:04 -------- d-----w- c:\program files\ATI
2010-01-09 17:27 . 2010-01-09 17:26 -------- dc-h--w- c:\programdata\{8A09CD83-59E1-4DB1-AAFC-E25174FC6706}
2010-01-08 14:18 . 2009-08-09 11:13 -------- d-----w- c:\program files\Záloha
2010-01-06 15:18 . 2009-06-06 20:17 952 --sha-w- c:\programdata\KGyGaAvL.sys
2010-01-06 15:18 . 2009-06-06 20:17 952 --sha-w- c:\programdata\KGyGaAvL.sys
2010-01-04 17:02 . 2009-11-21 08:59 -------- d-----w- c:\users\Mates\AppData\Roaming\Any Video Converter
2010-01-04 17:02 . 2009-11-17 10:29 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-01-04 16:37 . 2009-11-15 13:21 -------- d-----w- c:\users\Mates\AppData\Roaming\Software Informer
2010-01-02 06:38 . 2010-01-22 14:26 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 14:26 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-01-22 14:26 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-01-22 14:26 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-24 10:53 . 2009-11-29 10:41 -------- d-----w- c:\users\Mates\AppData\Roaming\Nero
2009-12-16 09:50 . 2009-12-12 10:08 -------- d-----w- c:\users\Guest\AppData\Roaming\Ice Age 2
2009-12-14 15:44 . 2009-12-10 14:20 -------- d-----w- c:\users\Mates\AppData\Roaming\Ice Age 2
2009-12-10 15:16 . 2009-06-11 15:24 -------- d-----w- c:\users\Guest\AppData\Roaming\Nero
2009-12-10 15:15 . 2009-06-11 15:24 130736 ----a-w- c:\users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-10 14:19 . 2009-12-10 14:19 1 ----a-w- C:\DXOkay.bin
2009-12-08 19:30 . 2009-12-08 19:30 -------- d-----w- c:\users\Mates\AppData\Roaming\XRay Engine
2009-12-04 17:36 . 2009-06-06 14:24 -------- d-----w- c:\program files\uTorrent
2009-11-29 19:49 . 2009-06-14 12:15 -------- d-----w- c:\program files\VDOWNLOADER
2009-11-29 19:44 . 2009-05-31 20:05 130736 ----a-w- c:\users\Mates\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-29 19:34 . 2009-06-06 17:45 -------- d-----w- c:\program files\Microsoft Works
2009-11-29 10:39 . 2009-06-06 18:11 -------- d-----w- c:\programdata\Nero
2009-11-29 10:31 . 2009-06-06 18:11 -------- d-----w- c:\program files\Common Files\Nero
2009-11-29 10:10 . 2009-11-29 09:49 -------- d-----w- c:\program files\Nero
2009-11-16 20:29 . 2009-11-16 18:13 53319 ----a-w- c:\programdata\Temp\{8C20787A-7402-4FA7-BF25-6E5750930FDC}\PostBuild.exe
2009-11-16 18:28 . 2009-11-16 12:24 53319 ----a-w- c:\programdata\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2009-11-16 09:51 . 2009-11-16 09:51 22528 ----a-r- c:\users\Mates\AppData\Roaming\Microsoft\Installer\{1F8FB0FA-6FF2-4B2F-BE2F-7266AFB0895D}\IconC5EEDCDA.exe
2009-11-09 18:00 . 2009-11-17 10:29 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-11-09 12:31 . 2009-12-09 14:13 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-09 14:13 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-09 14:13 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-11-06 21:00 . 2009-11-06 21:00 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-10-29 09:17 . 2009-11-25 02:01 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-28 19:02 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-08-17 12:05 . 2009-08-17 12:05 61440 ----a-w- c:\program files\mozilla firefox\components\gemgecko.dll
2009-10-05 17:34 . 2009-10-25 12:48 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-06-01 11:42 . 2009-06-01 11:42 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}"= "c:\users\Mates\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll" [2009-10-05 150768]

[HKEY_CLASSES_ROOT\clsid\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO.1]
[HKEY_CLASSES_ROOT\qipbar.QIPBHO]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
2009-10-05 17:34 150768 ----a-w- c:\users\Mates\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2008-09-01 13:31 98328 ----a-w- c:\program files\Nero\Nero 9\InCD\NBHshx.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\utorrent.exe" [2010-01-10 289584]
"infium.exe"="c:\program files\QIP Infium\infium.exe" [2009-10-08 5662720]
"Skype.exe"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-07-25 875016]
"daemon.exe"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1037608]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-04 417792]
"NetSoftware"="c:\program files\NetSoftware\Starter.exe" [2009-10-19 94208]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-10-28 141600]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-12-22 38840]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-12-21 640440]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-09-01 75048]
"NBHGui"="c:\program files\Nero\Nero 9\InCD\NBHGui.exe" [2008-09-01 2079256]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-01-24 159744]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]
2008-04-06 20:42 34040 ----a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2009-05-31 20:04 24064 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-01-21 10:17 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):84,52,14,2d,08,02,ca,01

R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [14.5.2009 15:47 107256]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/11/16 19:35];c:\program files\CyberLink\PowerDVD9\000.fcl [1.9.2009 16:59 87536]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3.3.2008 12:11 16384]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 15:47 731840]
R2 epfwwfpr;epfwwfpr;c:\windows\System32\drivers\epfwwfpr.sys [14.5.2009 15:49 93312]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [19.5.2008 19:35 24576]
R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Nero 9\InCD\NBHRegInCDSrv.exe [1.9.2008 14:31 108568]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [6.4.2008 21:42 50424]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [17.4.2007 19:09 11032]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [8.8.2009 10:08 1153368]
R2 Uniblue DiskRescue;Uniblue DiskRescue;c:\program files\Uniblue\DiskRescue\UBDiskRescueSrv.exe [10.9.2008 16:22 229648]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [28.3.2008 12:44 210432]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17.11.2008 6:40 3668480]
R3 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [15.4.2008 19:13 51160]
R3 O2SDRDR;O2SDRDR;c:\windows\System32\drivers\o2sd.sys [8.4.2008 19:46 43736]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [6.6.2009 14:11 721904]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [4.4.2008 2:03 131072]
S3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:23 21504]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [31.5.2009 21:04 24064]
S3 TpChoice;Touch Pad Detection Filter driver;c:\windows\System32\drivers\TpChoice.sys [7.5.2008 7:39 17968]
S3 WSVD;WSVD;c:\windows\System32\drivers\WSVD.sys [11.6.2009 16:34 81704]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-01-25 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-15 12:51]

2010-01-24 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2009-11-15 12:51]

2010-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-84459838-171874766-2945494207-1003Core.job
- c:\users\Mates\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-21 13:28]

2010-01-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-84459838-171874766-2945494207-1003UA.job
- c:\users\Mates\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-21 13:28]

2010-01-18 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-11-15 08:22]

2010-01-09 c:\windows\Tasks\Uniblue DiskRescue 2009.job
- c:\program files\Uniblue\DiskRescue\UBDiskRescue.exe [2008-09-10 15:22]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0609&m=extensa_5630
mStart Page = hxxp://www.msn.com
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\Mates\AppData\Roaming\Mozilla\Firefox\Profiles\y3zw9ejq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1750559&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.maggots-lair.com/novinky
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - component: c:\program files\Mozilla Firefox\components\gemgecko.dll
FF - component: c:\program files\Mozilla Firefox\components\qippipe.dll
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\NPOFFICE.DLL
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin2.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin3.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin4.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin5.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin6.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\npqtplugin7.dll
FF - plugin: c:\program files\Opera 10 Beta\program\plugins\NPSWF32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - c:\program files\Search Settings\kb128\SearchSettings.dll
BHO-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - c:\program files\Search Settings\kb128\SearchSettings.dll
HKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe
MSConfigStartUp-GrooveMonitor - c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
MSConfigStartUp-RtHDVCpl - RtHDVCpl.exe
MSConfigStartUp-Skytel - Skytel.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-25 15:59
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

c:\users\Mates\AppData\Roaming\Software Informer\cache\icons\EW : Cossacks.ico 4398 bytes hidden from API

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-01-25 16:04:18
ComboFix-quarantined-files.txt 2010-01-25 15:04

Před spuštěním: Volných bajtů: 16 412 561 408
Po spuštění: Volných bajtů: 21 054 160 896

- - End Of File - - BAB7EAF23CA340630511EF03543FBD01

#2 Příspěvek od **Rudy** » 27 led 2010 20:17

CF něco smazal. Zbytek logu vypadá čistý. Problém přetrvává?

Sykoriam · #3 Příspěvek od **Sykoriam** » 28 led 2010 14:24

ano stále.....ted ale nekdy notebook vydrží i déle než 2 hod.....

#4 Příspěvek od **Rudy** » 28 led 2010 19:41

Zkuste ještě sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log a předem nic nemažte.

Sykoriam · #5 Příspěvek od **Sykoriam** » 08 úno 2010 15:29

omlouvám se za neaktivitu byl jsem na dovolené.....problém stále přetrvává....a také mi svítí LED HDD a na monitoru můžu maximálně pohybovat myší...

zde MBAM log:

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3701
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

7.2.2010 22:17:38
mbam-log-2010-02-07 (22-17-38).txt

Typ kontroly: Kompletní kontrola (C:\|D:\|E:\|G:\|)
Zkontrolované objekty: 667288
Uplynulý čas: 3 hour(s), 37 minute(s), 56 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 4

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\skype.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\Users\Mates\Documents\ICQ\572099675\ReceivedFiles\386546451 Marek Tlusťák\4.xpam.exe (Trojan.MultiDropper) -> Quarantined and deleted successfully.
E:\Caesar IV\rld-c4kg.exe (Malware.Packer) -> Quarantined and deleted successfully.
E:\HL I\gearbox\DQ2249.ICD (Trojan.Agent) -> Quarantined and deleted successfully.
E:\Mates\Music\NOVE MP3\Nové\acrobat profi 8cz\Keygeneraor\keygen.exe (Backdoor.Bot) -> Quarantined and deleted successfully.

#6 Příspěvek od **Rudy** » 08 úno 2010 18:02

Udělejte ještě sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 .

Sykoriam · #7 Příspěvek od **Sykoriam** » 11 úno 2010 16:08

Kaspersky Virus Removal Tool log:

Autoscan: malfunction (events: 4, objects: 39762, time: Unknown)
10.2.2010 15:36:49 Task started
10.2.2010 16:19:29 Processing error C:\Documents and Settings\Mates\AppData\Roaming\Uniblue\DriverScanner\Download\hdaudio_func_01_ven_1002_dev_aa015_00_60000_52.exe/data0187/_14250_Microsoft_VC80_MFCLOC_x86.msm Read error
10.2.2010 16:19:29 Task stopped
10.2.2010 16:19:48 Task started
Autoscan: malfunction (events: 1, objects: 0, time: Unknown)
10.2.2010 18:06:09 Task started
Autoscan: malfunction (events: 18, objects: 0, time: Unknown)
10.2.2010 18:35:25 Task started
10.2.2010 19:50:13 Detected: Trojan-Dropper.MSIL.Agent.ajv C:\RECYCLER\S-1-5-21-1085031214-1957994488-725345543-1003\Dc4.rar/Driver Detective 6.2.5.0 - Fully Cracked[NEW][2010]/crack.exe
10.2.2010 19:50:13 Untreated: Trojan-Dropper.MSIL.Agent.ajv C:\RECYCLER\S-1-5-21-1085031214-1957994488-725345543-1003\Dc4.rar/Driver Detective 6.2.5.0 - Fully Cracked[NEW][2010]/crack.exe Write not supported
10.2.2010 19:50:13 Detected: Trojan-Dropper.MSIL.Agent.ajv C:\RECYCLER\S-1-5-21-1085031214-1957994488-725345543-1003\Dc2\crack.exe
10.2.2010 19:50:13 Detected: Trojan-Dropper.MSIL.Agent.ajv C:\RECYCLER\S-1-5-21-1085031214-1957994488-725345543-1003\Dc2\Driver Detective 6.2.5.0.exe
10.2.2010 19:50:24 Detected: Trojan-Dropper.MSIL.Agent.ajv C:\RECYCLER\S-1-5-21-1085031214-1957994488-725345543-1003\Dc4.rar/Driver Detective 6.2.5.0 - Fully Cracked[NEW][2010]/Driver Detective 6.2.5.0.exe
10.2.2010 19:50:24 Untreated: Trojan-Dropper.MSIL.Agent.ajv C:\RECYCLER\S-1-5-21-1085031214-1957994488-725345543-1003\Dc4.rar/Driver Detective 6.2.5.0 - Fully Cracked[NEW][2010]/Driver Detective 6.2.5.0.exe Write not supported
10.2.2010 19:52:27 Deleted: Trojan-Dropper.MSIL.Agent.ajv C:\RECYCLER\S-1-5-21-1085031214-1957994488-725345543-1003\Dc2\crack.exe
10.2.2010 19:52:29 Deleted: Trojan-Dropper.MSIL.Agent.ajv C:\RECYCLER\S-1-5-21-1085031214-1957994488-725345543-1003\Dc2\Driver Detective 6.2.5.0.exe
10.2.2010 19:55:15 Detected: Trojan-Dropper.MSIL.Agent.ajv C:\System Volume Information\_restore{AE776A98-E647-43D7-A365-2376F087C100}\RP191\A0032876.exe
10.2.2010 19:55:27 Detected: Trojan-Dropper.MSIL.Agent.ajv C:\System Volume Information\_restore{AE776A98-E647-43D7-A365-2376F087C100}\RP191\A0032877.exe
10.2.2010 19:56:48 Deleted: Trojan-Dropper.MSIL.Agent.ajv C:\System Volume Information\_restore{AE776A98-E647-43D7-A365-2376F087C100}\RP191\A0032876.exe
10.2.2010 19:56:49 Deleted: Trojan-Dropper.MSIL.Agent.ajv C:\System Volume Information\_restore{AE776A98-E647-43D7-A365-2376F087C100}\RP191\A0032877.exe
10.2.2010 22:26:48 Detected: HEUR:Trojan.Win32.Generic E:\HL I - Opposing Force\Half Life Opposing Force-Full.iso/OPFOR/gearbox/DQ2249.ICD
10.2.2010 22:26:48 Untreated: HEUR:Trojan.Win32.Generic E:\HL I - Opposing Force\Half Life Opposing Force-Full.iso/OPFOR/gearbox/DQ2249.ICD Write not supported
11.2.2010 0:07:16 Processing error E:\System Volume Information\_restore{AE776A98-E647-43D7-A365-2376F087C100}\RP185\A0031781.exe Read error
11.2.2010 0:07:35 Detected: Trojan-Downloader.Win32.Zlob.whg E:\Warcraft III\WAR III Crack\Warcraft_3_Crack_by_FFF.zip.exe.part/crack_ver1.454.0.exe
11.2.2010 0:08:25 Deleted: Trojan-Downloader.Win32.Zlob.whg E:\Warcraft III\WAR III Crack\Warcraft_3_Crack_by_FFF.zip.exe.part
Virus Scan: completed 20 hours ago (events: 2, objects: 4, time: 00:00:01)
10.2.2010 20:02:49 Task started
10.2.2010 20:02:50 Task completed
Autoscan: completed 29 minutes ago (events: 5, objects: 628880, time: 09:25:12)
11.2.2010 6:13:11 Task started
11.2.2010 8:57:32 Detected: HEUR:Trojan.Win32.Generic E:\HL I - Opposing Force\Half Life Opposing Force-Full.iso/OPFOR/gearbox/DQ2249.ICD
11.2.2010 8:57:32 Untreated: HEUR:Trojan.Win32.Generic E:\HL I - Opposing Force\Half Life Opposing Force-Full.iso/OPFOR/gearbox/DQ2249.ICD Write not supported
11.2.2010 14:31:21 Processing error E:\System Volume Information\_restore{AE776A98-E647-43D7-A365-2376F087C100}\RP185\A0031781.exe Read error
11.2.2010 15:38:23 Task completed

#8 Příspěvek od **Rudy** » 11 úno 2010 18:40

Většinu toho AVP smazal. Ještě vypněte obnovu systému, restartujte PC a obnovu opět zapněte.

Sykoriam · #9 Příspěvek od **Sykoriam** » 15 úno 2010 13:50

provedeno...co dál????

#10 Příspěvek od **Rudy** » 15 úno 2010 18:47

Nastala nějaká změna?

Sykoriam · #11 Příspěvek od **Sykoriam** » 16 úno 2010 16:07

no nenastala...možná bude potíž v HDD.....dioda jeho činnosti totiž svítí a můžu max hýbat myší.....ale dělá to jen u Visty....mam i XP a tam vše jede bez problému...

#12 Příspěvek od **Rudy** » 16 úno 2010 20:02

Zkuste sken IceSword: http://www.viry.cz/forum/viewtopic.php?f=29&t=11394 a dejte logy Process a KernelModule.

Sykoriam · #13 Příspěvek od **Sykoriam** » 17 úno 2010 17:54

Zde Process log:

Process:

System Idle Process
System
D:\Program Files\Alwil Software\Avast5\afwServ.exe
D:\Program Files\Alwil Software\Avast5\AvastSvc.exe
D:\WINDOWS\system32\wbem\wmiapsrv.exe
D:\WINDOWS\system32\smss.exe
D:\Program Files\DAEMON Tools Lite\DTLite.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\explorer.exe
D:\WINDOWS\system32\ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\ati2evxx.exe
D:\Acer\Empowering Technology\ePerformance\MemCheck.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Broadcom\BACS\BPowMon.exe
D:\Program Files\Acer\Empowering Technology\Service\ETService.exe
D:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Acer\Empowering Technology\eLock\LockServ.exe
D:\DOCUME~1\Mates\LOCALS~1\Temp\RtkBtMnt.exe
D:\PROGRA~1\LAUNCH~1\LManager.exe
D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
D:\WINDOWS\PLFSetI.exe
D:\WINDOWS\PLFSetL.exe
D:\WINDOWS\RTHDCPL.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Synaptics\SynTP\SynTPEnh.exe
D:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
D:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
D:\Program Files\CyberLink\Shared Files\brs.exe
D:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
D:\Acer\Empowering Technology\ePower\ePower_DMC.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Acer\Empowering Technology\ePresentation\ePresentation.exe
D:\PROGRA~1\ALWILS~1\Avast5\AvastUI.exe
D:\WINDOWS\system32\wbem\unsecapp.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
D:\WINDOWS\system32\alg.exe
C:\Acer\Mobility Center\MobilityService.exe
D:\Program Files\Notebook Hardware Control\nhc.exe
D:\Program Files\Winamp\winampa.exe
D:\Program Files\Microsoft Office\2007\Office12\GrooveMonitor.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
D:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
D:\Program Files\Philips\GoGear Mix Device Manager\main.exe
D:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\QIP Infium\infium.exe
D:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\Documents and Settings\Mates\Dokumenty\Sta§en‚ soubory\IceSword122en\IceSword.exe
D:\Program Files\uTorrent\uTorrent.exe

________________________________________________________________________________________________
A zde Kernel Module:

Kernel Module:

\windows\system32\ntkrnlpa.exe
\windows\system32\hal.dll
\windows\system32\KDCOM.DLL
\windows\system32\BOOTVID.dll
00700722.sys
spyk.sys
\windows\System32\Drivers\WMILIB.SYS
\windows\System32\Drivers\SCSIPORT.SYS
ACPI.sys
pci.sys
isapnp.sys
compbatt.sys
\windows\system32\DRIVERS\BATTC.SYS
pciide.sys
\windows\system32\DRIVERS\PCIIDEX.SYS
pcmcia.sys
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
ACPIEC.sys
\windows\system32\DRIVERS\OPRGHDLR.SYS
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\windows\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
PxHelp20.sys
KSecDD.sys
WudfPf.sys
Ntfs.sys
NDIS.sys
aswNdis2.sys
aswNdis.sys
snapman.sys
Mup.sys
\SystemRoot\system32\DRIVERS\ati2mtag.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\o2sd.sys
\SystemRoot\system32\DRIVERS\o2media.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\DKbFltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\iviaspi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\System32\Drivers\Asapi.SYS
\SystemRoot\System32\Drivers\aiko1n56.SYS
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\btkrnl.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\btport.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtiHdmi.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\drivers\RtkHDAud.sys
\SystemRoot\system32\DRIVERS\HSFHWAZL.sys
\SystemRoot\system32\DRIVERS\HSF_DPV.sys
\SystemRoot\system32\DRIVERS\HSF_CNXT.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\system32\DRIVERS\0070072.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\System32\Drivers\aswFW.SYS
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\Drivers\Aavmker4.SYS
\SystemRoot\system32\DRIVERS\00700721.sys
\SystemRoot\system32\DRIVERS\snp2uvc.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\sncduvc.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\ati2dvag.dll
\SystemRoot\System32\ati2cqag.dll
\SystemRoot\System32\atikvmag.dll
\SystemRoot\System32\atiok3x2.dll
\SystemRoot\System32\ati3duag.dll
\SystemRoot\System32\ativvaxx.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\System32\Drivers\aswMon2.SYS
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\System32\drivers\aspi32.sys
\??\D:\Program Files\Broadcom\BACS\BASFND.sys
\??\D:\windows\system32\eLock2BurnerLockDriver.sys
\??\D:\windows\system32\eLock2FSCTLDriver.sys
\??\D:\windows\system32\drivers\int15.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\system32\drivers\regi.sys
\??\D:\windows\system32\drivers\tvicport.sys
\SystemRoot\system32\DRIVERS\xaudio.sys
\??\D:\windows\system32\drivers\zntport.sys
\??\D:\Program Files\CyberLink\PowerDVD9\000.fcl
\SystemRoot\System32\Drivers\HTTP.sys
\??\D:\windows\system32\drivers\nhcDriver.sys
\SystemRoot\System32\Drivers\aswRdr.SYS
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\NETw5x32.sys
\SystemRoot\System32\Drivers\IsDrv122.sys
\WINDOWS\system32\ntdll.dll
\Program Files\DAEMON Tools Lite\Engine.dll
D:\windows\System32\Drivers\sptd.sys

#14 Příspěvek od **Rudy** » 17 úno 2010 20:06

Vraťte se znovu k ComboFix. Otevfřte poznámkový blok a zkopírujte do něj:

Collect::
C:\Windows\system32\DRIVERS\00700722.sys
C:\Windows\system32\DRIVERS\00700721.sys

Driver::
00700722
00700721

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Sykoriam · #15 Příspěvek od **Sykoriam** » 20 úno 2010 18:47

ComboFix Log.....

ComboFix 10-02-19.04 - Mates 20.02.2010 16:55:07.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3067.2474 [GMT 1:00]
Spuštěný z: c:\users\Mates\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Mates\Desktop\CFScript.txt
AV: avast! Internet Security *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Internet Security *disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\$recycle.bin\S-1-5-21-3527385012-2741599902-364348988-1001
d:\windows\Suyin.reg
d:\windows\system32\bcmwl6.inf
d:\windows\system32\d3d10core.dll
d:\windows\system32\kernel32new.dll
d:\windows\system32\msvcrtnew.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_00700721
-------\Legacy_00700722
-------\Service_00700721
-------\Service_00700722

((((((((((((((((((((((((( Soubory vytvořené od 2010-01-20 do 2010-02-20 )))))))))))))))))))))))))))))))
.

2010-02-20 12:54 . 2010-02-20 12:55 -------- d-----w- d:\program files\AGEIA Technologies
2010-02-20 12:54 . 2010-02-20 12:54 -------- d-----w- d:\windows\system32\AGEIA
2010-02-20 12:54 . 2010-02-20 12:54 -------- d-----w- d:\program files\Common Files\Wise Installation Wizard
2010-02-20 11:45 . 2010-02-20 12:52 -------- d-----w- d:\program files\Common Files\BioWare
2010-02-20 07:29 . 2010-02-20 07:29 73544 ---ha-w- d:\windows\system32\mlfcache.dat
2010-02-19 21:02 . 2008-11-13 14:20 602624 -c----w- d:\windows\system32\dllcache\crypt32.dll
2010-02-19 21:02 . 2008-11-13 14:20 177664 -c----w- d:\windows\system32\dllcache\wintrust.dll
2010-02-19 16:31 . 2008-03-05 14:56 1420824 ----a-w- d:\windows\system32\D3DCompiler_37.dll
2010-02-19 16:31 . 2010-02-19 16:31 -------- d-----w- d:\program files\Microsoft Games for Windows - LIVE
2010-02-19 16:31 . 2010-02-19 16:31 -------- d-----w- d:\windows\system32\xlive
2010-02-19 16:20 . 2010-02-19 16:20 -------- d-----w- d:\program files\Common Files\Windows Live
2010-02-16 14:34 . 2010-02-16 14:34 -------- d-----w- d:\program files\Safari
2010-02-16 14:34 . 2010-02-16 14:34 -------- d-----w- d:\program files\Common Files\Apple
2010-02-15 17:48 . 2010-02-15 17:48 -------- d-----w- d:\documents and settings\Mates\BackUp
2010-02-15 15:19 . 2010-02-15 15:19 -------- d-----w- d:\windows\Sun
2010-02-15 15:18 . 2010-02-15 15:18 -------- d-----w- d:\program files\Common Files\Java
2010-02-15 15:18 . 2010-02-15 15:18 411368 ----a-w- d:\windows\system32\deploytk.dll
2010-02-15 15:18 . 2010-02-15 15:18 -------- d-----w- d:\program files\Java
2010-02-15 13:01 . 2006-10-26 18:56 33104 ----a-w- d:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-02-15 13:01 . 2006-10-26 18:56 32592 ----a-w- d:\windows\system32\msonpmon.dll
2010-02-15 12:55 . 2010-02-15 12:55 -------- d-----w- d:\program files\Microsoft Visual Studio 8
2010-02-15 12:53 . 2010-02-15 12:53 -------- d-----r- D:\MSOCache
2010-02-14 00:03 . 2009-08-06 18:23 215920 ----a-w- d:\windows\system32\muweb.dll
2010-02-14 00:03 . 2009-08-06 18:23 274288 ----a-w- d:\windows\system32\mucltui.dll
2010-02-13 22:42 . 2010-02-13 22:42 -------- d-----w- d:\program files\Microsoft Silverlight
2010-02-13 04:47 . 2010-02-13 04:47 -------- d-----w- d:\program files\Conduit
2010-02-13 04:47 . 2010-02-15 18:16 -------- d-----w- d:\program files\BS_Player
2010-02-13 04:47 . 2010-02-13 04:47 -------- d-----w- d:\program files\Webteh
2010-02-12 20:51 . 2010-02-12 20:51 -------- d-----w- d:\program files\Microsoft Visual Studio .NET 2003
2010-02-12 20:51 . 2010-02-12 20:51 -------- d-----w- d:\program files\DNsoft.be
2010-02-12 20:47 . 2010-02-20 16:19 22528 ----a-w- d:\windows\system32\drivers\nhcDriver.sys
2010-02-12 15:36 . 2010-02-11 18:42 162512 ----a-w- d:\windows\system32\drivers\aswSP.sys
2010-02-12 15:36 . 2010-02-11 18:38 19024 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys
2010-02-12 15:35 . 2010-02-11 18:43 291920 ----a-w- d:\windows\system32\drivers\aswSnx.sys
2010-02-12 15:35 . 2010-02-11 18:44 102480 ----a-w- d:\windows\system32\drivers\aswFW.sys
2010-02-12 15:35 . 2010-02-11 18:43 195408 ----a-w- d:\windows\system32\drivers\aswNdis2.sys
2010-02-12 15:35 . 2010-02-11 18:39 23376 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2010-02-12 15:35 . 2010-02-11 18:42 46672 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2010-02-12 15:35 . 2010-02-11 18:38 100432 ----a-w- d:\windows\system32\drivers\aswmon2.sys
2010-02-12 15:35 . 2010-02-11 18:38 94800 ----a-w- d:\windows\system32\drivers\aswmon.sys
2010-02-12 15:35 . 2010-02-11 18:38 28880 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2010-02-12 15:33 . 2010-01-09 21:22 12112 ----a-w- d:\windows\system32\drivers\aswNdis.sys
2010-02-12 15:33 . 2010-02-11 18:53 38848 ----a-w- d:\windows\system32\avastSS.scr
2010-02-12 15:33 . 2010-02-11 18:53 153184 ----a-w- d:\windows\system32\aswBoot.exe
2010-02-11 17:32 . 2010-02-11 17:43 7168 ----a-w- d:\windows\system32\drivers\uti3mtc3.sys
2010-02-10 14:30 . 2009-10-22 11:54 37392 ----a-w- d:\windows\system32\drivers\00700722.sys
2010-02-10 14:30 . 2009-10-09 21:31 315408 ----a-w- d:\windows\system32\drivers\0070072.sys
2010-02-10 14:30 . 2009-09-25 15:59 128016 ----a-w- d:\windows\system32\drivers\00700721.sys
2010-02-10 12:56 . 2010-02-10 12:56 -------- d-sh--w- d:\documents and settings\Guest\IECompatCache
2010-02-10 12:54 . 2010-02-10 12:54 -------- d-sh--w- d:\documents and settings\Guest\PrivacIE
2010-02-08 17:49 . 2010-02-08 17:49 -------- d-----w- D:\MP3Phillips
2010-02-08 17:39 . 2010-02-08 17:39 -------- d-----w- d:\program files\Philips
2010-02-08 16:41 . 2002-07-17 15:22 4672 ----a-w- d:\windows\system\WOWPOST.EXE
2010-02-08 16:41 . 2002-07-17 15:22 5600 ----a-w- d:\windows\system\WINASPI.DLL
2010-02-08 16:41 . 2002-07-17 08:20 45056 ----a-w- d:\windows\system32\WNASPI32.DLL
2010-02-08 16:41 . 2002-07-17 07:53 16877 ----a-w- d:\windows\system32\drivers\ASPI32.SYS
2010-02-08 16:26 . 2010-02-08 16:26 -------- d-----w- d:\program files\Ashampoo
2010-02-08 15:37 . 2010-02-08 18:26 -------- d-----w- d:\program files\PC Drivers HeadQuarters
2010-02-08 14:33 . 2010-02-08 15:11 -------- d-----w- d:\windows\system32\IoSubSys
2010-02-08 14:33 . 2010-02-08 14:33 -------- d-----w- d:\program files\VOB
2010-02-08 14:33 . 2000-04-27 11:31 19456 ----a-w- d:\windows\system32\asapi.dll
2010-02-08 14:33 . 2000-01-08 08:22 10240 ----a-w- d:\windows\system32\drivers\asapi.sys
2010-02-08 14:33 . 1998-10-29 15:45 306688 ----a-w- d:\windows\IsUninst.exe
2010-02-08 14:33 . 2010-02-08 14:33 -------- d-----w- d:\documents and settings\Mates\WINDOWS
2010-02-08 14:31 . 2010-02-08 14:31 -------- d-----w- D:\include
2010-02-08 14:31 . 2010-02-08 14:31 -------- d-----w- D:\Docs
2010-02-08 14:10 . 2010-02-08 14:10 -------- d-sh--w- d:\documents and settings\NetworkService\IETldCache
2010-02-07 21:21 . 2010-02-13 04:30 -------- d-----w- d:\documents and settings\Rodiče
2010-02-07 20:23 . 2010-02-07 20:23 -------- d--h--w- d:\windows\system32\GroupPolicy
2010-02-07 17:34 . 2010-01-07 15:07 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-02-07 17:34 . 2010-01-07 15:07 19160 ----a-w- d:\windows\system32\drivers\mbam.sys
2010-02-07 17:34 . 2010-02-07 17:35 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-02-07 12:13 . 2004-03-22 14:17 25840 ----a-w- d:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2010-02-07 12:13 . 2004-03-22 14:17 24816 ----a-w- d:\windows\system32\mdimon.dll
2010-02-07 12:11 . 2010-02-20 12:00 -------- d-----w- d:\program files\Microsoft Works
2010-02-07 12:11 . 2010-02-16 15:30 -------- d-----w- d:\windows\SHELLNEW
2010-02-07 12:11 . 2010-02-07 12:11 -------- d-----w- d:\program files\Microsoft.NET
2010-02-07 09:34 . 2010-02-11 15:04 -------- d-----w- d:\program files\Alwil Software
2010-02-06 21:48 . 2010-02-10 16:20 -------- d-----w- d:\program files\uTorrent
2010-02-05 19:45 . 2008-05-26 09:54 81704 ----a-w- d:\windows\system32\drivers\WSVD.sys
2010-02-05 19:42 . 2008-03-21 12:21 487424 ----a-w- d:\windows\system32\INT15.dll
2010-02-04 20:09 . 2010-01-14 10:12 181120 ------w- d:\windows\system32\MpSigStub.exe
2010-02-04 20:09 . 2010-02-04 20:09 -------- d-----w- d:\documents and settings\Mates\Data aplikacÝ
2010-02-04 20:08 . 2010-02-04 20:21 -------- d-----w- D:\dell
2010-02-04 19:46 . 2005-06-23 10:14 258048 ----a-w- d:\windows\system32\Uninstall_eRecovery.exe
2010-02-04 18:50 . 2010-02-04 18:54 -------- d-----w- d:\program files\DAEMON Tools Lite
2010-02-04 18:41 . 2010-02-04 18:50 691696 ----a-w- d:\windows\system32\drivers\sptd.sys
2010-02-04 18:39 . 2010-02-04 18:39 -------- d-----w- d:\program files\Uniblue
2010-02-04 16:35 . 2010-02-04 16:35 -------- d-----w- d:\program files\directx
2010-02-04 16:29 . 2010-02-04 16:29 21840 ----a-w- d:\windows\system32\SIntfNT.dll
2010-02-04 16:29 . 2010-02-04 16:29 17212 ----a-w- d:\windows\system32\SIntf32.dll
2010-02-04 16:29 . 2010-02-04 16:29 12067 ----a-w- d:\windows\system32\SIntf16.dll
2010-02-04 16:28 . 2006-04-14 14:27 8704 ----a-w- d:\windows\system32\drivers\TVicPort64.sys
2010-02-04 16:28 . 2006-04-14 14:27 14544 ----a-w- d:\windows\system32\drivers\TVicPort.sys
2010-02-04 16:28 . 2008-03-21 09:48 17952 ----a-w- d:\windows\system32\drivers\int15_64.sys
2010-02-04 16:28 . 2008-03-21 09:48 15392 ----a-w- d:\windows\system32\drivers\int15.sys
2010-02-04 16:28 . 2006-04-14 14:27 6144 ----a-w- d:\windows\system32\drivers\zntport64.sys
2010-02-04 16:28 . 2006-04-14 14:27 6080 ----a-w- d:\windows\system32\drivers\zntport.sys
2010-02-04 16:21 . 2006-02-16 14:39 45056 ----a-w- d:\windows\system32\Epm-Po.dll
2010-02-04 16:21 . 2005-09-14 16:03 53248 ----a-w- d:\windows\system32\acpimof.dll
2010-02-04 16:20 . 2006-04-19 14:42 16384 ----a-w- d:\windows\system32\eLock2BurnerLockDriver.sys
2010-02-04 16:20 . 2006-04-19 09:48 85248 ----a-w- d:\windows\system32\eLock2FSCTLDriver.sys
2010-02-04 16:20 . 2006-02-10 09:58 53248 ----a-w- d:\windows\system32\cdinfo.exe
2010-02-04 16:19 . 2006-03-24 16:47 602112 ----a-w- d:\windows\system32\Acer.Empowering.Windows.Forms.dll
2010-02-04 16:19 . 2006-02-22 10:20 53248 ----a-w- d:\windows\system32\Interop.Shell32.dll
2010-02-04 16:19 . 2006-02-22 10:20 331776 ----a-w- d:\windows\system32\ScrollBarLib.dll
2010-02-04 16:19 . 2010-02-04 16:19 -------- d-----w- D:\Acer
2010-02-03 18:44 . 2009-08-16 15:08 178176 ----a-w- d:\windows\system32\unrar.dll
2010-02-03 18:44 . 2006-04-02 12:47 630784 ----a-w- d:\windows\system32\vp7vfw.dll
2010-02-03 18:44 . 2004-05-18 18:16 39936 ----a-w- d:\windows\system32\huffyuv.dll
2010-02-03 18:44 . 2004-01-25 16:18 217088 ----a-w- d:\windows\system32\yv12vfw.dll
2010-02-03 18:43 . 2009-05-29 21:37 205824 ----a-w- d:\windows\system32\xvidvfw.dll
2010-02-03 18:43 . 2009-05-29 21:31 881664 ----a-w- d:\windows\system32\xvidcore.dll
2010-02-03 18:43 . 2009-11-09 18:00 85504 ----a-w- d:\windows\system32\ff_vfw.dll
2010-02-03 18:43 . 2010-02-15 18:16 -------- d-----w- d:\program files\K-Lite Codec Pack
2010-02-03 18:38 . 2010-02-03 18:38 -------- d-----w- d:\program files\Nero
2010-02-03 18:37 . 2010-02-03 18:38 -------- d-----w- d:\program files\Common Files\Nero
2010-02-03 18:01 . 2010-02-03 18:01 -------- d-----w- d:\program files\Common Files\Macrovision Shared
2010-02-03 18:00 . 2008-04-07 04:38 22872 ----a-r- d:\windows\system32\AdobePDFUI.dll
2010-02-03 18:00 . 2008-04-07 04:38 45392 ----a-r- d:\windows\system32\AdobePDF.dll
2010-02-03 17:31 . 2010-02-12 21:14 1392304 ----a-w- d:\windows\system32\AutoPartNt.exe
2010-02-03 16:26 . 2006-12-22 10:56 988800 ----a-w- d:\windows\system32\drivers\HSF_DPV.sys
2010-02-03 16:26 . 2006-12-22 10:56 209664 ----a-w- d:\windows\system32\drivers\HSFHWAZL.sys
2010-02-03 16:26 . 2006-12-22 10:55 730112 ----a-w- d:\windows\system32\drivers\HSF_CNXT.sys
2010-02-03 16:16 . 2010-02-03 16:16 114048 ----a-w- d:\windows\system32\drivers\snapman.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-07 13:29 . 2001-10-25 12:00 82840 ----a-w- d:\windows\system32\perfc005.dat
2010-02-07 13:29 . 2001-10-25 12:00 437574 ----a-w- d:\windows\system32\perfh005.dat
2010-02-06 21:56 . 2004-08-03 21:14 361600 ----a-w- d:\windows\system32\drivers\tcpip.sys
2010-02-04 09:01 . 2010-02-19 20:20 74072 ----a-w- d:\windows\system32\XAPOFX1_4.dll
2010-02-04 09:01 . 2010-02-19 20:20 528216 ----a-w- d:\windows\system32\XAudio2_6.dll
2010-02-04 09:01 . 2010-02-19 20:20 238936 ----a-w- d:\windows\system32\xactengine3_6.dll
2010-02-04 09:01 . 2010-02-19 20:20 22360 ----a-w- d:\windows\system32\X3DAudio1_7.dll
2010-02-03 16:24 . 2010-02-03 16:24 2940 ----a-w- d:\windows\system32\unins000.dat
2010-02-03 16:24 . 2010-02-03 16:24 716153 ----a-w- d:\windows\system32\unins000.exe
2010-02-01 21:12 . 2010-01-22 22:46 86327 ----a-w- d:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-01 21:12 . 2010-01-22 22:46 2740 ----a-w- d:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-01 19:14 . 2010-02-01 18:48 -------- d-----w- d:\program files\Winamp
2010-01-30 16:53 . 2010-01-30 16:53 0 ---ha-w- d:\windows\system32\drivers\Msft_Kernel_Apfiltr_01005.Wdf
2010-01-30 16:53 . 2010-01-30 16:53 0 ---ha-w- d:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-01-22 22:59 . 2010-01-22 22:46 8972 ----a-w- d:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-22 22:53 . 2010-01-22 22:53 0 ----a-w- d:\windows\nsreg.dat
2010-01-22 22:47 . 2010-01-22 22:47 -------- d-----w- d:\program files\microsoft frontpage
2010-01-22 22:44 . 2010-01-22 22:44 21812 ----a-w- d:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2004-08-03 21:14 353792 ----a-w- d:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2004-08-17 13:49 916480 ----a-w- d:\windows\system32\wininet.dll
2009-12-17 07:42 . 2010-01-22 22:43 343552 ----a-w- d:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-17 13:49 33280 ----a-w- d:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2004-08-17 13:45 2147328 ----a-w- d:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2004-08-17 15:45 2025984 ----a-w- d:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2004-08-03 21:15 455424 ----a-w- d:\windows\system32\drivers\mrxsmb.sys
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- d:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- d:\windows\system32\xliveinstallhost.exe
2009-11-27 17:14 . 2004-08-17 13:49 1294336 ----a-w- d:\windows\system32\quartz.dll
2009-11-27 17:14 . 2004-08-17 15:49 17920 ----a-w- d:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2001-10-25 12:00 28672 ----a-w- d:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- d:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2004-08-17 15:49 48128 ----a-w- d:\windows\system32\iyuv_32.dll
2009-11-27 16:09 . 2004-08-17 13:49 11264 ----a-w- d:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2004-08-17 13:49 84992 ----a-w- d:\windows\system32\avifil32.dll
2008-03-09 06:25 . 2010-02-03 16:24 236 ----a-w- d:\program files\Common Files\dx.reg
.

------- Sigcheck -------

[-] 2010-02-06 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625] . . d:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . d:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . d:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . d:\windows\system32\dllcache\tcpip.sys
[7] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . d:\windows\$NtServicePackUninstall$\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . d:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . d:\windows\$NtUninstallKB951748_0$\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2009-07-02 09:18 2215960 ----a-w- d:\program files\BS_Player\tbBS_P.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "d:\program files\BS_Player\tbBS_P.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "d:\program files\BS_Player\tbBS_P.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-02-11 18:41 135168 ----a-w- d:\program files\Alwil Software\Avast5\snxPlugins.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-11-20 2335880]
"Google Update"="d:\documents and settings\Mates\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-02-01 133104]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"uTorrent"="d:\program files\uTorrent\uTorrent.exe" [2010-02-10 319280]
"ICQ"="d:\program files\ICQ7.0\ICQ.exe" [2010-02-11 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"IMJPMIG8.1"="d:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"PHIME2002ASync"="d:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="d:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"AzMixerSel"="d:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-07-17 53248]
"LManager"="d:\progra~1\LAUNCH~1\LManager.exe" [2008-07-24 875016]
"Google Desktop Search"="d:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-01-30 30192]
"PLFSetI"="d:\windows\PLFSetI.exe" [2008-07-29 200704]
"PLFSetL"="d:\windows\PLFSetL.exe" [2008-07-03 94208]
"snp2uvc"="d:\windows\system32\csnp2uvc.dll" [2009-02-16 196608]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-13 16871936]
"QuickTime Task"="d:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"SynTPEnh"="d:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-22 1037608]
"StartCCC"="d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"RemoteControl9"="d:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-07-06 87336]
"PDVD9LanguageShortcut"="d:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"BDRegion"="d:\program files\Cyberlink\Shared Files\brs.exe" [2009-09-01 75048]
"OSSelectorReinstall"="d:\program files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe" [2007-02-22 2209224]
"Adobe Acrobat Speed Launcher"="d:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="d:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
"eLockMonitor"="d:\acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe" [2006-04-21 16384]
"ePower_DMC"="d:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-04-04 421888]
"Acer ePresentation HPD"="d:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 204800]
"avast5"="d:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488]
"NotebookHardwareControl"="d:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"WinampAgent"="d:\program files\Winamp\winampa.exe" [2010-01-13 37888]
"GrooveMonitor"="d:\program files\Microsoft Office\2007\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Acer Empowering Technology.lnk - d:\acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [2010-2-4 45056]
Bluetooth.lnk - d:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-25 607584]
Philips Device Manager.lnk - d:\program files\Philips\GoGear Mix Device Manager\main.exe [2010-2-8 124816]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\spba]
2008-03-25 14:24 567560 ----a-w- d:\program files\Common Files\SPBA\homefus2.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"e:\\Severance - Blade Of Darkness\\Bin\\Blade.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\ICQ7.0\\ICQ.exe"=
"d:\\Program Files\\ICQ7.0\\aolload.exe"=
"d:\\Program Files\\CyberLink\\PowerDVD9\\PowerDVD9.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Moje Aplikace\\EXE\\utorrent.exe"=
"d:\\Program Files\\Microsoft Office\\2007\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\2007\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\2007\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"e:\\Dragon Age - Prameny\\DAOriginsLauncher.exe"=
"e:\\Dragon Age - Prameny\\bin_ship\\daorigins.exe"=
"e:\\Dragon Age - Prameny\\bin_ship\\daupdatersvc.service.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
"16750:TCP"= 16750:TCP:BitComet 16750 TCP
"16750:UDP"= 16750:UDP:BitComet 16750 UDP

R0 aswNdis;avast! Firewall NDIS Filter Service;d:\windows\system32\drivers\aswNdis.sys [12.2.2010 16:33 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service;d:\windows\system32\drivers\aswNdis2.sys [12.2.2010 16:35 195408]
R0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [4.2.2010 19:41 691696]
R1 Asapi;Asapi;d:\windows\system32\drivers\asapi.sys [8.2.2010 15:33 10240]
R1 aswFW;avast! TDI Firewall driver;d:\windows\system32\drivers\aswFW.sys [12.2.2010 16:35 102480]
R1 aswSnx;aswSnx;d:\windows\system32\drivers\aswSnx.sys [12.2.2010 16:35 291920]
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [12.2.2010 16:36 162512]
R1 setup_9.0.0.722_10.02.2010_15-27drv;setup_9.0.0.722_10.02.2010_15-27drv;d:\windows\system32\drivers\0070072.sys [10.2.2010 15:30 315408]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2010/02/03 16:54];d:\program files\CyberLink\PowerDVD9\000.fcl [28.8.2009 12:57 87536]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [12.2.2010 16:36 19024]
R2 avast! Firewall;avast! Firewall;d:\program files\Alwil Software\Avast5\afwServ.exe [12.2.2010 16:33 119200]
R2 BPowMon;Broadcom Power monitoring service;d:\program files\Broadcom\BACS\BPowMon.exe [30.1.2008 13:36 70976]
R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;d:\windows\system32\eLock2BurnerLockDriver.sys [4.2.2010 17:20 16384]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver;d:\windows\system32\eLock2FSCTLDriver.sys [4.2.2010 17:20 85248]
R2 ETService;Empowering Technology Service;d:\program files\Acer\Empowering Technology\Service\ETService.exe [5.2.2010 20:42 24576]
R2 LockServ;LockServ;d:\acer\Empowering Technology\eLock\LockServ.exe -p --> d:\acer\Empowering Technology\eLock\LockServ.exe -p [?]
R2 regi;regi;d:\windows\system32\drivers\regi.sys [17.4.2007 20:09 11032]
R3 O2MDRDR;O2MDRDR;d:\windows\system32\drivers\o2media.sys [1.2.2010 20:47 51288]
R3 O2SDRDR;O2SDRDR;d:\windows\system32\drivers\o2sd.sys [1.2.2010 20:47 43608]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;e:\dragon age - prameny\bin_ship\daupdatersvc.service.exe [20.2.2010 13:42 25832]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;d:\program files\Google\Google Desktop Search\GoogleDesktop.exe [30.1.2010 18:18 30192]
S3 Revoflt;Revoflt;d:\windows\system32\drivers\revoflt.sys [28.1.2010 14:29 27064]
S3 uti3mtc3;AVZ Kernel Driver;d:\windows\system32\drivers\uti3mtc3.sys [11.2.2010 18:32 7168]
S3 WSVD;WSVD;d:\windows\system32\drivers\WSVD.sys [5.2.2010 20:45 81704]
.
Obsah adresáře 'Naplánované úlohy'

2010-02-16 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-02-20 d:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2009-11-15 12:51]

2010-02-04 d:\windows\Tasks\Uniblue DiskRescue 2009.job
- c:\program files\Uniblue\DiskRescue\UBDiskRescue.exe [2008-09-10 15:22]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com?o=15161&l=dis
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\2007\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - d:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - d:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Převést cíl vazby do Adobe PDF - d:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - d:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - d:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - d:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - d:\program files\ICQ7.0\ICQ.exe
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-20 17:18
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys spez.sys hal.dll >>UNKNOWN [0x8A4F6938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba0ecf28
\Driver\ACPI -> ACPI.sys @ 0xb9e74cb8
\Driver\atapi -> atapi.sys @ 0xb9debb40
IoDeviceObjectType -> SecurityProcedure -> ntkrnlpa.exe @ 0x80583d4a
\Device\Harddisk0\DR0 -> SecurityProcedure -> ntkrnlpa.exe @ 0x80583d4a
NDIS: Intel(R) WiFi Link 5100 AGN -> SendCompleteHandler -> NDIS.sys @ 0xb9ce1bb0
PacketIndicateHandler -> NDIS.sys @ 0xb9ceea21
SendHandler -> NDIS.sys @ 0xb9ccc87b
user & kernel MBR OK

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\d:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1164)
d:\windows\system32\Ati2evxx.dll
d:\program files\Common Files\SPBA\homefus2.dll
d:\program files\Common Files\SPBA\infql2.dll
d:\program files\Common Files\SPBA\homepass.dll
d:\program files\Common Files\SPBA\bio.dll
d:\program files\Common Files\SPBA\qlbase.dll

- - - - - - - > 'explorer.exe'(5064)
d:\windows\system32\btmmhook.dll
d:\acer\Empowering Technology\ePower\SysHook.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\btncopy.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
d:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\windows\system32\Ati2evxx.exe
d:\windows\system32\Ati2evxx.exe
d:\program files\Alwil Software\Avast5\AvastSvc.exe
d:\acer\Empowering Technology\ePerformance\MemCheck.exe
d:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\acer\Empowering Technology\eLock\LockServ.exe
d:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\acer\Mobility Center\MobilityService.exe
d:\program files\O2Micro Flash Memory Card Driver\o2flash.exe
d:\program files\Common Files\Protexis\License Service\PsiService_2.exe
d:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
d:\windows\system32\wbem\wmiapsrv.exe
d:\windows\system32\wscntfy.exe
d:\windows\RTHDCPL.EXE
d:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
d:\windows\system32\wbem\unsecapp.exe
d:\acer\Empowering Technology\eLock\Monitor\LockMon.exe
d:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
d:\docume~1\Mates\LOCALS~1\Temp\RtkBtMnt.exe
d:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\program files\QIP Infium\infium.exe
d:\windows\system32\Rundll32.exe
.
**************************************************************************
.
Celkový čas: 2010-02-20 17:28:47 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-20 16:28

Před spuštěním: Volných bajtů: 14 879 920 128
Po spuštění: Volných bajtů: 14 878 519 296

- - End Of File - - FAE8D93AB61FCFA22C604947DCD517FA

VIRY.CZ

Kontrola logu..........Seká se notebook

Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook

Re: Kontrola logu..........Seká se notebook