Prosím o kontrolu logu pro kamaráda.Dík předem.

Zpráva

digiart · #1 Příspěvek od **digiart** » 10 bře 2010 20:56

Logfile of random's system information tool 1.06 (written by random/random)
Run by st at 2010-03-10 20:46:02
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 4 GB (41%) free of 10 GB
Total RAM: 255 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:46:11, on 10.3.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\PROGRA~1\ICQ7.0\ICQ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\st\Plocha\RSIT.exe
C:\Program Files\trend micro\st.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=15187&l=dis
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Dexxa\Wireless Desktop\lwb3dapp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.0\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 4335 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-11 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-11-11 7311360]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-11-11 86016]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe [2002-03-28 188416]
"LWBMOUSE"=C:\Program Files\Dexxa\Wireless Desktop\lwb3dapp.exe []
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-02-10 1937408]
"ICQ"=C:\Program Files\ICQ7.0\ICQ.exe [2010-02-11 133368]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aliuhfyt.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aliuhfyt.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\America's Army\System\ArmyOps.exe"="C:\Program Files\America's Army\System\ArmyOps.exe:*:Enabled:ArmyOps"
"C:\Program Files\BlueSoleil.exe"="C:\Program Files\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"D:\HRY\Call of Duty\CoDMP.exe"="D:\HRY\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"D:\Program Files\Nokia\Nokia\Nokia Software Updater\nsu_ui_client.exe"="D:\Program Files\Nokia\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{138f3040-f77c-11dc-8ec8-0018e4073b33}]
shell\AutoRun\command - G:\tmp.folder/restore.exe
shell\ExploRE\command - G:\tmp.folder/restore.exe
shell\OPeN\command - G:\tmp.folder/restore.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{18919e90-b221-11dc-8e2d-0018e4073b33}]
shell\AutoRun\command - I:\filesystem/pagefile.exe
shell\eXpLorE\command - I:\filesystem/pagefile.exe
shell\oPen\command - I:\filesystem/pagefile.exe

======List of files/folders created in the last 1 months======

2010-03-10 20:46:02 ----D---- C:\rsit
2010-03-10 20:46:02 ----D---- C:\Program Files\trend micro
2010-03-10 20:39:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Office Genuine Advantage
2010-03-10 20:30:27 ----A---- C:\WINDOWS\system32\hidserv.dll
2010-03-10 09:47:10 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$
2010-02-28 16:47:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-02-27 14:37:14 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-27 14:37:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-27 12:21:33 ----D---- C:\Program Files\Ask.com
2010-02-27 12:20:31 ----D---- C:\Program Files\The KMPlayer
2010-02-27 12:03:37 ----D---- C:\Program Files\Mozilla Firefox
2010-02-27 11:18:26 ----D---- C:\totalcmd
2010-02-27 11:18:26 ----D---- C:\Documents and Settings\st\Data aplikací\GHISLER
2010-02-27 10:42:56 ----D---- C:\Program Files\ICQ6Toolbar
2010-02-27 10:42:50 ----D---- C:\Documents and Settings\st\Data aplikací\Mozilla
2010-02-27 10:42:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-02-27 10:42:32 ----D---- C:\Documents and Settings\st\Data aplikací\ICQ
2010-02-27 10:42:10 ----D---- C:\Program Files\ICQ7.0
2010-02-26 20:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-26 20:05:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-02-26 20:04:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-02-26 20:04:33 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-02-26 20:04:24 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-02-26 20:04:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-02-26 20:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-02-26 20:03:43 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-26 20:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-02-26 20:02:45 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-02-26 20:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-02-26 20:01:53 ----A---- C:\WINDOWS\system32\MRT.INI
2010-02-26 19:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-26 19:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-26 19:58:49 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-26 19:55:16 ----A---- C:\WINDOWS\system32\MRT.exe
2010-02-26 16:57:59 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-02-26 16:57:50 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-26 16:57:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-26 16:57:34 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-02-26 16:57:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-02-26 16:57:17 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-26 16:57:08 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-26 16:56:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-02-26 16:56:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-02-26 16:56:22 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-02-26 16:56:02 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-02-26 16:55:56 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-02-26 16:55:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-26 16:55:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-02-26 16:55:35 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-26 16:55:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-02-26 16:55:15 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-02-26 16:55:06 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-26 16:54:57 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-26 16:54:44 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-02-26 16:54:35 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-02-26 16:53:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-26 16:53:47 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-02-26 16:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-02-26 16:53:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-26 16:53:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-26 16:53:08 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-02-26 16:52:58 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-02-26 16:52:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-02-26 16:52:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-02-26 16:52:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-26 16:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-26 16:51:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-02-26 16:51:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-26 16:51:15 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-02-26 16:51:08 ----HDC---- C:\WINDOWS\$NtUninstallKB885884$
2010-02-26 16:50:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-26 16:50:36 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-26 16:50:26 ----D---- C:\WINDOWS\ServicePackFiles
2010-02-26 16:50:24 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-02-26 16:50:16 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-02-26 16:49:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-26 16:47:39 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2010-02-26 16:47:26 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-02-26 16:47:18 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-02-26 16:47:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-02-26 16:46:10 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-26 16:46:02 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-02-26 16:45:36 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-26 16:45:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-26 16:45:01 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-26 16:44:46 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-26 15:51:27 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-02-26 15:42:31 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-02-26 10:35:21 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-02-26 10:34:50 ----D---- C:\WINDOWS\system32\PreInstall
2010-02-26 10:34:48 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-02-26 10:34:47 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-26 09:19:03 ----D---- C:\WINDOWS\system32\SoftwareDistribution

======List of files/folders modified in the last 1 months======

2010-03-10 20:46:09 ----D---- C:\WINDOWS\Prefetch
2010-03-10 20:46:02 ----RD---- C:\Program Files
2010-03-10 20:45:24 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-10 20:45:17 ----D---- C:\WINDOWS\system32
2010-03-10 20:31:46 ----D---- C:\WINDOWS\system32\drivers
2010-03-10 20:31:38 ----AD---- C:\WINDOWS\Temp
2010-03-10 20:31:34 ----HD---- C:\WINDOWS\inf
2010-03-10 20:30:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-10 15:49:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-10 12:40:05 ----D---- C:\WINDOWS
2010-03-03 09:01:14 ----SHD---- C:\WINDOWS\Installer
2010-03-03 09:01:13 ----SD---- C:\WINDOWS\Tasks
2010-02-28 09:25:10 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-02-27 17:30:01 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-27 14:37:19 ----A---- C:\WINDOWS\imsins.BAK
2010-02-27 12:45:05 ----A---- C:\WINDOWS\NeroDigital.ini
2010-02-27 11:15:33 ----D---- C:\WINDOWS\WinSxS
2010-02-27 11:15:22 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-27 11:14:09 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-27 10:42:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-26 21:21:15 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-26 21:08:25 ----D---- C:\WINDOWS\system32\wbem
2010-02-26 21:08:25 ----D---- C:\WINDOWS\AppPatch
2010-02-26 21:08:24 ----D---- C:\WINDOWS\system32\Setup
2010-02-26 20:04:26 ----D---- C:\Program Files\Messenger
2010-02-26 20:03:04 ----D---- C:\Program Files\Internet Explorer
2010-02-26 19:55:22 ----D---- C:\WINDOWS\Debug
2010-02-26 16:53:32 ----D---- C:\Program Files\Outlook Express
2010-02-26 16:49:33 ----D---- C:\WINDOWS\Registration
2010-02-26 16:48:50 ----RSD---- C:\WINDOWS\assembly
2010-02-26 16:47:59 ----SD---- C:\Documents and Settings\st\Data aplikací\Microsoft
2010-02-26 09:19:13 ----D---- C:\WINDOWS\SoftwareDistribution
2010-02-26 09:19:11 ----D---- C:\WINDOWS\Help
2010-02-25 19:14:41 ----SHD---- C:\RECYCLER

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2003-10-10 52128]
R1 VIAPFD;VIAPFD; C:\WINDOWS\System32\Drivers\VIAPFD.SYS [2001-12-13 3279]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2004-08-03 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 HCF_MSFT;HCF_MSFT; C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys [2001-10-24 907456]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-11-11 3532928]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2004-08-03 163584]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 VIAudio;VIA AC'97 Enhanced Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudio.sys [2001-11-08 42752]
S1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmpci.sys [2000-01-12 27332]
S3 hidgame;Microsoft Hid to Joystick Port Enabler; C:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-10-06 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SQTECH9150;Mini Cam; C:\WINDOWS\System32\Drivers\Capt9150.sys [2004-04-01 47087]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-11-11 131139]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S4 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2010-03-10 20:46:15

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee 32-->C:\PROGRA~1\ACDSee32\UNWISE.EXE C:\PROGRA~1\ACDSee32\INSTALL.LOG
Adobe Acrobat 4.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 6.0 CE-->MsiExec.exe /I{AC76BA86-7AD7-1029-7646-CE0000000001}
Aktualizace systému Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Aktualizace zabezpečení produktu Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB944338-v2)-->"C:\WINDOWS\$NtUninstallKB944338-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971032)-->"C:\WINDOWS\$NtUninstallKB971032$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977165-v2)-->"C:\WINDOWS\$NtUninstallKB977165-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Dexxa Wireless Keyboard-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Dexxa\Wireless Desktop\Dexxa Wireless Keyboard\uninst.isu" -c"C:\Program Files\Dexxa\Wireless Desktop\Dexxa Wireless Keyboard\UnInst.dll"
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
ICQ7-->"C:\Program Files\InstallShield Installation Information\{88EB38EF-4D2C-436D-ABD3-56B232674062}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft Office XP Professional s aplikací FrontPage-->MsiExec.exe /I{90280405-6000-11D3-8CFE-0050048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe"
Mozilla Firefox (3.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP číslo KB885884-->C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
PC Connectivity Solution-->MsiExec.exe /I{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PV604 UnInstall.-->C:\WINDOWS\IsUninst.exe -fC:\PV604\Uninst.isu
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
WIN MPEG-I-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD709E6D-4865-11D4-B47E-0000E8764F8E}\Setup.exe" -uninst
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: U-2B491659249E4
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Správce vzdáleného přístupu úspěšně odeslán.

Record Number: 26201
Source Name: Service Control Manager
Time Written: 20100206032315.000000+060
Event Type: Informace
User: U-2B491659249E4\st

Computer Name: U-2B491659249E4
Event Code: 7036
Message: Stav služby Telefonní subsystém byl změněn na: Spuštěno

Record Number: 26200
Source Name: Service Control Manager
Time Written: 20100206032315.000000+060
Event Type: Informace
User:

Computer Name: U-2B491659249E4
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Služba rozpoznávání pomocí protokolu SSDP úspěšně odeslán.

Record Number: 26199
Source Name: Service Control Manager
Time Written: 20100206032315.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: U-2B491659249E4
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Služba modelu COM pro zápis na disk CD (IMAPI) úspěšně odeslán.

Record Number: 26198
Source Name: Service Control Manager
Time Written: 20100206032315.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: U-2B491659249E4
Event Code: 7036
Message: Stav služby Terminálová služba byl změněn na: Spuštěno

Record Number: 26197
Source Name: Service Control Manager
Time Written: 20100206032315.000000+060
Event Type: Informace
User:

=====Application event log=====

Computer Name: U-2B491659249E4
Event Code: 1
Message:
Record Number: 3937
Source Name: Nokia M Platform
Time Written: 20091206195155.000000+060
Event Type: Upozornění
User:

Computer Name: U-2B491659249E4
Event Code: 1
Message:
Record Number: 3936
Source Name: Nokia M Platform
Time Written: 20091206195155.000000+060
Event Type: Upozornění
User:

Computer Name: U-2B491659249E4
Event Code: 1
Message:
Record Number: 3935
Source Name: Nokia M Platform
Time Written: 20091206195155.000000+060
Event Type: Upozornění
User:

Computer Name: U-2B491659249E4
Event Code: 1
Message:
Record Number: 3934
Source Name: Nokia M Platform
Time Written: 20091206195155.000000+060
Event Type: Upozornění
User:

Computer Name: U-2B491659249E4
Event Code: 1
Message:
Record Number: 3933
Source Name: Nokia M Platform
Time Written: 20091206195155.000000+060
Event Type: Upozornění
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 6 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0602
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Marek-26 · #2 Příspěvek od **Marek-26** » 10 bře 2010 21:17

Dobrý večer

odinstalujte Ask Toolbar
Odinstalujte Adobe reader 6 a nainstalujte verzi 9 z www.adobe.com

Máte nyní k PC přístup a nebo budeme řešit na dálku?

digiart · #3 Příspěvek od **digiart** » 10 bře 2010 21:20

Jsem na tom PC

Marek-26 · #4 Příspěvek od **Marek-26** » 10 bře 2010 21:38

ok

Takže odinstalovat

Adobe Acrobat 4.0
Adobe Reader 6.0 CE
Ask Toolbar
Codec Pack - All In 1 6.0.3.0 lehce zastaralý a již nevyvýjený balík doporučuji se kouknout po novém.

stahnete a ulozte nejlepe na plochu ComboFix

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano:

Obrázek

dale muze dojit k varovani ohledne rezidentniho stitu vaseho antiviru a upozorneni na nenainstalovanou konzoli pro zotaveni; tu zatim neinstalujte.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, deaktivujte jeho rezidentni stit, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim Combofixu s rezidentem antispyware

po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem

digiart · #5 Příspěvek od **digiart** » 10 bře 2010 22:17

ComboFix 10-03-10.02 - st 10.03.2010 22:00:49.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.255.14 [GMT 1:00]
Spuštěný z: c:\documents and settings\st\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\st\Cookies\hpothb07.dat
c:\documents and settings\st\secupdat.dat
c:\recycler\S-1-5-21-0453265330-3385235070-064943145-0952
c:\recycler\S-1-5-21-1202487697-1378397957-150893257-8505
c:\recycler\S-1-5-21-1298420600-0457182967-239889026-5338
c:\recycler\S-1-5-21-3130614404-6402042426-503141236-0004
c:\recycler\S-1-5-21-3401666671-5267610955-995363470-1648
c:\recycler\S-1-5-21-4090752957-8725371681-692501457-3382
c:\recycler\S-1-5-21-5103110615-4976237794-265005563-9988
c:\recycler\S-1-5-21-6186343164-8072680290-946587750-9353
c:\recycler\S-1-5-21-7990645932-1136457337-750457795-1477
c:\recycler\S-1-5-21-8280702259-6656686441-583818878-0634
c:\recycler\S-1-5-21-9820938368-2056746402-789708923-9474
c:\windows\system32\ieuinit.inf
c:\windows\system32\reboot.txt
c:\windows\system32\secupdat.dat
c:\windows\system32\Thumbs.db

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-10 do 2010-03-10 )))))))))))))))))))))))))))))))
.

2010-03-10 20:23 . 2010-03-10 20:23 -------- d-----w- c:\program files\VS Revo Group
2010-03-10 20:13 . 2010-03-09 11:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-10 20:13 . 2010-03-09 11:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-10 20:12 . 2010-03-09 11:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-10 20:12 . 2010-03-09 11:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-10 20:12 . 2010-03-09 11:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-03-10 20:12 . 2010-03-09 11:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-03-10 20:12 . 2010-03-09 11:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-03-10 20:12 . 2010-03-09 11:24 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-03-10 20:12 . 2010-03-09 11:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-03-10 20:12 . 2010-03-10 20:12 -------- d-----w- c:\program files\Alwil Software
2010-03-10 19:46 . 2010-03-10 19:46 -------- d-----w- C:\rsit
2010-03-10 19:46 . 2010-03-10 19:46 -------- d-----w- c:\program files\trend micro
2010-03-10 19:31 . 2004-08-17 14:45 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-03-10 19:31 . 2004-08-17 14:45 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-03-10 19:31 . 2004-08-03 22:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-03-10 19:31 . 2004-08-03 22:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-03-10 19:30 . 2004-08-17 14:49 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2010-03-10 19:30 . 2004-08-17 14:49 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-02-27 11:21 . 2010-03-03 08:01 -------- d-----w- c:\program files\Ask.com
2010-02-27 11:20 . 2010-02-27 11:33 -------- d-----w- c:\program files\The KMPlayer
2010-02-27 11:03 . 2010-02-27 11:03 0 ----a-w- c:\windows\nsreg.dat
2010-02-27 10:18 . 2010-02-27 10:18 -------- d-----w- C:\totalcmd
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\UC.PIF
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\RAR.PIF
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKZIP.PIF
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\LHA.PIF
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\ARJ.PIF
2010-02-27 09:42 . 2010-02-27 09:42 -------- d-----w- c:\program files\ICQ6Toolbar
2010-02-27 09:42 . 2010-03-10 19:44 -------- d-----w- c:\program files\ICQ7.0
2010-02-26 15:50 . 2010-02-26 15:50 -------- d-----w- c:\windows\ServicePackFiles
2010-02-26 14:51 . 2010-02-26 20:21 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-02-26 14:47 . 2009-12-04 14:41 453760 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-26 14:43 . 2009-12-09 10:28 2059904 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-26 14:43 . 2009-12-09 10:28 2182528 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-02-26 14:43 . 2009-12-09 10:28 2138112 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-26 14:43 . 2009-12-09 10:28 2017792 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-26 09:34 . 2010-03-10 08:46 -------- d--h--w- c:\windows\$hf_mig$
2010-02-21 10:32 . 2004-08-03 21:31 20992 -c--a-w- c:\windows\system32\dllcache\rtl8139.sys
2010-02-21 10:32 . 2004-08-03 21:31 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-10 20:32 . 2006-07-24 19:43 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-10 20:08 . 2006-07-24 18:13 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-03-10 20:08 . 2006-07-24 18:13 737280 -c--a-w- c:\windows\iun6002.exe
2010-02-27 16:30 . 2001-10-25 11:00 62138 ----a-w- c:\windows\system32\perfc005.dat
2010-02-27 16:30 . 2001-10-25 11:00 379568 ----a-w- c:\windows\system32\perfh005.dat
2010-02-27 09:42 . 2006-07-24 18:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-31 16:14 . 2004-08-03 21:14 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:42 . 2004-08-17 13:49 663040 ----a-w- c:\windows\system32\wininet.dll
2009-12-22 05:42 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-17 08:00 . 2006-07-24 17:39 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:37 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-13 18:13 . 2007-08-20 20:05 661 ---ha-w- C:\hpothb07.dat
2009-12-13 18:13 . 2008-10-07 19:16 0 -c-ha-w- c:\documents and settings\st\hpothb07.dat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 15:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-02-10 1937408]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-02-11 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-11-11 7311360]
"nwiz"="nwiz.exe" [2005-11-11 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-11-11 86016]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-03-28 188416]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 110592]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aliuhfyt.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Nokia\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=

R0 aliuhfyt;aliuhfyt;c:\windows\system32\drivers\aliuhfyt.sys [2.11.2009 19:24 40128]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10.3.2010 21:13 162640]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10.3.2010 21:13 19024]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.12.2009 14:16 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.12.2009 14:16 8320]
S3 SQTECH9150;Mini Cam;c:\windows\system32\drivers\Capt9150.sys [12.10.2008 21:24 47087]
.
Obsah adresáře 'Naplánované úlohy'

2010-03-10 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-02-04 15:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.ask.com?o=15187&l=dis
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
FF - ProfilePath - c:\documents and settings\st\Data aplikací\Mozilla\Firefox\Profiles\9qym9s8b.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&locale=en_US&q=

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-LWBMOUSE - c:\program files\Dexxa\Wireless Desktop\lwb3dapp.exe
AddRemove-Dexxa Wireless Keyboard - c:\program files\Dexxa\Wireless Desktop\Dexxa Wireless Keyboard\uninst.isu
AddRemove-PV604(p) Uninstall 1.0 - c:\pv604\Uninst.isu

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-10 22:09
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-746137067-1957994488-1060284298-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3280)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\shdoclc.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RUNDLL32.EXE
.
**************************************************************************
.
Celkový čas: 2010-03-10 22:15:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-10 21:14

Před spuštěním: 3 672 223 744
Po spuštění: 3 757 678 592

- - End Of File - - 36C3A44BBAD943674A39E7F3E03CF423

Marek-26 · #6 Příspěvek od **Marek-26** » 10 bře 2010 22:27

Už jsem se lekl že budu muset jít spát

vydržte mi ještě chviličku než sesmolím další postup

Marek-26 · #7 Příspěvek od **Marek-26** » 10 bře 2010 22:41

Koukám že jste doinstaloval i antivir

Jednotky G a I jsou patrně flashky?

Totomi nejdříve otestujte na virustotal.com (vložte sem pouze odkaz na výsledek)
c:\windows\system32\drivers\aliuhfyt.sys

digiart · #8 Příspěvek od **digiart** » 10 bře 2010 22:47

Vypsalo mi to toto:

0 bytes size received / Se ha recibido un archivo vacio

digiart · #9 Příspěvek od **digiart** » 10 bře 2010 22:50

Jo a žádné Flesh nemám připojené

Marek-26 · #10 Příspěvek od **Marek-26** » 10 bře 2010 22:50

otevrete si Poznamkovy blok

do nej zkopirujte skript z nasledujiciho okna:

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{138f3040-f77c-11dc-8ec8-0018e4073b33}]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{18919e90-b221-11dc-8e2d-0018e4073b33}]

Driver::
aliuhfyt

File::
c:\windows\system32\drivers\aliuhfyt.sys

Reboot::

ulozte vami vytvoreny textovy soubor jako CFScript.txt na plochu

po ulozeni uchopte vami vytvoreny skript levym tlacitkem mysi a presunte jej nad ikonu Combofixu, nad niz skript upustte:

Obrázek

po aplikaci by na vas mel vybafnout dalsi log, vlozte jej sem

Upozorneni: je mozne, ze po aplikaci skriptu a restartu nenabehnou Windows, v takovem pripade znovu restartujte, po restartu mackejte F8 a zvolte Posledni znamou fukncni konfiguraci

digiart · #11 Příspěvek od **digiart** » 10 bře 2010 23:14

No je to stará mašina chvíli to trvá moc se omlouvám

ComboFix 10-03-10.02 - st 10.03.2010 23:00:27.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.255.135 [GMT 1:00]
Spuštěný z: c:\documents and settings\st\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\st\Plocha\CFScript.txt.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

FILE ::
"c:\windows\system32\drivers\aliuhfyt.sys"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\aliuhfyt.sys

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ALIUHFYT
-------\Service_aliuhfyt

((((((((((((((((((((((((( Soubory vytvořené od 2010-02-10 do 2010-03-10 )))))))))))))))))))))))))))))))
.

2010-03-10 20:23 . 2010-03-10 20:23 -------- d-----w- c:\program files\VS Revo Group
2010-03-10 20:13 . 2010-03-09 11:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-10 20:13 . 2010-03-09 11:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-10 20:12 . 2010-03-09 11:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-10 20:12 . 2010-03-09 11:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-10 20:12 . 2010-03-09 11:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-03-10 20:12 . 2010-03-09 11:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-03-10 20:12 . 2010-03-09 11:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-03-10 20:12 . 2010-03-09 11:24 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-03-10 20:12 . 2010-03-09 11:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-03-10 20:12 . 2010-03-10 20:12 -------- d-----w- c:\program files\Alwil Software
2010-03-10 19:46 . 2010-03-10 19:46 -------- d-----w- C:\rsit
2010-03-10 19:46 . 2010-03-10 19:46 -------- d-----w- c:\program files\trend micro
2010-03-10 19:31 . 2004-08-17 14:45 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-03-10 19:31 . 2004-08-17 14:45 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-03-10 19:31 . 2004-08-03 22:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-03-10 19:31 . 2004-08-03 22:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-03-10 19:30 . 2004-08-17 14:49 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2010-03-10 19:30 . 2004-08-17 14:49 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-02-27 11:21 . 2010-03-03 08:01 -------- d-----w- c:\program files\Ask.com
2010-02-27 11:20 . 2010-02-27 11:33 -------- d-----w- c:\program files\The KMPlayer
2010-02-27 11:03 . 2010-02-27 11:03 0 ----a-w- c:\windows\nsreg.dat
2010-02-27 10:18 . 2010-02-27 10:18 -------- d-----w- C:\totalcmd
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\UC.PIF
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\RAR.PIF
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKZIP.PIF
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\LHA.PIF
2010-02-27 10:18 . 2009-09-24 06:50 545 ----a-w- c:\windows\ARJ.PIF
2010-02-27 09:42 . 2010-02-27 09:42 -------- d-----w- c:\program files\ICQ6Toolbar
2010-02-27 09:42 . 2010-03-10 19:44 -------- d-----w- c:\program files\ICQ7.0
2010-02-26 15:50 . 2010-02-26 15:50 -------- d-----w- c:\windows\ServicePackFiles
2010-02-26 14:51 . 2010-02-26 20:21 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-02-26 14:47 . 2009-12-04 14:41 453760 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-26 14:43 . 2009-12-09 10:28 2059904 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-26 14:43 . 2009-12-09 10:28 2182528 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-02-26 14:43 . 2009-12-09 10:28 2138112 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-26 14:43 . 2009-12-09 10:28 2017792 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-26 09:34 . 2010-03-10 08:46 -------- d--h--w- c:\windows\$hf_mig$
2010-02-21 10:32 . 2004-08-03 21:31 20992 -c--a-w- c:\windows\system32\dllcache\rtl8139.sys
2010-02-21 10:32 . 2004-08-03 21:31 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-10 20:32 . 2006-07-24 19:43 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-10 20:08 . 2006-07-24 18:13 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-03-10 20:08 . 2006-07-24 18:13 737280 -c--a-w- c:\windows\iun6002.exe
2010-02-27 16:30 . 2001-10-25 11:00 62138 ----a-w- c:\windows\system32\perfc005.dat
2010-02-27 16:30 . 2001-10-25 11:00 379568 ----a-w- c:\windows\system32\perfh005.dat
2010-02-27 09:42 . 2006-07-24 18:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-31 16:14 . 2004-08-03 21:14 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:42 . 2004-08-17 13:49 663040 ------w- c:\windows\system32\wininet.dll
2009-12-22 05:42 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-17 08:00 . 2006-07-24 17:39 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:37 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-13 18:13 . 2007-08-20 20:05 661 ---ha-w- C:\hpothb07.dat
2009-12-13 18:13 . 2008-10-07 19:16 0 -c-ha-w- c:\documents and settings\st\hpothb07.dat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 15:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-02-10 1937408]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" [2010-02-11 133368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-11-11 7311360]
"nwiz"="nwiz.exe" [2005-11-11 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-11-11 86016]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-03-28 188416]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 110592]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Nokia\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\ICQ7.0\\ICQ.exe"=
"c:\\Program Files\\ICQ7.0\\aolload.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [10.3.2010 21:13 162640]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10.3.2010 21:13 19024]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.12.2009 14:16 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.12.2009 14:16 8320]
S3 SQTECH9150;Mini Cam;c:\windows\system32\drivers\Capt9150.sys [12.10.2008 21:24 47087]
.
Obsah adresáře 'Naplánované úlohy'

2010-03-10 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-02-04 15:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.ask.com?o=15187&l=dis
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
FF - ProfilePath - c:\documents and settings\st\Data aplikací\Mozilla\Firefox\Profiles\9qym9s8b.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&locale=en_US&q=

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

SafeBoot-aliuhfyt.sys

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-10 23:07
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-746137067-1957994488-1060284298-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(1524)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2010-03-10 23:12:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-10 22:12
ComboFix2.txt 2010-03-10 21:15

Před spuštěním: 3 752 734 720
Po spuštění: 3 661 660 160

- - End Of File - - 187D2560E5119AC55E237BE005668659

Marek-26 · #12 Příspěvek od **Marek-26** » 10 bře 2010 23:28

Tak kromě toho Ask.com toolbaru vše OK. Doporučoval bych ještě popřemýšlet o Antispywaru (například SAS na občasný scan) a firewall.
Dále doporučuji proscanovat pomocí Secunia PSI. http://viry.cz/go.php?p=viry&t=clanek&id=59
a pročistit PC pomocí CCleaneru (soubory i registry) a defragmentovat pevné disky.

Stáhněte a spusťte http://sweb.cz/Marinus/T-Cleaner.exe odstraní zbytky po používaných programech.

A to by bylo z mé strany asi vše čili přeji Vám dobrou noc do podještědí. Pokud by byl ještě nějaký dotaz šup sem sním

Budu tu ještě tak 15 minut (návštěva ledničky a jeden hřebík do rakve před spaním).

digiart · #13 Příspěvek od **digiart** » 10 bře 2010 23:33

Díky moc a přeji klidný spánek kdyby něco určitě se ozvu.

Marek-26 · #14 Příspěvek od **Marek-26** » 10 bře 2010 23:37

Nemáte zač

VIRY.CZ

Prosím o kontrolu logu pro kamaráda.Dík předem.

Prosím o kontrolu logu pro kamaráda.Dík předem.

Re: Prosím o kontrolu logu pro kamaráda.Dík předem.

Re: Prosím o kontrolu logu pro kamaráda.Dík předem.

Re: Prosím o kontrolu logu pro kamaráda.Dík předem.

Re: Prosím o kontrolu logu pro kamaráda.Dík předem.

Re: Prosím o kontrolu logu pro kamaráda.Dík předem.

Re: Prosím o kontrolu logu pro kamaráda.Dík předem.

Re: Prosím o kontrolu logu pro kamaráda.Dík předem.

Re: Prosím o kontrolu logu pro kamaráda.Dík předem.

Re: Prosím o kontrolu logu pro kamaráda.Dík předem.

Re: Prosím o kontrolu logu pro kamaráda.Dík předem.

Re: Prosím o kontrolu logu pro kamaráda.Dík předem.

Re: Prosím o kontrolu logu pro kamaráda.Dík předem.

Re: Prosím o kontrolu logu pro kamaráda.Dík předem.