Dobrý den,
restartuje se mi samovolně comp když běží aplikací víc.
comodo byl nainstalován po odinstalování není restart tak častý
děkuji vroucně
Logfile of random's system information tool 1.06 (written by random/random)
Run by MM at 2010-03-22 14:29:27
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 48 GB (61%) free of 78 GB
Total RAM: 1024 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:29:41, on 22.3.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\MM\Dokumenty\Instal\RSIT\RSIT.exe
C:\Program Files\trend micro\MM.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O20 - AppInit_DLLs:
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 4000 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-17 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-17 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-02-14 2957824]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-03-09 2769336]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-11-17 3022848]
"nwiz"=nwiz.exe /install []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"NvMediaCenter"=C:\WINDOWS\system32\NVMCTRAY.DLL [2003-11-17 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^MM^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2
"wscsvc"=2
"SharedAccess"=2
"mnmsrvc"=3
"Adobe LM Service"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrszht.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrstr.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrssv.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrssl.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrssk.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsru.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrspt.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrspl.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsno.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsko.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsja.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsit.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrshu.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrshe.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nwiz.exe
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrses.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvudisp.exe
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvshell.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrses.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrseng.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsel.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsde.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsda.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrscs.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsar.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nviewimg.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nview.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvappbar.exe
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\keystone.exe
2010-03-22 12:12:28 ----A---- C:\WINDOWS\system32\VGAunistlog.ini
2010-03-22 11:56:28 ----D---- C:\Program Files\VTTrader 2
2010-03-22 11:07:08 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-03-22 09:29:57 ----D---- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2010-03-22 08:45:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2010-03-22 08:42:46 ----D---- C:\WINDOWS\nview
2010-03-19 23:16:22 ----D---- C:\Program Files\Common Files\Digidesign
2010-03-19 23:16:07 ----A---- C:\WINDOWS\system32\NI_IRC_1_2.dll
2010-03-19 23:16:06 ----A---- C:\WINDOWS\system32\NI_DFD_1_5.dll
2010-03-19 23:15:54 ----D---- C:\Program Files\Native Instruments
2010-03-19 22:35:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Drumsite
2010-03-19 22:34:10 ----D---- C:\Program Files\Drumsite demo
2010-03-17 15:05:25 ----D---- C:\Documents and Settings\MM\Data aplikací\DivX
2010-03-17 14:55:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-03-17 12:03:59 ----A---- C:\WINDOWS\TRNCOM.INI
2010-03-17 12:02:47 ----A---- C:\WINDOWS\WTRDCTM.INI
2010-03-17 12:02:19 ----D---- C:\TRANSLAT
2010-03-17 12:02:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\LangSoft
2010-03-17 11:16:30 ----A---- C:\WINDOWS\system32\MSTMON_C.EXE
2010-03-17 11:16:30 ----A---- C:\WINDOWS\system32\MSTMON_C.DLL
2010-03-17 11:16:30 ----A---- C:\WINDOWS\MSTMON_C.INI
2010-03-17 11:16:30 ----A---- C:\WINDOWS\MRDM50_C.TXT
2010-03-17 11:16:30 ----A---- C:\WINDOWS\MRDM00_C.TXT
2010-03-17 11:04:18 ----D---- C:\WINDOWS\SxsCaPendDel
2010-03-15 22:16:39 ----D---- C:\Program Files\DivX
2010-03-15 17:07:25 ----D---- C:\Program Files\DAEMON Tools Lite
2010-03-15 17:07:07 ----D---- C:\Documents and Settings\MM\Data aplikací\DAEMON Tools Lite
2010-03-15 17:07:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2010-03-15 12:35:31 ----D---- C:\Documents and Settings\MM\Data aplikací\Vso
2010-03-15 12:35:31 ----A---- C:\Documents and Settings\MM\Data aplikací\inst.exe
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\sipr3260.dll
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\drv43260.dll
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\drv33260.dll
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\drv23260.dll
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\cook3260.dll
2010-03-15 12:35:01 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2010-03-15 12:34:59 ----A---- C:\WINDOWS\system32\wvc1dmod.dll
2010-03-15 12:34:56 ----D---- C:\Program Files\VSO
2010-03-15 12:20:49 ----D---- C:\Documents and Settings\MM\Data aplikací\vlc
2010-03-15 12:19:26 ----D---- C:\Program Files\VideoLAN
2010-03-15 11:58:13 ----D---- C:\Documents and Settings\MM\Data aplikací\BSplayer Pro
2010-03-15 11:58:10 ----D---- C:\Program Files\Webteh
2010-03-15 10:45:46 ----D---- C:\Documents and Settings\MM\Data aplikací\OpenOffice.org
2010-03-15 10:39:37 ----D---- C:\Program Files\OpenOffice.org 3
2010-03-14 14:59:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sibelius Software
2010-03-14 14:59:12 ----D---- C:\Documents and Settings\MM\Data aplikací\Sibelius Software
2010-03-14 14:56:25 ----D---- C:\Program Files\Sibelius Software
2010-03-11 14:32:47 ----D---- C:\Program Files\Software602
2010-03-10 13:47:46 ----D---- C:\MetaTrader - Masterforex
2010-03-08 11:48:15 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-03-08 11:48:13 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-08 11:47:57 ----D---- C:\WINDOWS\Logs
2010-03-08 11:46:50 ----A---- C:\WINDOWS\system32\setb3.tmp
2010-03-08 00:10:44 ----A---- C:\WINDOWS\WM8EUTIL.exe
2010-03-08 00:10:43 ----D---- C:\Program Files\CD to MP3 Freeware
2010-03-07 23:59:29 ----D---- C:\Program Files\SlySoft
2010-03-04 11:20:40 ----D---- C:\Program Files\Returnil
2010-03-01 09:20:03 ----D---- C:\Documents and Settings\MM\Data aplikací\Google
2010-02-25 10:01:05 ----D---- C:\Program Files\Google
2010-02-23 09:34:52 ----D---- C:\Documents and Settings\MM\Data aplikací\GetRightToGo
======List of files/folders modified in the last 1 months======
2010-03-22 14:29:41 ----D---- C:\Program Files\Trend Micro
2010-03-22 14:29:37 ----D---- C:\WINDOWS\Prefetch
2010-03-22 14:20:31 ----D---- C:\WINDOWS\Temp
2010-03-22 14:14:58 ----AD---- C:\WINDOWS
2010-03-22 12:37:18 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-22 12:15:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-22 12:15:23 ----D---- C:\WINDOWS\system32
2010-03-22 12:15:23 ----D---- C:\WINDOWS\Help
2010-03-22 12:14:11 ----HD---- C:\WINDOWS\inf
2010-03-22 12:14:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-22 12:13:56 ----D---- C:\WINDOWS\system32\drivers
2010-03-22 12:13:55 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-22 11:56:28 ----RD---- C:\Program Files
2010-03-22 11:29:07 ----D---- C:\Program Files\Mozilla Thunderbird
2010-03-22 11:07:18 ----SHD---- C:\WINDOWS\Installer
2010-03-22 11:07:17 ----D---- C:\WINDOWS\WinSxS
2010-03-22 11:07:16 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-22 10:59:02 ----D---- C:\WINDOWS\Minidump
2010-03-22 08:29:56 ----D---- C:\Program Files\COMODO
2010-03-21 19:09:59 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-19 23:16:22 ----D---- C:\Program Files\Common Files
2010-03-19 17:35:18 ----D---- C:\Program Files\Messenger
2010-03-19 17:05:36 ----D---- C:\Documents and Settings\MM\Data aplikací\Spyware Terminator
2010-03-17 12:03:41 ----D---- C:\Documents and Settings\MM\Data aplikací\LangSoft
2010-03-15 12:31:42 ----D---- C:\Program Files\Microsoft Silverlight
2010-03-15 12:31:21 ----SD---- C:\Documents and Settings\MM\Data aplikací\Microsoft
2010-03-15 10:42:25 ----RSD---- C:\WINDOWS\assembly
2010-03-15 10:40:09 ----RSD---- C:\WINDOWS\Fonts
2010-03-12 15:22:08 ----D---- C:\WINDOWS\system32\wbem
2010-03-12 15:22:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-08 11:50:08 ----D---- C:\WINDOWS\security
2010-03-08 11:48:20 ----D---- C:\WINDOWS\system32\DirectX
2010-03-08 11:47:14 ----D---- C:\Program Files\Windows Media Player
2010-03-08 11:47:12 ----D---- C:\WINDOWS\RegisteredPackages
2010-03-08 11:47:12 ----D---- C:\WINDOWS\Debug
2010-02-25 17:57:34 ----D---- C:\Documents and Settings\MM\Data aplikací\Adobe
2010-02-25 10:01:38 ----SD---- C:\WINDOWS\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-03-09 28880]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-03-09 162640]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-03-09 46672]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\System32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-03-09 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-03-09 100432]
R2 MLPTDR_C;MLPTDR_C; \??\C:\WINDOWS\system32\MLPTDR_C.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-03-09 23376]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2003-11-17 1618939]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-03-15 47360]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 a9k16a5i;a9k16a5i; C:\WINDOWS\system32\drivers\a9k16a5i.sys []
S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2003-11-17 77824]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-02-14 1097216]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-02-19 72704]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu logu - samovolné restartování compu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu logu - samovolné restartování compu
Zdravím 
Na logu se pracuje, prosím o strpení.
Na logu se pracuje, prosím o strpení.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu logu - samovolné restartování compu
Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe- Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
- Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
- Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
- Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
- Během skenování může být počítač restartován.
Re: prosím o kontrolu logu - samovolné restartování compu
provedeno
ComboFix 10-03-21.04 - MM 22.03.2010 14:54:25.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1024.788 [GMT 1:00]
Spuštěný z: c:\documents and settings\MM\Dokumenty\Instal\combofix\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\ieuinit.inf
c:\windows\system32\msssc.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-22 do 2010-03-22 )))))))))))))))))))))))))))))))
.
2010-03-22 10:56 . 2010-03-22 10:56 -------- d-----w- c:\program files\VTTrader 2
2010-03-22 10:07 . 2010-03-09 11:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-22 10:07 . 2010-03-09 11:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-22 10:07 . 2010-03-09 11:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-22 10:07 . 2010-03-09 11:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-22 10:07 . 2010-03-09 11:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-03-22 10:07 . 2010-03-09 11:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-03-22 10:07 . 2010-03-09 11:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-03-22 10:07 . 2010-03-09 11:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-03-22 10:07 . 2010-02-11 18:53 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-03-22 09:29 . 2009-08-22 18:25 4224 ----a-w- c:\windows\system32\drivers\NVStrap.sys
2010-03-22 08:29 . 2010-03-22 09:54 -------- d-----w- c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2010-03-22 07:42 . 2010-03-22 11:15 -------- d-----w- c:\windows\nview
2010-03-19 22:16 . 2010-03-19 22:16 -------- d-----w- c:\program files\Common Files\Digidesign
2010-03-19 22:16 . 2006-10-26 14:29 393216 ----a-w- c:\windows\system32\NI_IRC_1_2.dll
2010-03-19 22:16 . 2006-10-26 14:29 61440 ----a-w- c:\windows\system32\NI_DFD_1_5.dll
2010-03-19 22:15 . 2010-03-19 22:15 -------- d-----w- c:\program files\Native Instruments
2010-03-19 21:34 . 2010-03-22 09:55 -------- d-----w- c:\program files\Drumsite demo
2010-03-17 11:02 . 2010-03-17 11:03 -------- d-----w- C:\TRANSLAT
2010-03-17 10:16 . 2002-11-28 08:51 155648 ----a-w- c:\windows\system32\MSTMON_C.EXE
2010-03-17 10:16 . 2002-09-03 20:57 897024 ----a-w- c:\windows\system32\MSTMON_C.DLL
2010-03-17 10:04 . 2010-03-22 09:57 -------- d-----w- c:\windows\SxsCaPendDel
2010-03-15 21:16 . 2010-03-17 20:29 -------- d-----w- c:\program files\DivX
2010-03-15 16:07 . 2010-03-15 16:07 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-15 16:07 . 2010-03-15 16:08 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-03-15 11:35 . 2010-03-15 11:35 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-03-15 11:35 . 2010-02-09 14:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2010-03-15 11:35 . 2010-02-09 14:37 217127 ----a-w- c:\windows\system32\drv43260.dll
2010-03-15 11:35 . 2010-02-09 14:37 208935 ----a-w- c:\windows\system32\drv33260.dll
2010-03-15 11:35 . 2010-02-09 14:37 176165 ----a-w- c:\windows\system32\drv23260.dll
2010-03-15 11:35 . 2010-02-09 14:37 102439 ----a-w- c:\windows\system32\sipr3260.dll
2010-03-15 11:35 . 2010-02-09 14:37 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2010-03-15 11:34 . 2010-02-09 14:37 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2010-03-15 11:34 . 2010-03-15 11:35 -------- d-----w- c:\program files\VSO
2010-03-15 11:19 . 2010-03-15 11:32 -------- d-----w- c:\program files\VideoLAN
2010-03-15 10:58 . 2010-03-15 11:30 -------- d-----w- c:\program files\Webteh
2010-03-15 09:39 . 2010-03-15 09:39 -------- d-----w- c:\program files\OpenOffice.org 3
2010-03-14 13:56 . 2010-03-14 13:56 -------- d-----w- c:\program files\Sibelius Software
2010-03-11 13:32 . 2010-03-11 13:32 -------- d-----w- c:\program files\Software602
2010-03-10 12:47 . 2010-03-10 12:50 -------- d-----w- C:\MetaTrader - Masterforex
2010-03-08 10:48 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-03-08 10:48 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-03-08 10:47 . 2010-03-08 10:47 -------- d-----w- c:\windows\Logs
2010-03-07 23:10 . 2001-03-23 15:29 880912 ----a-w- c:\windows\WM8EUTIL.exe
2010-03-07 23:10 . 2010-03-07 23:53 -------- d-----w- c:\program files\CD to MP3 Freeware
2010-03-07 22:59 . 2010-03-22 09:57 -------- d-----w- c:\program files\SlySoft
2010-03-05 15:25 . 2010-03-05 15:25 -------- d-----w- c:\documents and settings\MM\.oanda
2010-03-04 10:20 . 2010-03-22 09:56 -------- d-----w- c:\program files\Returnil
2010-02-25 09:01 . 2010-02-25 09:11 -------- d-----w- c:\program files\Google
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-22 13:29 . 2010-02-18 00:27 -------- d-----w- c:\program files\Trend Micro
2010-03-22 10:29 . 2010-02-14 18:26 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-03-22 07:29 . 2010-02-18 00:49 -------- d-----w- c:\program files\COMODO
2010-03-15 11:31 . 2010-02-14 19:51 -------- d-----w- c:\program files\Microsoft Silverlight
2010-03-14 13:59 . 2010-03-14 13:59 604 ---ha-w- c:\program files\STLL Notifier
2010-03-12 14:22 . 2001-10-25 12:00 86802 ----a-w- c:\windows\system32\perfc005.dat
2010-03-12 14:22 . 2001-10-25 12:00 439276 ----a-w- c:\windows\system32\perfh005.dat
2010-02-19 19:47 . 2010-02-15 21:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-19 19:43 . 2010-02-19 19:43 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2010-02-19 11:29 . 2010-02-14 18:18 -------- d-----w- c:\program files\Alwil Software
2010-02-18 11:08 . 2010-02-18 11:03 -------- d-----w- c:\program files\The KMPlayer
2010-02-17 17:59 . 2010-02-17 17:57 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-02-17 11:13 . 2010-02-14 19:43 737280 ----a-w- c:\windows\iun6002.exe
2010-02-17 09:56 . 2010-02-17 09:56 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-17 09:56 . 2010-02-17 09:56 -------- d-----w- c:\program files\Java
2010-02-16 10:00 . 2010-02-14 18:19 -------- d-----w- c:\program files\Spyware Terminator
2010-02-16 00:17 . 2010-02-16 00:16 -------- d-----w- c:\program files\Databox
2010-02-15 20:36 . 2010-02-15 20:36 -------- d-----w- c:\program files\CRMfree
2010-02-15 19:54 . 2010-02-15 19:29 -------- d-----w- c:\program files\MSSQL2005
2010-02-15 19:41 . 2010-02-15 19:41 -------- d-----w- c:\program files\Microsoft.NET
2010-02-15 19:41 . 2010-02-15 19:34 -------- d-----w- c:\program files\Microsoft SQL Server
2010-02-15 19:38 . 2010-02-15 19:38 -------- d-----w- c:\program files\MSXML 6.0
2010-02-14 20:27 . 2010-02-14 20:27 -------- d-----w- c:\program files\Common Files\Real
2010-02-14 20:27 . 2010-02-14 20:27 -------- d-----w- c:\program files\Real
2010-02-14 20:08 . 2010-02-14 20:08 -------- d-----w- c:\program files\CCleaner
2010-02-14 19:20 . 2010-02-14 19:20 -------- d-----w- c:\program files\Borland
2010-02-14 18:51 . 2010-02-14 18:51 0 ----a-w- c:\windows\nsreg.dat
2010-02-14 18:48 . 2010-02-14 18:48 -------- d-----w- c:\program files\MozBackup
2010-02-14 18:47 . 2010-02-14 17:59 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2010-02-14 18:47 . 2010-02-14 17:59 2724 ----a-w- c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2010-02-14 18:44 . 2010-02-14 17:59 8972 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cntstore.bin
2010-02-14 18:25 . 2010-02-14 18:25 -------- d-----w- c:\program files\IrfanView
2010-02-14 18:24 . 2010-02-14 18:24 -------- d-----w- c:\program files\7-Zip
2010-02-14 18:23 . 2010-02-14 18:23 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-02-14 18:21 . 2010-02-14 18:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-14 18:21 . 2010-02-14 18:21 -------- d-----w- c:\program files\Analog Devices
2010-02-14 18:21 . 2010-02-14 18:10 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-14 18:19 . 2010-02-14 18:19 138752 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-02-14 18:00 . 2010-02-14 18:00 -------- d-----w- c:\program files\microsoft frontpage
2010-02-14 18:00 . 2010-02-14 18:00 2678 ----a-w- c:\windows\java\Packages\Data\XZ7TZ5FX.DAT
2010-02-14 18:00 . 2010-02-14 18:00 558142 ----a-w- c:\windows\java\Packages\L317JRZJ.ZIP
2010-02-14 18:00 . 2010-02-14 18:00 2678 ----a-w- c:\windows\java\Packages\Data\PFNXV9JF.DAT
2010-02-14 18:00 . 2010-02-14 18:00 155995 ----a-w- c:\windows\java\Packages\G39J3LVL.ZIP
2010-02-14 18:00 . 2010-02-14 18:00 2678 ----a-w- c:\windows\java\Packages\Data\UOVLBZZZ.DAT
2010-02-14 18:00 . 2010-02-14 18:00 2678 ----a-w- c:\windows\java\Packages\Data\P79FLVTR.DAT
2010-02-14 18:00 . 2010-02-14 18:00 2678 ----a-w- c:\windows\java\Packages\Data\HBD3NDFV.DAT
2010-02-14 17:57 . 2010-02-14 17:57 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-02-02 18:00 . 2010-02-17 17:57 85504 ----a-w- c:\windows\system32\ff_vfw.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"NvMediaCenter"="c:\windows\system32\NVMCTRAY.DLL" [2003-11-17 49152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-02-14 2957824]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-11-17 3022848]
"nwiz"="nwiz.exe" [2003-11-17 753664]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^MM^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=c:\documents and settings\MM\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"SharedAccess"=2 (0x2)
"mnmsrvc"=3 (0x3)
"Adobe LM Service"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22.3.2010 11:07 162640]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [14.2.2010 19:19 138752]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.3.2010 11:07 19024]
R2 MLPTDR_C;MLPTDR_C;c:\windows\system32\MLPTDR_C.SYS [4.9.2002 2:31 19296]
S0 NVStrap;NVStrap;c:\windows\system32\drivers\NVStrap.sys [22.3.2010 10:29 4224]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15.3.2010 17:07 691696]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.2.2010 10:01 135664]
.
Obsah adresáře 'Naplánované úlohy'
2010-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 09:00]
2010-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 09:00]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\MM\Data aplikací\Mozilla\Firefox\Profiles\dey35p3x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-PC Translator - c:\docume~1\MM\LOCALS~1\Temp\UN32.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-22 14:58
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-03-22 14:59:55
ComboFix-quarantined-files.txt 2010-03-22 13:59
Před spuštěním: Volných bajtů: 49 928 892 416
Po spuštění: Volných bajtů: 50 046 287 872
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
- - End Of File - - 25EA90E3C6049F4066B5922E81FE9FAC
ComboFix 10-03-21.04 - MM 22.03.2010 14:54:25.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1024.788 [GMT 1:00]
Spuštěný z: c:\documents and settings\MM\Dokumenty\Instal\combofix\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
ADS - WINDOWS: deleted 24 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\ieuinit.inf
c:\windows\system32\msssc.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-22 do 2010-03-22 )))))))))))))))))))))))))))))))
.
2010-03-22 10:56 . 2010-03-22 10:56 -------- d-----w- c:\program files\VTTrader 2
2010-03-22 10:07 . 2010-03-09 11:08 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-03-22 10:07 . 2010-03-09 11:12 162640 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-03-22 10:07 . 2010-03-09 11:09 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-03-22 10:07 . 2010-03-09 11:12 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-03-22 10:07 . 2010-03-09 11:08 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-03-22 10:07 . 2010-03-09 11:08 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-03-22 10:07 . 2010-03-09 11:08 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-03-22 10:07 . 2010-03-09 11:24 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-03-22 10:07 . 2010-02-11 18:53 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-03-22 09:29 . 2009-08-22 18:25 4224 ----a-w- c:\windows\system32\drivers\NVStrap.sys
2010-03-22 08:29 . 2010-03-22 09:54 -------- d-----w- c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2010-03-22 07:42 . 2010-03-22 11:15 -------- d-----w- c:\windows\nview
2010-03-19 22:16 . 2010-03-19 22:16 -------- d-----w- c:\program files\Common Files\Digidesign
2010-03-19 22:16 . 2006-10-26 14:29 393216 ----a-w- c:\windows\system32\NI_IRC_1_2.dll
2010-03-19 22:16 . 2006-10-26 14:29 61440 ----a-w- c:\windows\system32\NI_DFD_1_5.dll
2010-03-19 22:15 . 2010-03-19 22:15 -------- d-----w- c:\program files\Native Instruments
2010-03-19 21:34 . 2010-03-22 09:55 -------- d-----w- c:\program files\Drumsite demo
2010-03-17 11:02 . 2010-03-17 11:03 -------- d-----w- C:\TRANSLAT
2010-03-17 10:16 . 2002-11-28 08:51 155648 ----a-w- c:\windows\system32\MSTMON_C.EXE
2010-03-17 10:16 . 2002-09-03 20:57 897024 ----a-w- c:\windows\system32\MSTMON_C.DLL
2010-03-17 10:04 . 2010-03-22 09:57 -------- d-----w- c:\windows\SxsCaPendDel
2010-03-15 21:16 . 2010-03-17 20:29 -------- d-----w- c:\program files\DivX
2010-03-15 16:07 . 2010-03-15 16:07 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-03-15 16:07 . 2010-03-15 16:08 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-03-15 11:35 . 2010-03-15 11:35 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-03-15 11:35 . 2010-02-09 14:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2010-03-15 11:35 . 2010-02-09 14:37 217127 ----a-w- c:\windows\system32\drv43260.dll
2010-03-15 11:35 . 2010-02-09 14:37 208935 ----a-w- c:\windows\system32\drv33260.dll
2010-03-15 11:35 . 2010-02-09 14:37 176165 ----a-w- c:\windows\system32\drv23260.dll
2010-03-15 11:35 . 2010-02-09 14:37 102439 ----a-w- c:\windows\system32\sipr3260.dll
2010-03-15 11:35 . 2010-02-09 14:37 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2010-03-15 11:34 . 2010-02-09 14:37 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2010-03-15 11:34 . 2010-03-15 11:35 -------- d-----w- c:\program files\VSO
2010-03-15 11:19 . 2010-03-15 11:32 -------- d-----w- c:\program files\VideoLAN
2010-03-15 10:58 . 2010-03-15 11:30 -------- d-----w- c:\program files\Webteh
2010-03-15 09:39 . 2010-03-15 09:39 -------- d-----w- c:\program files\OpenOffice.org 3
2010-03-14 13:56 . 2010-03-14 13:56 -------- d-----w- c:\program files\Sibelius Software
2010-03-11 13:32 . 2010-03-11 13:32 -------- d-----w- c:\program files\Software602
2010-03-10 12:47 . 2010-03-10 12:50 -------- d-----w- C:\MetaTrader - Masterforex
2010-03-08 10:48 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-03-08 10:48 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-03-08 10:47 . 2010-03-08 10:47 -------- d-----w- c:\windows\Logs
2010-03-07 23:10 . 2001-03-23 15:29 880912 ----a-w- c:\windows\WM8EUTIL.exe
2010-03-07 23:10 . 2010-03-07 23:53 -------- d-----w- c:\program files\CD to MP3 Freeware
2010-03-07 22:59 . 2010-03-22 09:57 -------- d-----w- c:\program files\SlySoft
2010-03-05 15:25 . 2010-03-05 15:25 -------- d-----w- c:\documents and settings\MM\.oanda
2010-03-04 10:20 . 2010-03-22 09:56 -------- d-----w- c:\program files\Returnil
2010-02-25 09:01 . 2010-02-25 09:11 -------- d-----w- c:\program files\Google
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-22 13:29 . 2010-02-18 00:27 -------- d-----w- c:\program files\Trend Micro
2010-03-22 10:29 . 2010-02-14 18:26 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-03-22 07:29 . 2010-02-18 00:49 -------- d-----w- c:\program files\COMODO
2010-03-15 11:31 . 2010-02-14 19:51 -------- d-----w- c:\program files\Microsoft Silverlight
2010-03-14 13:59 . 2010-03-14 13:59 604 ---ha-w- c:\program files\STLL Notifier
2010-03-12 14:22 . 2001-10-25 12:00 86802 ----a-w- c:\windows\system32\perfc005.dat
2010-03-12 14:22 . 2001-10-25 12:00 439276 ----a-w- c:\windows\system32\perfh005.dat
2010-02-19 19:47 . 2010-02-15 21:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-19 19:43 . 2010-02-19 19:43 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2010-02-19 11:29 . 2010-02-14 18:18 -------- d-----w- c:\program files\Alwil Software
2010-02-18 11:08 . 2010-02-18 11:03 -------- d-----w- c:\program files\The KMPlayer
2010-02-17 17:59 . 2010-02-17 17:57 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-02-17 11:13 . 2010-02-14 19:43 737280 ----a-w- c:\windows\iun6002.exe
2010-02-17 09:56 . 2010-02-17 09:56 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-17 09:56 . 2010-02-17 09:56 -------- d-----w- c:\program files\Java
2010-02-16 10:00 . 2010-02-14 18:19 -------- d-----w- c:\program files\Spyware Terminator
2010-02-16 00:17 . 2010-02-16 00:16 -------- d-----w- c:\program files\Databox
2010-02-15 20:36 . 2010-02-15 20:36 -------- d-----w- c:\program files\CRMfree
2010-02-15 19:54 . 2010-02-15 19:29 -------- d-----w- c:\program files\MSSQL2005
2010-02-15 19:41 . 2010-02-15 19:41 -------- d-----w- c:\program files\Microsoft.NET
2010-02-15 19:41 . 2010-02-15 19:34 -------- d-----w- c:\program files\Microsoft SQL Server
2010-02-15 19:38 . 2010-02-15 19:38 -------- d-----w- c:\program files\MSXML 6.0
2010-02-14 20:27 . 2010-02-14 20:27 -------- d-----w- c:\program files\Common Files\Real
2010-02-14 20:27 . 2010-02-14 20:27 -------- d-----w- c:\program files\Real
2010-02-14 20:08 . 2010-02-14 20:08 -------- d-----w- c:\program files\CCleaner
2010-02-14 19:20 . 2010-02-14 19:20 -------- d-----w- c:\program files\Borland
2010-02-14 18:51 . 2010-02-14 18:51 0 ----a-w- c:\windows\nsreg.dat
2010-02-14 18:48 . 2010-02-14 18:48 -------- d-----w- c:\program files\MozBackup
2010-02-14 18:47 . 2010-02-14 17:59 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2010-02-14 18:47 . 2010-02-14 17:59 2724 ----a-w- c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2010-02-14 18:44 . 2010-02-14 17:59 8972 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cntstore.bin
2010-02-14 18:25 . 2010-02-14 18:25 -------- d-----w- c:\program files\IrfanView
2010-02-14 18:24 . 2010-02-14 18:24 -------- d-----w- c:\program files\7-Zip
2010-02-14 18:23 . 2010-02-14 18:23 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-02-14 18:21 . 2010-02-14 18:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-14 18:21 . 2010-02-14 18:21 -------- d-----w- c:\program files\Analog Devices
2010-02-14 18:21 . 2010-02-14 18:10 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-14 18:19 . 2010-02-14 18:19 138752 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-02-14 18:00 . 2010-02-14 18:00 -------- d-----w- c:\program files\microsoft frontpage
2010-02-14 18:00 . 2010-02-14 18:00 2678 ----a-w- c:\windows\java\Packages\Data\XZ7TZ5FX.DAT
2010-02-14 18:00 . 2010-02-14 18:00 558142 ----a-w- c:\windows\java\Packages\L317JRZJ.ZIP
2010-02-14 18:00 . 2010-02-14 18:00 2678 ----a-w- c:\windows\java\Packages\Data\PFNXV9JF.DAT
2010-02-14 18:00 . 2010-02-14 18:00 155995 ----a-w- c:\windows\java\Packages\G39J3LVL.ZIP
2010-02-14 18:00 . 2010-02-14 18:00 2678 ----a-w- c:\windows\java\Packages\Data\UOVLBZZZ.DAT
2010-02-14 18:00 . 2010-02-14 18:00 2678 ----a-w- c:\windows\java\Packages\Data\P79FLVTR.DAT
2010-02-14 18:00 . 2010-02-14 18:00 2678 ----a-w- c:\windows\java\Packages\Data\HBD3NDFV.DAT
2010-02-14 17:57 . 2010-02-14 17:57 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-02-02 18:00 . 2010-02-17 17:57 85504 ----a-w- c:\windows\system32\ff_vfw.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"NvMediaCenter"="c:\windows\system32\NVMCTRAY.DLL" [2003-11-17 49152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-02-14 2957824]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-03-09 2769336]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-11-17 3022848]
"nwiz"="nwiz.exe" [2003-11-17 753664]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^MM^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=c:\documents and settings\MM\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2 (0x2)
"wscsvc"=2 (0x2)
"SharedAccess"=2 (0x2)
"mnmsrvc"=3 (0x3)
"Adobe LM Service"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [22.3.2010 11:07 162640]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [14.2.2010 19:19 138752]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [22.3.2010 11:07 19024]
R2 MLPTDR_C;MLPTDR_C;c:\windows\system32\MLPTDR_C.SYS [4.9.2002 2:31 19296]
S0 NVStrap;NVStrap;c:\windows\system32\drivers\NVStrap.sys [22.3.2010 10:29 4224]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15.3.2010 17:07 691696]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.2.2010 10:01 135664]
.
Obsah adresáře 'Naplánované úlohy'
2010-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 09:00]
2010-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 09:00]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\MM\Data aplikací\Mozilla\Firefox\Profiles\dey35p3x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-PC Translator - c:\docume~1\MM\LOCALS~1\Temp\UN32.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-22 14:58
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-03-22 14:59:55
ComboFix-quarantined-files.txt 2010-03-22 13:59
Před spuštěním: Volných bajtů: 49 928 892 416
Po spuštění: Volných bajtů: 50 046 287 872
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
- - End Of File - - 25EA90E3C6049F4066B5922E81FE9FAC
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu logu - samovolné restartování compu
Stáhněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229- Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
- Nic nemažte MBAM má občas falešné detekce a mohl by smazat např. systémové soubory.
- Log vložte sem.
Re: prosím o kontrolu logu - samovolné restartování compu
mám zaplou ochranu vypnout nebbezpečně
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu logu - samovolné restartování compu
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3899
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
22.3.2010 15:16:20
mbam-log-2010-03-22 (15-16-20).txt
Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 115123
Uplynulý čas: 5 minute(s), 15 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
Verze databáze: 3899
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
22.3.2010 15:16:20
mbam-log-2010-03-22 (15-16-20).txt
Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 115123
Uplynulý čas: 5 minute(s), 15 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu logu - samovolné restartování compu
Caroprd111 píše:
- Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
- Nic nemažte
- Log vložte sem.
Re: prosím o kontrolu logu - samovolné restartování compu
tak ještě jednou a lépe sorry
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3899
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
22.3.2010 16:12:56
mbam-log-2010-03-22 (16-12-50).txt
Typ kontroly: Kompletní kontrola (C:\|)
Zkontrolované objekty: 167477
Uplynulý čas: 52 minute(s), 49 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 2
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
C:\Documents and Settings\MM\Dokumenty\Instal\Sibelius\BLESSiNG.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{981DBEA5-3FA3-4711-889C-AEA01696DAA2}\RP33\A0037096.dll (Trojan.FakeAlert)
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3899
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
22.3.2010 16:12:56
mbam-log-2010-03-22 (16-12-50).txt
Typ kontroly: Kompletní kontrola (C:\|)
Zkontrolované objekty: 167477
Uplynulý čas: 52 minute(s), 49 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 2
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
C:\Documents and Settings\MM\Dokumenty\Instal\Sibelius\BLESSiNG.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{981DBEA5-3FA3-4711-889C-AEA01696DAA2}\RP33\A0037096.dll (Trojan.FakeAlert)
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu logu - samovolné restartování compu
Vše, co našel MBAM smažte a napište stav PC.
Re: prosím o kontrolu logu - samovolné restartování compu
stav je takový, že je to stejné obávám se, že jde o hard. chybu. velice děkuji za váš čas.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu logu - samovolné restartování compu
Také mám takový pocit. 
Poprosím o nový log z RSIT, ještě dočistíme.
Poprosím o nový log z RSIT, ještě dočistíme.Re: prosím o kontrolu logu - samovolné restartování compu
Logfile of random's system information tool 1.06 (written by random/random)
Run by MM at 2010-03-22 16:49:34
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 48 GB (61%) free of 78 GB
Total RAM: 1280 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:49:42, on 22.3.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\TRANSLAT\WTRAN32.EXE
C:\Documents and Settings\MM\Dokumenty\Instal\RSIT\RSIT.exe
C:\Program Files\trend micro\MM.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 4052 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-17 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-17 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-02-14 2957824]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-03-09 2769336]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-11-17 3022848]
"nwiz"=nwiz.exe /install []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"NvMediaCenter"=C:\WINDOWS\system32\NVMCTRAY.DLL [2003-11-17 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^MM^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2
"wscsvc"=2
"SharedAccess"=2
"mnmsrvc"=3
"Adobe LM Service"=3
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-03-22 15:09:35 ----D---- C:\Documents and Settings\MM\Data aplikací\Malwarebytes
2010-03-22 15:09:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-03-22 15:09:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-22 14:59:58 ----D---- C:\WINDOWS\temp
2010-03-22 14:59:56 ----A---- C:\ComboFix.txt
2010-03-22 14:52:23 ----A---- C:\Boot.bak
2010-03-22 14:52:14 ----RASHD---- C:\cmdcons
2010-03-22 14:51:15 ----A---- C:\WINDOWS\NIRCMD.exe
2010-03-22 14:51:15 ----A---- C:\WINDOWS\MBR.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\zip.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\SWSC.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\SWREG.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\sed.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\PEV.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\grep.exe
2010-03-22 14:50:57 ----D---- C:\WINDOWS\ERDNT
2010-03-22 14:49:32 ----D---- C:\Qoobox
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrszht.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrstr.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrssv.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrssl.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrssk.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsru.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrspt.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrspl.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsno.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsko.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsja.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsit.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrshu.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrshe.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nwiz.exe
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrses.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvudisp.exe
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvshell.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrses.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrseng.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsel.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsde.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsda.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrscs.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsar.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nviewimg.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nview.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvappbar.exe
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\keystone.exe
2010-03-22 12:12:28 ----A---- C:\WINDOWS\system32\VGAunistlog.ini
2010-03-22 11:56:28 ----D---- C:\Program Files\VTTrader 2
2010-03-22 11:07:08 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-03-22 09:29:57 ----D---- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2010-03-22 08:45:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2010-03-22 08:42:46 ----D---- C:\WINDOWS\nview
2010-03-19 23:16:22 ----D---- C:\Program Files\Common Files\Digidesign
2010-03-19 23:16:07 ----A---- C:\WINDOWS\system32\NI_IRC_1_2.dll
2010-03-19 23:16:06 ----A---- C:\WINDOWS\system32\NI_DFD_1_5.dll
2010-03-19 23:15:54 ----D---- C:\Program Files\Native Instruments
2010-03-19 22:35:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Drumsite
2010-03-19 22:34:10 ----D---- C:\Program Files\Drumsite demo
2010-03-17 15:05:25 ----D---- C:\Documents and Settings\MM\Data aplikací\DivX
2010-03-17 14:55:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-03-17 12:03:59 ----A---- C:\WINDOWS\TRNCOM.INI
2010-03-17 12:02:47 ----A---- C:\WINDOWS\WTRDCTM.INI
2010-03-17 12:02:19 ----D---- C:\TRANSLAT
2010-03-17 12:02:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\LangSoft
2010-03-17 11:16:30 ----A---- C:\WINDOWS\system32\MSTMON_C.EXE
2010-03-17 11:16:30 ----A---- C:\WINDOWS\system32\MSTMON_C.DLL
2010-03-17 11:16:30 ----A---- C:\WINDOWS\MSTMON_C.INI
2010-03-17 11:16:30 ----A---- C:\WINDOWS\MRDM50_C.TXT
2010-03-17 11:16:30 ----A---- C:\WINDOWS\MRDM00_C.TXT
2010-03-17 11:04:18 ----D---- C:\WINDOWS\SxsCaPendDel
2010-03-15 22:16:39 ----D---- C:\Program Files\DivX
2010-03-15 17:07:25 ----D---- C:\Program Files\DAEMON Tools Lite
2010-03-15 17:07:07 ----D---- C:\Documents and Settings\MM\Data aplikací\DAEMON Tools Lite
2010-03-15 17:07:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2010-03-15 12:35:31 ----D---- C:\Documents and Settings\MM\Data aplikací\Vso
2010-03-15 12:35:31 ----A---- C:\Documents and Settings\MM\Data aplikací\inst.exe
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\sipr3260.dll
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\drv43260.dll
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\drv33260.dll
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\drv23260.dll
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\cook3260.dll
2010-03-15 12:35:01 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2010-03-15 12:34:59 ----A---- C:\WINDOWS\system32\wvc1dmod.dll
2010-03-15 12:34:56 ----D---- C:\Program Files\VSO
2010-03-15 12:20:49 ----D---- C:\Documents and Settings\MM\Data aplikací\vlc
2010-03-15 12:19:26 ----D---- C:\Program Files\VideoLAN
2010-03-15 11:58:13 ----D---- C:\Documents and Settings\MM\Data aplikací\BSplayer Pro
2010-03-15 11:58:10 ----D---- C:\Program Files\Webteh
2010-03-15 10:45:46 ----D---- C:\Documents and Settings\MM\Data aplikací\OpenOffice.org
2010-03-15 10:39:37 ----D---- C:\Program Files\OpenOffice.org 3
2010-03-14 14:59:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sibelius Software
2010-03-14 14:59:12 ----D---- C:\Documents and Settings\MM\Data aplikací\Sibelius Software
2010-03-14 14:56:25 ----D---- C:\Program Files\Sibelius Software
2010-03-11 14:32:47 ----D---- C:\Program Files\Software602
2010-03-10 13:47:46 ----D---- C:\MetaTrader - Masterforex
2010-03-08 11:48:15 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-03-08 11:48:13 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-08 11:47:57 ----D---- C:\WINDOWS\Logs
2010-03-08 11:46:50 ----A---- C:\WINDOWS\system32\setb3.tmp
2010-03-08 00:10:44 ----A---- C:\WINDOWS\WM8EUTIL.exe
2010-03-08 00:10:43 ----D---- C:\Program Files\CD to MP3 Freeware
2010-03-07 23:59:29 ----D---- C:\Program Files\SlySoft
2010-03-04 11:20:40 ----D---- C:\Program Files\Returnil
2010-03-01 09:20:03 ----D---- C:\Documents and Settings\MM\Data aplikací\Google
2010-02-25 10:01:05 ----D---- C:\Program Files\Google
2010-02-23 09:34:52 ----D---- C:\Documents and Settings\MM\Data aplikací\GetRightToGo
======List of files/folders modified in the last 1 months======
2010-03-22 16:49:37 ----D---- C:\Program Files\Trend Micro
2010-03-22 16:48:17 ----D---- C:\WINDOWS\Prefetch
2010-03-22 16:43:57 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-22 16:43:19 ----AD---- C:\WINDOWS
2010-03-22 16:16:24 ----D---- C:\WINDOWS\system32\drivers
2010-03-22 16:15:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-22 15:09:24 ----RD---- C:\Program Files
2010-03-22 15:03:15 ----D---- C:\Documents and Settings\MM\Data aplikací\Spyware Terminator
2010-03-22 14:58:05 ----A---- C:\WINDOWS\system.ini
2010-03-22 14:57:42 ----D---- C:\WINDOWS\system32
2010-03-22 14:56:16 ----D---- C:\WINDOWS\AppPatch
2010-03-22 14:56:06 ----D---- C:\Program Files\Common Files
2010-03-22 14:52:23 ----RASH---- C:\boot.ini
2010-03-22 12:36:43 ----D---- C:\WINDOWS\Minidump
2010-03-22 12:15:23 ----D---- C:\WINDOWS\Help
2010-03-22 12:14:11 ----HD---- C:\WINDOWS\inf
2010-03-22 12:14:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-22 12:13:55 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-22 11:29:07 ----D---- C:\Program Files\Mozilla Thunderbird
2010-03-22 11:07:18 ----SHD---- C:\WINDOWS\Installer
2010-03-22 11:07:17 ----D---- C:\WINDOWS\WinSxS
2010-03-22 11:07:16 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-22 08:29:56 ----D---- C:\Program Files\COMODO
2010-03-21 19:09:59 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-19 17:35:18 ----D---- C:\Program Files\Messenger
2010-03-17 12:03:41 ----D---- C:\Documents and Settings\MM\Data aplikací\LangSoft
2010-03-15 12:31:42 ----D---- C:\Program Files\Microsoft Silverlight
2010-03-15 12:31:21 ----SD---- C:\Documents and Settings\MM\Data aplikací\Microsoft
2010-03-15 10:42:25 ----RSD---- C:\WINDOWS\assembly
2010-03-15 10:40:09 ----RSD---- C:\WINDOWS\Fonts
2010-03-12 15:22:08 ----D---- C:\WINDOWS\system32\wbem
2010-03-12 15:22:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-08 11:50:08 ----D---- C:\WINDOWS\security
2010-03-08 11:48:20 ----D---- C:\WINDOWS\system32\DirectX
2010-03-08 11:47:14 ----D---- C:\Program Files\Windows Media Player
2010-03-08 11:47:12 ----D---- C:\WINDOWS\RegisteredPackages
2010-03-08 11:47:12 ----D---- C:\WINDOWS\Debug
2010-02-25 17:57:34 ----D---- C:\Documents and Settings\MM\Data aplikací\Adobe
2010-02-25 10:01:38 ----SD---- C:\WINDOWS\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-03-09 28880]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-03-09 162640]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-03-09 46672]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\System32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-03-09 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-03-09 100432]
R2 MLPTDR_C;MLPTDR_C; \??\C:\WINDOWS\system32\MLPTDR_C.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-03-09 23376]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2003-11-17 1618939]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-03-15 47360]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 auxtzt4a;auxtzt4a; C:\WINDOWS\system32\drivers\auxtzt4a.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\MM\LOCALS~1\Temp\catchme.sys []
S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2003-11-17 77824]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-02-14 1097216]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-02-19 72704]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
-----------------EOF-----------------
Run by MM at 2010-03-22 16:49:34
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 48 GB (61%) free of 78 GB
Total RAM: 1280 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:49:42, on 22.3.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\TRANSLAT\WTRAN32.EXE
C:\Documents and Settings\MM\Dokumenty\Instal\RSIT\RSIT.exe
C:\Program Files\trend micro\MM.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 4052 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-17 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-17 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-02-14 2957824]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-03-09 2769336]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2003-11-17 3022848]
"nwiz"=nwiz.exe /install []
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"NvMediaCenter"=C:\WINDOWS\system32\NVMCTRAY.DLL [2003-11-17 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^MM^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2005-03-16 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wuauserv"=2
"wscsvc"=2
"SharedAccess"=2
"mnmsrvc"=3
"Adobe LM Service"=3
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-03-22 15:09:35 ----D---- C:\Documents and Settings\MM\Data aplikací\Malwarebytes
2010-03-22 15:09:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-03-22 15:09:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-22 14:59:58 ----D---- C:\WINDOWS\temp
2010-03-22 14:59:56 ----A---- C:\ComboFix.txt
2010-03-22 14:52:23 ----A---- C:\Boot.bak
2010-03-22 14:52:14 ----RASHD---- C:\cmdcons
2010-03-22 14:51:15 ----A---- C:\WINDOWS\NIRCMD.exe
2010-03-22 14:51:15 ----A---- C:\WINDOWS\MBR.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\zip.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\SWSC.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\SWREG.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\sed.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\PEV.exe
2010-03-22 14:51:14 ----A---- C:\WINDOWS\grep.exe
2010-03-22 14:50:57 ----D---- C:\WINDOWS\ERDNT
2010-03-22 14:49:32 ----D---- C:\Qoobox
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrszht.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrstr.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrssv.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrssl.dll
2010-03-22 12:14:03 ----A---- C:\WINDOWS\system32\nvrssk.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsru.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrspt.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrspl.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsno.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsko.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsja.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrsit.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrshu.dll
2010-03-22 12:14:02 ----A---- C:\WINDOWS\system32\nvrshe.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nwiz.exe
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrses.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvudisp.exe
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvshell.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrses.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrseng.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsel.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsde.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsda.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrscs.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvrsar.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nviewimg.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nview.dll
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\nvappbar.exe
2010-03-22 12:14:01 ----A---- C:\WINDOWS\system32\keystone.exe
2010-03-22 12:12:28 ----A---- C:\WINDOWS\system32\VGAunistlog.ini
2010-03-22 11:56:28 ----D---- C:\Program Files\VTTrader 2
2010-03-22 11:07:08 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-03-22 09:29:57 ----D---- C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2010-03-22 08:45:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2010-03-22 08:42:46 ----D---- C:\WINDOWS\nview
2010-03-19 23:16:22 ----D---- C:\Program Files\Common Files\Digidesign
2010-03-19 23:16:07 ----A---- C:\WINDOWS\system32\NI_IRC_1_2.dll
2010-03-19 23:16:06 ----A---- C:\WINDOWS\system32\NI_DFD_1_5.dll
2010-03-19 23:15:54 ----D---- C:\Program Files\Native Instruments
2010-03-19 22:35:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Drumsite
2010-03-19 22:34:10 ----D---- C:\Program Files\Drumsite demo
2010-03-17 15:05:25 ----D---- C:\Documents and Settings\MM\Data aplikací\DivX
2010-03-17 14:55:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-03-17 12:03:59 ----A---- C:\WINDOWS\TRNCOM.INI
2010-03-17 12:02:47 ----A---- C:\WINDOWS\WTRDCTM.INI
2010-03-17 12:02:19 ----D---- C:\TRANSLAT
2010-03-17 12:02:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\LangSoft
2010-03-17 11:16:30 ----A---- C:\WINDOWS\system32\MSTMON_C.EXE
2010-03-17 11:16:30 ----A---- C:\WINDOWS\system32\MSTMON_C.DLL
2010-03-17 11:16:30 ----A---- C:\WINDOWS\MSTMON_C.INI
2010-03-17 11:16:30 ----A---- C:\WINDOWS\MRDM50_C.TXT
2010-03-17 11:16:30 ----A---- C:\WINDOWS\MRDM00_C.TXT
2010-03-17 11:04:18 ----D---- C:\WINDOWS\SxsCaPendDel
2010-03-15 22:16:39 ----D---- C:\Program Files\DivX
2010-03-15 17:07:25 ----D---- C:\Program Files\DAEMON Tools Lite
2010-03-15 17:07:07 ----D---- C:\Documents and Settings\MM\Data aplikací\DAEMON Tools Lite
2010-03-15 17:07:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2010-03-15 12:35:31 ----D---- C:\Documents and Settings\MM\Data aplikací\Vso
2010-03-15 12:35:31 ----A---- C:\Documents and Settings\MM\Data aplikací\inst.exe
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\sipr3260.dll
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\drv43260.dll
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\drv33260.dll
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\drv23260.dll
2010-03-15 12:35:05 ----A---- C:\WINDOWS\system32\cook3260.dll
2010-03-15 12:35:01 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2010-03-15 12:34:59 ----A---- C:\WINDOWS\system32\wvc1dmod.dll
2010-03-15 12:34:56 ----D---- C:\Program Files\VSO
2010-03-15 12:20:49 ----D---- C:\Documents and Settings\MM\Data aplikací\vlc
2010-03-15 12:19:26 ----D---- C:\Program Files\VideoLAN
2010-03-15 11:58:13 ----D---- C:\Documents and Settings\MM\Data aplikací\BSplayer Pro
2010-03-15 11:58:10 ----D---- C:\Program Files\Webteh
2010-03-15 10:45:46 ----D---- C:\Documents and Settings\MM\Data aplikací\OpenOffice.org
2010-03-15 10:39:37 ----D---- C:\Program Files\OpenOffice.org 3
2010-03-14 14:59:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sibelius Software
2010-03-14 14:59:12 ----D---- C:\Documents and Settings\MM\Data aplikací\Sibelius Software
2010-03-14 14:56:25 ----D---- C:\Program Files\Sibelius Software
2010-03-11 14:32:47 ----D---- C:\Program Files\Software602
2010-03-10 13:47:46 ----D---- C:\MetaTrader - Masterforex
2010-03-08 11:48:15 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-03-08 11:48:13 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-03-08 11:47:57 ----D---- C:\WINDOWS\Logs
2010-03-08 11:46:50 ----A---- C:\WINDOWS\system32\setb3.tmp
2010-03-08 00:10:44 ----A---- C:\WINDOWS\WM8EUTIL.exe
2010-03-08 00:10:43 ----D---- C:\Program Files\CD to MP3 Freeware
2010-03-07 23:59:29 ----D---- C:\Program Files\SlySoft
2010-03-04 11:20:40 ----D---- C:\Program Files\Returnil
2010-03-01 09:20:03 ----D---- C:\Documents and Settings\MM\Data aplikací\Google
2010-02-25 10:01:05 ----D---- C:\Program Files\Google
2010-02-23 09:34:52 ----D---- C:\Documents and Settings\MM\Data aplikací\GetRightToGo
======List of files/folders modified in the last 1 months======
2010-03-22 16:49:37 ----D---- C:\Program Files\Trend Micro
2010-03-22 16:48:17 ----D---- C:\WINDOWS\Prefetch
2010-03-22 16:43:57 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-22 16:43:19 ----AD---- C:\WINDOWS
2010-03-22 16:16:24 ----D---- C:\WINDOWS\system32\drivers
2010-03-22 16:15:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-22 15:09:24 ----RD---- C:\Program Files
2010-03-22 15:03:15 ----D---- C:\Documents and Settings\MM\Data aplikací\Spyware Terminator
2010-03-22 14:58:05 ----A---- C:\WINDOWS\system.ini
2010-03-22 14:57:42 ----D---- C:\WINDOWS\system32
2010-03-22 14:56:16 ----D---- C:\WINDOWS\AppPatch
2010-03-22 14:56:06 ----D---- C:\Program Files\Common Files
2010-03-22 14:52:23 ----RASH---- C:\boot.ini
2010-03-22 12:36:43 ----D---- C:\WINDOWS\Minidump
2010-03-22 12:15:23 ----D---- C:\WINDOWS\Help
2010-03-22 12:14:11 ----HD---- C:\WINDOWS\inf
2010-03-22 12:14:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-22 12:13:55 ----D---- C:\WINDOWS\system32\CatRoot
2010-03-22 11:29:07 ----D---- C:\Program Files\Mozilla Thunderbird
2010-03-22 11:07:18 ----SHD---- C:\WINDOWS\Installer
2010-03-22 11:07:17 ----D---- C:\WINDOWS\WinSxS
2010-03-22 11:07:16 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-03-22 08:29:56 ----D---- C:\Program Files\COMODO
2010-03-21 19:09:59 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-03-19 17:35:18 ----D---- C:\Program Files\Messenger
2010-03-17 12:03:41 ----D---- C:\Documents and Settings\MM\Data aplikací\LangSoft
2010-03-15 12:31:42 ----D---- C:\Program Files\Microsoft Silverlight
2010-03-15 12:31:21 ----SD---- C:\Documents and Settings\MM\Data aplikací\Microsoft
2010-03-15 10:42:25 ----RSD---- C:\WINDOWS\assembly
2010-03-15 10:40:09 ----RSD---- C:\WINDOWS\Fonts
2010-03-12 15:22:08 ----D---- C:\WINDOWS\system32\wbem
2010-03-12 15:22:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-08 11:50:08 ----D---- C:\WINDOWS\security
2010-03-08 11:48:20 ----D---- C:\WINDOWS\system32\DirectX
2010-03-08 11:47:14 ----D---- C:\Program Files\Windows Media Player
2010-03-08 11:47:12 ----D---- C:\WINDOWS\RegisteredPackages
2010-03-08 11:47:12 ----D---- C:\WINDOWS\Debug
2010-02-25 17:57:34 ----D---- C:\Documents and Settings\MM\Data aplikací\Adobe
2010-02-25 10:01:38 ----SD---- C:\WINDOWS\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-03-09 28880]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-03-09 162640]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-03-09 46672]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\System32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-03-09 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-03-09 100432]
R2 MLPTDR_C;MLPTDR_C; \??\C:\WINDOWS\system32\MLPTDR_C.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-03-09 23376]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2003-11-17 1618939]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-03-15 47360]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 auxtzt4a;auxtzt4a; C:\WINDOWS\system32\drivers\auxtzt4a.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\MM\LOCALS~1\Temp\catchme.sys []
S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner32.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2003-11-17 77824]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-02-14 1097216]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-03-09 40384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-02-19 72704]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: prosím o kontrolu logu - samovolné restartování compu
Odinstalujte ComboFix přes:Start >> Spustit, zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
Stáhněte T-Cleanerhttp://sweb.cz/Marinus/T-Cleaner.exe
- Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
- Po použití program vymažte. Pozor,antiviry ho mohou falešně označit za vir.
Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe
- Spusťte.
- Klikněte na "CleanUp!". Potvrďte hlášky stiskem "Yes" (Bude následovat restart)
Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
- Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
Záložka Čistič - Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
Záložka Registry - Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít
Doinstalujte SP3 http://www.viry.cz/forum/viewtopic.php?f=46&t=86100 V logu nevidím firewall, doinstalujte Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523 Tohle otestujte na http://www.virustotal.com/cs/ C:\WINDOWS\system32\NI_IRC_1_2.dll
C:\WINDOWS\system32\NI_DFD_1_5.dll
(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)
Přispějete na provoz fóra?