Dobrý den,
mužete mi zkontrolovat logy. Muj pc odesila spam. Raději jsem ho hned odpojil od netu. Děkuji.
RSIT:
Logfile of random's system information tool 1.07 (written by random/random)
Run by Holcova at 2010-05-08 22:21:54
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 62 GB (81%) free of 76 GB
Total RAM: 2031 MB (74% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-07 1088296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5499BCB1-5641-4A4C-9F75-462D4D8D0DA0}]
Cole2k Media Toolbar Helper - C:\Program Files\Cole2k Media Toolbar\v3.3.0.1\Cole2k_Media_Toolbar.dll [2009-02-02 806912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8AE33802-00D3-4F1B-B5C7-6FEE34E402CE} - Cole2k Media Toolbar - C:\Program Files\Cole2k Media Toolbar\v3.3.0.1\Cole2k_Media_Toolbar.dll [2009-02-02 806912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-10-14 110592]
"IgfxTray"=C:\WINDOWS\System32\igfxtray.exe [2006-08-14 98304]
"HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2006-08-14 114688]
"Persistence"=C:\WINDOWS\System32\igfxpers.exe [2006-08-14 94208]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP OrderReminder Cleaner]
C:\WINDOWS\hporclnr.exe [2006-12-27 104960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
C:\WINDOWS\KHALMNPR.EXE [2005-11-03 28160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-26 161328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [2006-12-27 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-08-07 573440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-10-21 761945]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zástupce stránky vlastností sběrnice High Definition Audio]
C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TOSBTM~1.EXE [2006-05-24 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
C:\PROGRA~1\SetPoint\SetPoint.exe [2005-11-23 532480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\20DEB9~1.181\SSSCHE~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-18 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Holcova^Nabídka Start^Programy^Po spuštění^PMB Media Check Tool.lnk]
C:\PROGRA~1\Sony\SONYPI~1\PMBCore\SPUVOL~1.EXE [2008-11-13 333088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NMIndexingService"=3
"McComponentHostService"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-08-14 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Aplikace\Balicky\asa\win32\dbeng7.exe"="C:\Aplikace\Balicky\asa\win32\dbeng7.exe:*:Enabled:Adaptive Server Anywhere Database Engine"
"C:\Aplikace\Balicky\j2re1.4.2_03\bin\java.exe"="C:\Aplikace\Balicky\j2re1.4.2_03\bin\java.exe:*:Enabled:java"
"C:\Program Files\Kooperativa\KalkZiv\Kalk_ziv.exe"="C:\Program Files\Kooperativa\KalkZiv\Kalk_ziv.exe:*:Enabled:Kalk_ziv"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1005MC.EXE"="C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1005MC.EXE:*:Disabled:SMLMProxy Module - HP1005MC.EXE"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-05-08 22:21:54 ----D---- C:\rsit
2010-05-08 22:21:54 ----D---- C:\Program Files\trend micro
2010-05-08 22:21:02 ----A---- C:\ComboFix.txt
2010-05-08 22:05:28 ----A---- C:\Boot.bak
2010-05-08 22:05:12 ----RASHD---- C:\cmdcons
2010-05-08 21:58:49 ----A---- C:\WINDOWS\zip.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\SWSC.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\SWREG.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\sed.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\PEV.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\NIRCMD.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\MBR.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\grep.exe
2010-05-08 21:58:38 ----D---- C:\WINDOWS\ERDNT
2010-05-08 21:58:04 ----D---- C:\Qoobox
2010-05-08 20:26:36 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-05-08 20:26:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-05-08 18:28:06 ----D---- C:\Program Files\Ultimate Process Manager
2010-04-26 10:50:17 ----A---- C:\WINDOWS\system32\NCTWMAFile2.dll
2010-04-26 10:50:15 ----A---- C:\WINDOWS\system32\NCTAudioVisualization2.dll
2010-04-26 10:50:13 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2010-04-26 10:50:12 ----A---- C:\WINDOWS\system32\NCTAudioRecord2.dll
2010-04-26 10:50:10 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2010-04-26 10:50:08 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2010-04-26 10:50:04 ----A---- C:\WINDOWS\system32\NCTAudioFile2.dll
2010-04-26 10:50:02 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2010-04-26 10:50:01 ----A---- C:\WINDOWS\system32\NCTAudioDisplay2.dll
2010-04-26 10:49:58 ----A---- C:\WINDOWS\system32\NCTAudioDesign2.dll
2010-04-26 10:49:55 ----A---- C:\WINDOWS\system32\NCTAudioCDGrabber2.dll
2010-04-26 10:49:45 ----A---- C:\WINDOWS\system32\msvcr71d.dll
2010-04-26 10:49:44 ----A---- C:\WINDOWS\system32\msvcr70.dll
2010-04-26 10:49:43 ----D---- C:\Program Files\Magic Audio Editor Pro
2010-04-14 20:54:15 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 20:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 20:46:03 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-14 20:45:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 20:45:26 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 20:45:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 20:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
======List of files/folders modified in the last 1 months======
2010-05-08 22:21:54 ----RD---- C:\Program Files
2010-05-08 22:19:17 ----D---- C:\WINDOWS\Temp
2010-05-08 22:17:39 ----D---- C:\WINDOWS
2010-05-08 22:17:39 ----A---- C:\WINDOWS\system.ini
2010-05-08 22:11:02 ----D---- C:\WINDOWS\system32\drivers
2010-05-08 22:11:02 ----D---- C:\WINDOWS\system32
2010-05-08 22:11:02 ----D---- C:\WINDOWS\AppPatch
2010-05-08 22:10:50 ----D---- C:\Program Files\Common Files
2010-05-08 22:07:28 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-08 22:05:28 ----RASH---- C:\boot.ini
2010-05-08 21:59:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-08 21:58:48 ----SHD---- C:\System Volume Information
2010-05-08 21:58:48 ----D---- C:\WINDOWS\system32\Restore
2010-05-08 21:58:38 ----D---- C:\WINDOWS\Prefetch
2010-05-08 21:56:56 ----D---- C:\Documents and Settings\Holcova\Data aplikací\Skype
2010-05-08 18:21:54 ----D---- C:\Program Files\Mozilla Firefox
2010-05-08 17:35:06 ----D---- C:\Documents and Settings\Holcova\Data aplikací\skypePM
2010-05-01 13:58:11 ----A---- C:\fftrlog.txt
2010-04-28 21:18:45 ----D---- C:\ZFPA
2010-04-25 22:43:07 ----D---- C:\Program Files\Kooperativa
2010-04-15 19:25:59 ----HD---- C:\WINDOWS\inf
2010-04-14 20:54:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-14 20:53:50 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-14 20:53:43 ----A---- C:\WINDOWS\imsins.BAK
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-21 142848]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\ar5211.sys [2006-07-17 494080]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\ATK0100\ASNDIS5.SYS []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\igxpmp32.sys [2006-08-14 1109568]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 rimmptsk;rimmptsk; C:\WINDOWS\System32\DRIVERS\rimmptsk.sys [2005-09-17 28672]
R3 rimsptsk;rimsptsk; C:\WINDOWS\System32\DRIVERS\rimsptsk.sys [2005-09-14 50560]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\System32\DRIVERS\rixdptsk.sys [2005-09-30 310016]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 smserial;smserial; C:\WINDOWS\System32\DRIVERS\smserial.sys [2006-08-07 980608]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2005-10-21 191936]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\System32\DRIVERS\tosporte.sys [2006-04-19 47488]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-05-18 110976]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys [2006-05-09 62848]
R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\System32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-05-09 40192]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvm321;Vimicro USB PC Camera (VC0321); C:\WINDOWS\System32\Drivers\usbvm321.sys [2005-10-21 227840]
S3 catchme;catchme; \??\C:\DOCUME~1\Holcova\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HdAudAddService;Ovladač funkcí Microsoft UAA pro služby sběrnice High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\System32\DRIVERS\LHidKE.Sys [2005-11-03 27136]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2005-11-03 36608]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\System32\DRIVERS\LMouKE.Sys [2005-11-03 69376]
S3 mbr;mbr; \??\C:\DOCUME~1\Holcova\LOCALS~1\Temp\mbr.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2007-12-12 65536]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-09-29 266343]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2007-12-12 1531989]
S2 eISISPostgreSQL;eISIS PostgreSQL Database Server; c:\eISIS\servers\postgresql\bin\pg_ctl.exe runservice -N eISISPostgreSQL -D c:\eISIS\data\db\data []
S2 eISISTomcat;eISIS Tomcat; c:\eISIS\servers\tomcat\bin\tomcat5.exe //RS//eISISTomcat []
S2 KoopPdfService;KoopPdfService; C:\Program Files\Kooperativa\Services\KoopPDFServer.exe [2010-04-25 447488]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-26 267824]
-----------------EOF-----------------
-------------------------------------------
------------------------------------------
COMBOFIX:
ComboFix 10-05-07.07 - Holcova 08.05.2010 22:07:46.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2031.1556 [GMT 2:00]
Spuštěný z: c:\documents and settings\Holcova\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100507-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-08 do 2010-05-08 )))))))))))))))))))))))))))))))
.
2010-05-08 18:26 . 2010-05-08 19:51 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-05-08 16:28 . 2010-05-08 16:29 -------- d-----w- c:\program files\Ultimate Process Manager
2010-04-26 08:50 . 2005-05-26 18:00 403968 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2010-04-26 08:50 . 2005-03-28 21:54 478208 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll
2010-04-26 08:50 . 2005-05-31 22:02 522752 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2010-04-26 08:50 . 2005-06-01 18:12 467968 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2010-04-26 08:50 . 2005-06-01 18:11 467456 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2010-04-26 08:50 . 2005-06-01 18:15 966144 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2010-04-26 08:50 . 2005-06-01 18:11 877568 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2010-04-26 08:50 . 2005-04-15 18:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2010-04-26 08:50 . 2005-03-28 21:56 457728 ----a-w- c:\windows\system32\NCTAudioDisplay2.dll
2010-04-26 08:49 . 2005-03-28 21:57 1852416 ----a-w- c:\windows\system32\NCTAudioDesign2.dll
2010-04-26 08:49 . 2004-11-04 19:31 479744 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll
2010-04-26 08:49 . 2003-03-19 17:03 544768 ----a-w- c:\windows\system32\msvcr71d.dll
2010-04-26 08:49 . 2002-01-05 20:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2010-04-26 08:49 . 2010-04-26 08:51 -------- d-----w- c:\program files\Magic Audio Editor Pro
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-25 20:43 . 2007-08-15 19:02 -------- d-----w- c:\program files\Kooperativa
2010-03-28 07:04 . 2003-04-16 12:00 82750 ----a-w- c:\windows\system32\perfc005.dat
2010-03-28 07:04 . 2003-04-16 12:00 438070 ----a-w- c:\windows\system32\perfh005.dat
2010-03-20 10:25 . 2010-03-20 10:25 -------- d-----w- c:\program files\AEGON Expert 2.0
2010-03-11 12:36 . 2003-04-16 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:36 . 2007-10-08 09:09 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:36 . 2003-04-16 12:00 17408 ------w- c:\windows\system32\corpol.dll
2010-03-09 11:11 . 2003-04-16 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-24 13:11 . 2003-04-16 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-17 12:09 . 2003-04-16 12:00 2192128 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:09 . 2002-09-20 17:12 2068992 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 10:03 . 2010-03-07 17:06 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-12 04:35 . 2003-04-16 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2003-04-16 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2006-08-14 98304]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2006-08-14 114688]
"Persistence"="c:\windows\System32\igfxpers.exe" [2006-08-14 94208]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Holcova^Nabídka Start^Programy^Po spuštění^PMB Media Check Tool.lnk]
path=c:\documents and settings\Holcova\Nabídka Start\Programy\Po spuštění\PMB Media Check Tool.lnk
backup=c:\windows\pss\PMB Media Check Tool.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP OrderReminder Cleaner]
2006-12-27 13:23 104960 ----a-r- c:\windows\hporclnr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-12-05 20:55 54832 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2005-11-03 11:58 28160 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-26 10:12 161328 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
2006-12-27 13:23 98304 ----a-r- c:\program files\Hewlett-Packard\OrderReminder\OrderReminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2006-11-23 13:10 56928 ------w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2006-08-07 05:11 573440 ----a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2005-10-21 06:26 761945 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zástupce stránky vlastností sběrnice High Definition Audio]
2005-01-07 15:07 61952 ------w- c:\windows\system32\HdAShCut.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NMIndexingService"=3 (0x3)
"McComponentHostService"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Aplikace\\Balicky\\asa\\win32\\dbeng7.exe"=
"c:\\Aplikace\\Balicky\\j2re1.4.2_03\\bin\\java.exe"=
"c:\\Program Files\\Kooperativa\\KalkZiv\\Kalk_ziv.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\HP1005MC.EXE"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6.4.2008 17:47 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6.4.2008 17:47 20560]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
S2 eISISPostgreSQL;eISIS PostgreSQL Database Server;c:\eisis\servers\postgresql\bin\pg_ctl.exe runservice -N eISISPostgreSQL -D c:\eisis\data\db\data" --> c:\eisis\servers\postgresql\bin\pg_ctl.exe runservice -N eISISPostgreSQL -D c:\eisis\data\db\data [?]
S2 eISISTomcat;eISIS Tomcat;c:\eisis\servers\tomcat\bin\tomcat5.exe //RS//eISISTomcat --> c:\eisis\servers\tomcat\bin\tomcat5.exe [?]
S2 KoopPdfService;KoopPdfService;c:\program files\Kooperativa\Services\KoopPDFServer.exe [25.4.2010 22:43 447488]
.
Obsah adresáře 'Naplánované úlohy'
2010-04-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
FF - ProfilePath - c:\documents and settings\Holcova\Data aplikací\Mozilla\Firefox\Profiles\p5k69pem.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\windows\system32\C2MP\npdivx32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-08 22:17
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(1132)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-05-08 22:21:01
ComboFix-quarantined-files.txt 2010-05-08 20:20
Před spuštěním: Volných bajtů: 64 647 692 288
Po spuštění: Volných bajtů: 65 116 123 136
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
- - End Of File - - 9A5C47DD6021D78E8BC3E9791AC4C3F4
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pc odesila spam.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Pc odesila spam.
Dobré ráno. 
1) Skript do ComboFix-u
1) Skript do ComboFix-u
- Otevřete si Poznámkový blok [Start → Spustit → notepad → Enter].
- Do něj vkopírujte následující text:
Kód: Vybrat vše
KillAll:: Registry:: [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5499BCB1-5641-4A4C-9F75-462D4D8D0DA0}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{8AE33802-00D3-4F1B-B5C7-6FEE34E402CE}"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk] File:: c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk c:\windows\pss\Microsoft Office.lnkCommon Startup c:\windows\Tasks\AppleSoftwareUpdate.job Folder:: C:\Program Files\Cole2k Media Toolbar Reboot:: - Uložte tento soubor na Plochu pod jménem CFScript (koncovka .txt).
- Přetáhněte tento soubor nad ComboFix a pusťte ho.
- I tento soubor, i ComboFix musí být na Ploše!
- ComboFix se spustí a vykoná příkazy ze skriptu.
- Počítač bude pravděpodobně restartován.
- Po restartu na Vás vyskočí okno s logem, který mi vkopírujete sem ve formě textu.
inactive
Re: Pc odesila spam.
Dekuji.
ComboFix 10-05-07.07 - Holcova 09.05.2010 13:49:50.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2031.1555 [GMT 2:00]
Spuštěný z: c:\documents and settings\Holcova\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Holcova\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100507-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk"
"c:\windows\pss\Microsoft Office.lnkCommon Startup"
"c:\windows\Tasks\AppleSoftwareUpdate.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Cole2k Media Toolbar
c:\program files\Cole2k Media Toolbar\settings.dat
c:\program files\Cole2k Media Toolbar\uninstall.txt
c:\program files\Cole2k Media Toolbar\v3.3.0.1\Cole2k_Media_Toolbar.dll
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\ac.txt
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\firefox.xpi
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome.manifest
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\content\contents.rdf
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\content\firefox.js
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\content\firefox.xul
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\firefox.jar
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\jarzip.txt
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\skin\contents.rdf
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\skin\go.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\skin\Thumbs.db
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\skin\toolbar_logo.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\skin\tut_overlay.css
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\install.rdf
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\make.bat
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\xpizip.txt
c:\program files\Cole2k Media Toolbar\v3.3.0.1\installer.ico
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\go1.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\go1_hot.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\checkmark.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\intro_bg.png
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\intro_search_bracket.gif
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\intro_star_bullet.png
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\intro_toolbar.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\main_logo.jpg
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\Thumbs.db
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\toolbar_intro.htm
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\popup_blocker_off.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\popup_blocker_on.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\accuweather.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\amazon.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\dictionary.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\ebay.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\flickr.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\google_groups.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\google_images.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\google_maps.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\google_news.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\shopping.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\technorati.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\Thumbs.db
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\wikipedia.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\yahoo.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\yahoo_answers.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\youtube.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\searchbg.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\Thumbs.db
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\Toolbar.js
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\toolbar_logo.bmp
c:\windows\pss\Microsoft Office.lnkCommon Startup
c:\windows\Tasks\AppleSoftwareUpdate.job
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-09 do 2010-05-09 )))))))))))))))))))))))))))))))
.
2010-05-08 20:21 . 2010-05-08 20:21 -------- d-----w- C:\rsit
2010-05-08 20:21 . 2010-05-08 20:21 -------- d-----w- c:\program files\trend micro
2010-05-08 18:26 . 2010-05-08 19:51 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-05-08 16:28 . 2010-05-08 16:29 -------- d-----w- c:\program files\Ultimate Process Manager
2010-04-26 08:50 . 2005-05-26 18:00 403968 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2010-04-26 08:50 . 2005-03-28 21:54 478208 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll
2010-04-26 08:50 . 2005-05-31 22:02 522752 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2010-04-26 08:50 . 2005-06-01 18:12 467968 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2010-04-26 08:50 . 2005-06-01 18:11 467456 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2010-04-26 08:50 . 2005-06-01 18:15 966144 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2010-04-26 08:50 . 2005-06-01 18:11 877568 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2010-04-26 08:50 . 2005-04-15 18:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2010-04-26 08:50 . 2005-03-28 21:56 457728 ----a-w- c:\windows\system32\NCTAudioDisplay2.dll
2010-04-26 08:49 . 2005-03-28 21:57 1852416 ----a-w- c:\windows\system32\NCTAudioDesign2.dll
2010-04-26 08:49 . 2004-11-04 19:31 479744 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll
2010-04-26 08:49 . 2003-03-19 17:03 544768 ----a-w- c:\windows\system32\msvcr71d.dll
2010-04-26 08:49 . 2002-01-05 20:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2010-04-26 08:49 . 2010-04-26 08:51 -------- d-----w- c:\program files\Magic Audio Editor Pro
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-25 20:43 . 2007-08-15 19:02 -------- d-----w- c:\program files\Kooperativa
2010-03-28 07:04 . 2003-04-16 12:00 82750 ----a-w- c:\windows\system32\perfc005.dat
2010-03-28 07:04 . 2003-04-16 12:00 438070 ----a-w- c:\windows\system32\perfh005.dat
2010-03-20 10:25 . 2010-03-20 10:25 -------- d-----w- c:\program files\AEGON Expert 2.0
2010-03-11 12:36 . 2003-04-16 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:36 . 2007-10-08 09:09 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:36 . 2003-04-16 12:00 17408 ------w- c:\windows\system32\corpol.dll
2010-03-09 11:11 . 2003-04-16 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-24 13:11 . 2003-04-16 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-17 12:09 . 2003-04-16 12:00 2192128 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:09 . 2002-09-20 17:12 2068992 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 10:03 . 2010-03-07 17:06 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-12 04:35 . 2003-04-16 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2003-04-16 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2006-08-14 98304]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2006-08-14 114688]
"Persistence"="c:\windows\System32\igfxpers.exe" [2006-08-14 94208]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Holcova^Nabídka Start^Programy^Po spuštění^PMB Media Check Tool.lnk]
path=c:\documents and settings\Holcova\Nabídka Start\Programy\Po spuštění\PMB Media Check Tool.lnk
backup=c:\windows\pss\PMB Media Check Tool.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP OrderReminder Cleaner]
2006-12-27 13:23 104960 ----a-r- c:\windows\hporclnr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-12-05 20:55 54832 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2005-11-03 11:58 28160 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-26 10:12 161328 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
2006-12-27 13:23 98304 ----a-r- c:\program files\Hewlett-Packard\OrderReminder\OrderReminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2006-08-07 05:11 573440 ----a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2005-10-21 06:26 761945 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zástupce stránky vlastností sběrnice High Definition Audio]
2005-01-07 15:07 61952 ------w- c:\windows\system32\HdAShCut.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NMIndexingService"=3 (0x3)
"McComponentHostService"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Aplikace\\Balicky\\asa\\win32\\dbeng7.exe"=
"c:\\Aplikace\\Balicky\\j2re1.4.2_03\\bin\\java.exe"=
"c:\\Program Files\\Kooperativa\\KalkZiv\\Kalk_ziv.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\HP1005MC.EXE"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6.4.2008 17:47 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6.4.2008 17:47 20560]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R2 KoopPdfService;KoopPdfService;c:\program files\Kooperativa\Services\KoopPDFServer.exe [25.4.2010 22:43 447488]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
S2 eISISPostgreSQL;eISIS PostgreSQL Database Server;c:\eisis\servers\postgresql\bin\pg_ctl.exe runservice -N eISISPostgreSQL -D c:\eisis\data\db\data" --> c:\eisis\servers\postgresql\bin\pg_ctl.exe runservice -N eISISPostgreSQL -D c:\eisis\data\db\data [?]
S2 eISISTomcat;eISIS Tomcat;c:\eisis\servers\tomcat\bin\tomcat5.exe //RS//eISISTomcat --> c:\eisis\servers\tomcat\bin\tomcat5.exe [?]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
FF - ProfilePath - c:\documents and settings\Holcova\Data aplikací\Mozilla\Firefox\Profiles\p5k69pem.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-09 14:03
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(2900)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
c:\windows\system32\mmfinfo.dll
c:\windows\system32\mkunicode.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\System32\spool\DRIVERS\W32X86\3\HP1005MC.EXE
c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe
c:\windows\system32\wscntfy.exe
c:\windows\ATK0100\ATKOSD.exe
.
**************************************************************************
.
Celkový čas: 2010-05-09 14:11:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-05-09 12:11
ComboFix2.txt 2010-05-08 20:21
Před spuštěním: Volných bajtů: 65 125 535 744
Po spuštění: Volných bajtů: 65 091 227 648
- - End Of File - - 0DB0E9CE0E73503E834C878395405B3C
ComboFix 10-05-07.07 - Holcova 09.05.2010 13:49:50.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2031.1555 [GMT 2:00]
Spuštěný z: c:\documents and settings\Holcova\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Holcova\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100507-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk"
"c:\windows\pss\Microsoft Office.lnkCommon Startup"
"c:\windows\Tasks\AppleSoftwareUpdate.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Cole2k Media Toolbar
c:\program files\Cole2k Media Toolbar\settings.dat
c:\program files\Cole2k Media Toolbar\uninstall.txt
c:\program files\Cole2k Media Toolbar\v3.3.0.1\Cole2k_Media_Toolbar.dll
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\ac.txt
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\firefox.xpi
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome.manifest
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\content\contents.rdf
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\content\firefox.js
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\content\firefox.xul
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\firefox.jar
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\jarzip.txt
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\skin\contents.rdf
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\skin\go.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\skin\Thumbs.db
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\skin\toolbar_logo.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\chrome\skin\tut_overlay.css
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\install.rdf
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\make.bat
c:\program files\Cole2k Media Toolbar\v3.3.0.1\firefox\xpizip.txt
c:\program files\Cole2k Media Toolbar\v3.3.0.1\installer.ico
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\go1.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\go1_hot.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\checkmark.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\intro_bg.png
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\intro_search_bracket.gif
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\intro_star_bullet.png
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\intro_toolbar.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\main_logo.jpg
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\Thumbs.db
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\intro\toolbar_intro.htm
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\popup_blocker_off.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\popup_blocker_on.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\accuweather.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\amazon.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\dictionary.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\ebay.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\flickr.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\google_groups.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\google_images.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\google_maps.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\google_news.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\shopping.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\technorati.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\Thumbs.db
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\wikipedia.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\yahoo.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\yahoo_answers.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\search\youtube.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\searchbg.bmp
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\Thumbs.db
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\Toolbar.js
c:\program files\Cole2k Media Toolbar\v3.3.0.1\resources\toolbar_logo.bmp
c:\windows\pss\Microsoft Office.lnkCommon Startup
c:\windows\Tasks\AppleSoftwareUpdate.job
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-09 do 2010-05-09 )))))))))))))))))))))))))))))))
.
2010-05-08 20:21 . 2010-05-08 20:21 -------- d-----w- C:\rsit
2010-05-08 20:21 . 2010-05-08 20:21 -------- d-----w- c:\program files\trend micro
2010-05-08 18:26 . 2010-05-08 19:51 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-05-08 16:28 . 2010-05-08 16:29 -------- d-----w- c:\program files\Ultimate Process Manager
2010-04-26 08:50 . 2005-05-26 18:00 403968 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2010-04-26 08:50 . 2005-03-28 21:54 478208 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll
2010-04-26 08:50 . 2005-05-31 22:02 522752 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2010-04-26 08:50 . 2005-06-01 18:12 467968 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2010-04-26 08:50 . 2005-06-01 18:11 467456 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2010-04-26 08:50 . 2005-06-01 18:15 966144 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2010-04-26 08:50 . 2005-06-01 18:11 877568 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2010-04-26 08:50 . 2005-04-15 18:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2010-04-26 08:50 . 2005-03-28 21:56 457728 ----a-w- c:\windows\system32\NCTAudioDisplay2.dll
2010-04-26 08:49 . 2005-03-28 21:57 1852416 ----a-w- c:\windows\system32\NCTAudioDesign2.dll
2010-04-26 08:49 . 2004-11-04 19:31 479744 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll
2010-04-26 08:49 . 2003-03-19 17:03 544768 ----a-w- c:\windows\system32\msvcr71d.dll
2010-04-26 08:49 . 2002-01-05 20:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2010-04-26 08:49 . 2010-04-26 08:51 -------- d-----w- c:\program files\Magic Audio Editor Pro
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-25 20:43 . 2007-08-15 19:02 -------- d-----w- c:\program files\Kooperativa
2010-03-28 07:04 . 2003-04-16 12:00 82750 ----a-w- c:\windows\system32\perfc005.dat
2010-03-28 07:04 . 2003-04-16 12:00 438070 ----a-w- c:\windows\system32\perfh005.dat
2010-03-20 10:25 . 2010-03-20 10:25 -------- d-----w- c:\program files\AEGON Expert 2.0
2010-03-11 12:36 . 2003-04-16 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:36 . 2007-10-08 09:09 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:36 . 2003-04-16 12:00 17408 ------w- c:\windows\system32\corpol.dll
2010-03-09 11:11 . 2003-04-16 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-02-24 13:11 . 2003-04-16 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-17 12:09 . 2003-04-16 12:00 2192128 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:09 . 2002-09-20 17:12 2068992 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 10:03 . 2010-03-07 17:06 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-12 04:35 . 2003-04-16 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2003-04-16 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2006-08-14 98304]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2006-08-14 114688]
"Persistence"="c:\windows\System32\igfxpers.exe" [2006-08-14 94208]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Holcova^Nabídka Start^Programy^Po spuštění^PMB Media Check Tool.lnk]
path=c:\documents and settings\Holcova\Nabídka Start\Programy\Po spuštění\PMB Media Check Tool.lnk
backup=c:\windows\pss\PMB Media Check Tool.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP OrderReminder Cleaner]
2006-12-27 13:23 104960 ----a-r- c:\windows\hporclnr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-12-05 20:55 54832 ----a-w- c:\program files\CyberLink\PowerDVD\Language\Language.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2005-11-03 11:58 28160 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-26 10:12 161328 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
2006-12-27 13:23 98304 ----a-r- c:\program files\Hewlett-Packard\OrderReminder\OrderReminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2006-08-07 05:11 573440 ----a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2005-10-21 06:26 761945 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zástupce stránky vlastností sběrnice High Definition Audio]
2005-01-07 15:07 61952 ------w- c:\windows\system32\HdAShCut.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NMIndexingService"=3 (0x3)
"McComponentHostService"=3 (0x3)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Aplikace\\Balicky\\asa\\win32\\dbeng7.exe"=
"c:\\Aplikace\\Balicky\\j2re1.4.2_03\\bin\\java.exe"=
"c:\\Program Files\\Kooperativa\\KalkZiv\\Kalk_ziv.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\HP1005MC.EXE"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6.4.2008 17:47 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6.4.2008 17:47 20560]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R2 KoopPdfService;KoopPdfService;c:\program files\Kooperativa\Services\KoopPDFServer.exe [25.4.2010 22:43 447488]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
S2 eISISPostgreSQL;eISIS PostgreSQL Database Server;c:\eisis\servers\postgresql\bin\pg_ctl.exe runservice -N eISISPostgreSQL -D c:\eisis\data\db\data" --> c:\eisis\servers\postgresql\bin\pg_ctl.exe runservice -N eISISPostgreSQL -D c:\eisis\data\db\data [?]
S2 eISISTomcat;eISIS Tomcat;c:\eisis\servers\tomcat\bin\tomcat5.exe //RS//eISISTomcat --> c:\eisis\servers\tomcat\bin\tomcat5.exe [?]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
FF - ProfilePath - c:\documents and settings\Holcova\Data aplikací\Mozilla\Firefox\Profiles\p5k69pem.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-09 14:03
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(2900)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
c:\windows\system32\mmfinfo.dll
c:\windows\system32\mkunicode.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Firebird\Firebird_1_5\bin\fbguard.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\System32\spool\DRIVERS\W32X86\3\HP1005MC.EXE
c:\program files\Firebird\Firebird_1_5\bin\fbserver.exe
c:\windows\system32\wscntfy.exe
c:\windows\ATK0100\ATKOSD.exe
.
**************************************************************************
.
Celkový čas: 2010-05-09 14:11:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-05-09 12:11
ComboFix2.txt 2010-05-08 20:21
Před spuštěním: Volných bajtů: 65 125 535 744
Po spuštění: Volných bajtů: 65 091 227 648
- - End Of File - - 0DB0E9CE0E73503E834C878395405B3C
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Pc odesila spam.
Pořád posílá spam?
1) Malwarebytes' Anti-Malware
1) Malwarebytes' Anti-Malware
- Stáhněte MbAM a postupujte podle popisu.
- Zatím nic nemažte, MbAM má občas falešné detekce.
- Poté mi sem vložte log ve formě textu.
inactive
Re: Pc odesila spam.
Vypada to, ze uz nic neposila. Děkuji za kontolu logu viz dole.
RSITLogfile of random's system information tool 1.07 (written by random/random)
Run by Holcova at 2010-05-09 17:14:02
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 62 GB (81%) free of 76 GB
Total RAM: 2031 MB (77% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-10-14 110592]
"IgfxTray"=C:\WINDOWS\System32\igfxtray.exe [2006-08-14 98304]
"HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2006-08-14 114688]
"Persistence"=C:\WINDOWS\System32\igfxpers.exe [2006-08-14 94208]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP OrderReminder Cleaner]
C:\WINDOWS\hporclnr.exe [2006-12-27 104960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
C:\WINDOWS\KHALMNPR.EXE [2005-11-03 28160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-26 161328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [2006-12-27 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-08-07 573440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-10-21 761945]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zástupce stránky vlastností sběrnice High Definition Audio]
C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TOSBTM~1.EXE [2006-05-24 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
C:\PROGRA~1\SetPoint\SetPoint.exe [2005-11-23 532480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\20DEB9~1.181\SSSCHE~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Holcova^Nabídka Start^Programy^Po spuštění^PMB Media Check Tool.lnk]
C:\PROGRA~1\Sony\SONYPI~1\PMBCore\SPUVOL~1.EXE [2008-11-13 333088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NMIndexingService"=3
"McComponentHostService"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-08-14 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Aplikace\Balicky\asa\win32\dbeng7.exe"="C:\Aplikace\Balicky\asa\win32\dbeng7.exe:*:Enabled:Adaptive Server Anywhere Database Engine"
"C:\Aplikace\Balicky\j2re1.4.2_03\bin\java.exe"="C:\Aplikace\Balicky\j2re1.4.2_03\bin\java.exe:*:Enabled:java"
"C:\Program Files\Kooperativa\KalkZiv\Kalk_ziv.exe"="C:\Program Files\Kooperativa\KalkZiv\Kalk_ziv.exe:*:Enabled:Kalk_ziv"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1005MC.EXE"="C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1005MC.EXE:*:Disabled:SMLMProxy Module - HP1005MC.EXE"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-05-09 14:11:41 ----A---- C:\ComboFix.txt
2010-05-09 13:48:16 ----A---- C:\WINDOWS\NIRCMD.exe
2010-05-08 22:21:54 ----D---- C:\rsit
2010-05-08 22:21:54 ----D---- C:\Program Files\trend micro
2010-05-08 22:05:28 ----A---- C:\Boot.bak
2010-05-08 22:05:12 ----RASHD---- C:\cmdcons
2010-05-08 21:58:49 ----A---- C:\WINDOWS\zip.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\SWSC.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\SWREG.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\sed.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\PEV.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\MBR.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\grep.exe
2010-05-08 21:58:38 ----D---- C:\WINDOWS\ERDNT
2010-05-08 21:58:04 ----D---- C:\Qoobox
2010-05-08 20:26:36 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-05-08 20:26:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-05-08 18:28:06 ----D---- C:\Program Files\Ultimate Process Manager
2010-04-26 10:50:17 ----A---- C:\WINDOWS\system32\NCTWMAFile2.dll
2010-04-26 10:50:15 ----A---- C:\WINDOWS\system32\NCTAudioVisualization2.dll
2010-04-26 10:50:13 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2010-04-26 10:50:12 ----A---- C:\WINDOWS\system32\NCTAudioRecord2.dll
2010-04-26 10:50:10 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2010-04-26 10:50:08 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2010-04-26 10:50:04 ----A---- C:\WINDOWS\system32\NCTAudioFile2.dll
2010-04-26 10:50:02 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2010-04-26 10:50:01 ----A---- C:\WINDOWS\system32\NCTAudioDisplay2.dll
2010-04-26 10:49:58 ----A---- C:\WINDOWS\system32\NCTAudioDesign2.dll
2010-04-26 10:49:55 ----A---- C:\WINDOWS\system32\NCTAudioCDGrabber2.dll
2010-04-26 10:49:45 ----A---- C:\WINDOWS\system32\msvcr71d.dll
2010-04-26 10:49:44 ----A---- C:\WINDOWS\system32\msvcr70.dll
2010-04-26 10:49:43 ----D---- C:\Program Files\Magic Audio Editor Pro
2010-04-14 20:54:15 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 20:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 20:46:03 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-14 20:45:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 20:45:26 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 20:45:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 20:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
======List of files/folders modified in the last 1 months======
2010-05-09 14:11:48 ----D---- C:\WINDOWS\Prefetch
2010-05-09 14:11:44 ----D---- C:\WINDOWS\system32\drivers
2010-05-09 14:11:43 ----D---- C:\WINDOWS\Temp
2010-05-09 14:10:43 ----D---- C:\Documents and Settings\Holcova\Data aplikací\Skype
2010-05-09 14:08:40 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-09 14:04:03 ----D---- C:\WINDOWS
2010-05-09 14:04:03 ----A---- C:\WINDOWS\system.ini
2010-05-09 13:57:35 ----RD---- C:\Program Files
2010-05-09 13:57:34 ----SD---- C:\WINDOWS\Tasks
2010-05-09 13:57:34 ----D---- C:\WINDOWS\pss
2010-05-09 13:55:36 ----D---- C:\WINDOWS\system32
2010-05-09 13:55:36 ----D---- C:\WINDOWS\AppPatch
2010-05-09 13:55:32 ----D---- C:\Program Files\Common Files
2010-05-09 13:48:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-09 13:44:31 ----D---- C:\Documents and Settings\Holcova\Data aplikací\skypePM
2010-05-08 22:05:28 ----RASH---- C:\boot.ini
2010-05-08 21:58:48 ----SHD---- C:\System Volume Information
2010-05-08 21:58:48 ----D---- C:\WINDOWS\system32\Restore
2010-05-08 18:21:54 ----D---- C:\Program Files\Mozilla Firefox
2010-05-01 13:58:11 ----A---- C:\fftrlog.txt
2010-04-28 21:18:45 ----D---- C:\ZFPA
2010-04-25 22:43:07 ----D---- C:\Program Files\Kooperativa
2010-04-15 19:25:59 ----HD---- C:\WINDOWS\inf
2010-04-14 20:54:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-14 20:53:50 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-14 20:53:43 ----A---- C:\WINDOWS\imsins.BAK
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-21 142848]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\ar5211.sys [2006-07-17 494080]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\ATK0100\ASNDIS5.SYS []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\igxpmp32.sys [2006-08-14 1109568]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 rimmptsk;rimmptsk; C:\WINDOWS\System32\DRIVERS\rimmptsk.sys [2005-09-17 28672]
R3 rimsptsk;rimsptsk; C:\WINDOWS\System32\DRIVERS\rimsptsk.sys [2005-09-14 50560]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\System32\DRIVERS\rixdptsk.sys [2005-09-30 310016]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 smserial;smserial; C:\WINDOWS\System32\DRIVERS\smserial.sys [2006-08-07 980608]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2005-10-21 191936]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\System32\DRIVERS\tosporte.sys [2006-04-19 47488]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-05-18 110976]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys [2006-05-09 62848]
R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\System32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-05-09 40192]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvm321;Vimicro USB PC Camera (VC0321); C:\WINDOWS\System32\Drivers\usbvm321.sys [2005-10-21 227840]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HdAudAddService;Ovladač funkcí Microsoft UAA pro služby sběrnice High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\System32\DRIVERS\LHidKE.Sys [2005-11-03 27136]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2005-11-03 36608]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\System32\DRIVERS\LMouKE.Sys [2005-11-03 69376]
S3 mbr;mbr; \??\C:\DOCUME~1\Holcova\LOCALS~1\Temp\mbr.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2007-12-12 65536]
R2 KoopPdfService;KoopPdfService; C:\Program Files\Kooperativa\Services\KoopPDFServer.exe [2010-04-25 447488]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-09-29 266343]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2007-12-12 1531989]
S2 eISISPostgreSQL;eISIS PostgreSQL Database Server; c:\eISIS\servers\postgresql\bin\pg_ctl.exe runservice -N eISISPostgreSQL -D c:\eISIS\data\db\data []
S2 eISISTomcat;eISIS Tomcat; c:\eISIS\servers\tomcat\bin\tomcat5.exe //RS//eISISTomcat []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-26 267824]
-----------------EOF-----------------
------------------------------
---------------------------------
---------------------------------
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4052
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
9.5.2010 17:27:33
mbam-log-2010-05-09 (17-27-33).txt
Typ skenu: Rychlý sken
Skenované objekty: 115263
Uplynulý čas: 11 minuta(y), 23 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
RSITLogfile of random's system information tool 1.07 (written by random/random)
Run by Holcova at 2010-05-09 17:14:02
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 62 GB (81%) free of 76 GB
Total RAM: 2031 MB (77% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-10-14 110592]
"IgfxTray"=C:\WINDOWS\System32\igfxtray.exe [2006-08-14 98304]
"HotKeysCmds"=C:\WINDOWS\System32\hkcmd.exe [2006-08-14 114688]
"Persistence"=C:\WINDOWS\System32\igfxpers.exe [2006-08-14 94208]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP OrderReminder Cleaner]
C:\WINDOWS\hporclnr.exe [2006-12-27 104960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
C:\WINDOWS\KHALMNPR.EXE [2005-11-03 28160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-26 161328]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [2006-12-27 98304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-08-07 573440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-10-21 761945]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zástupce stránky vlastností sběrnice High Definition Audio]
C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TOSBTM~1.EXE [2006-05-24 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
C:\PROGRA~1\SetPoint\SetPoint.exe [2005-11-23 532480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\20DEB9~1.181\SSSCHE~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Holcova^Nabídka Start^Programy^Po spuštění^PMB Media Check Tool.lnk]
C:\PROGRA~1\Sony\SONYPI~1\PMBCore\SPUVOL~1.EXE [2008-11-13 333088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NMIndexingService"=3
"McComponentHostService"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-08-14 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Aplikace\Balicky\asa\win32\dbeng7.exe"="C:\Aplikace\Balicky\asa\win32\dbeng7.exe:*:Enabled:Adaptive Server Anywhere Database Engine"
"C:\Aplikace\Balicky\j2re1.4.2_03\bin\java.exe"="C:\Aplikace\Balicky\j2re1.4.2_03\bin\java.exe:*:Enabled:java"
"C:\Program Files\Kooperativa\KalkZiv\Kalk_ziv.exe"="C:\Program Files\Kooperativa\KalkZiv\Kalk_ziv.exe:*:Enabled:Kalk_ziv"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1005MC.EXE"="C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1005MC.EXE:*:Disabled:SMLMProxy Module - HP1005MC.EXE"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-05-09 14:11:41 ----A---- C:\ComboFix.txt
2010-05-09 13:48:16 ----A---- C:\WINDOWS\NIRCMD.exe
2010-05-08 22:21:54 ----D---- C:\rsit
2010-05-08 22:21:54 ----D---- C:\Program Files\trend micro
2010-05-08 22:05:28 ----A---- C:\Boot.bak
2010-05-08 22:05:12 ----RASHD---- C:\cmdcons
2010-05-08 21:58:49 ----A---- C:\WINDOWS\zip.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\SWSC.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\SWREG.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\sed.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\PEV.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\MBR.exe
2010-05-08 21:58:49 ----A---- C:\WINDOWS\grep.exe
2010-05-08 21:58:38 ----D---- C:\WINDOWS\ERDNT
2010-05-08 21:58:04 ----D---- C:\Qoobox
2010-05-08 20:26:36 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-05-08 20:26:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-05-08 18:28:06 ----D---- C:\Program Files\Ultimate Process Manager
2010-04-26 10:50:17 ----A---- C:\WINDOWS\system32\NCTWMAFile2.dll
2010-04-26 10:50:15 ----A---- C:\WINDOWS\system32\NCTAudioVisualization2.dll
2010-04-26 10:50:13 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2010-04-26 10:50:12 ----A---- C:\WINDOWS\system32\NCTAudioRecord2.dll
2010-04-26 10:50:10 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2010-04-26 10:50:08 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2010-04-26 10:50:04 ----A---- C:\WINDOWS\system32\NCTAudioFile2.dll
2010-04-26 10:50:02 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2010-04-26 10:50:01 ----A---- C:\WINDOWS\system32\NCTAudioDisplay2.dll
2010-04-26 10:49:58 ----A---- C:\WINDOWS\system32\NCTAudioDesign2.dll
2010-04-26 10:49:55 ----A---- C:\WINDOWS\system32\NCTAudioCDGrabber2.dll
2010-04-26 10:49:45 ----A---- C:\WINDOWS\system32\msvcr71d.dll
2010-04-26 10:49:44 ----A---- C:\WINDOWS\system32\msvcr70.dll
2010-04-26 10:49:43 ----D---- C:\Program Files\Magic Audio Editor Pro
2010-04-14 20:54:15 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 20:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 20:46:03 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-14 20:45:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 20:45:26 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 20:45:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 20:44:47 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
======List of files/folders modified in the last 1 months======
2010-05-09 14:11:48 ----D---- C:\WINDOWS\Prefetch
2010-05-09 14:11:44 ----D---- C:\WINDOWS\system32\drivers
2010-05-09 14:11:43 ----D---- C:\WINDOWS\Temp
2010-05-09 14:10:43 ----D---- C:\Documents and Settings\Holcova\Data aplikací\Skype
2010-05-09 14:08:40 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-09 14:04:03 ----D---- C:\WINDOWS
2010-05-09 14:04:03 ----A---- C:\WINDOWS\system.ini
2010-05-09 13:57:35 ----RD---- C:\Program Files
2010-05-09 13:57:34 ----SD---- C:\WINDOWS\Tasks
2010-05-09 13:57:34 ----D---- C:\WINDOWS\pss
2010-05-09 13:55:36 ----D---- C:\WINDOWS\system32
2010-05-09 13:55:36 ----D---- C:\WINDOWS\AppPatch
2010-05-09 13:55:32 ----D---- C:\Program Files\Common Files
2010-05-09 13:48:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-09 13:44:31 ----D---- C:\Documents and Settings\Holcova\Data aplikací\skypePM
2010-05-08 22:05:28 ----RASH---- C:\boot.ini
2010-05-08 21:58:48 ----SHD---- C:\System Volume Information
2010-05-08 21:58:48 ----D---- C:\WINDOWS\system32\Restore
2010-05-08 18:21:54 ----D---- C:\Program Files\Mozilla Firefox
2010-05-01 13:58:11 ----A---- C:\fftrlog.txt
2010-04-28 21:18:45 ----D---- C:\ZFPA
2010-04-25 22:43:07 ----D---- C:\Program Files\Kooperativa
2010-04-15 19:25:59 ----HD---- C:\WINDOWS\inf
2010-04-14 20:54:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-14 20:53:50 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-14 20:53:43 ----A---- C:\WINDOWS\imsins.BAK
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-09-15 94160]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2006-06-21 142848]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\ar5211.sys [2006-07-17 494080]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\ATK0100\ASNDIS5.SYS []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\igxpmp32.sys [2006-08-14 1109568]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [2005-02-17 5632]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 rimmptsk;rimmptsk; C:\WINDOWS\System32\DRIVERS\rimmptsk.sys [2005-09-17 28672]
R3 rimsptsk;rimsptsk; C:\WINDOWS\System32\DRIVERS\rimsptsk.sys [2005-09-14 50560]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\System32\DRIVERS\rixdptsk.sys [2005-09-30 310016]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
R3 sdbus;sdbus; C:\WINDOWS\System32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 smserial;smserial; C:\WINDOWS\System32\DRIVERS\smserial.sys [2006-08-07 980608]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2005-10-21 191936]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\System32\DRIVERS\tosporte.sys [2006-04-19 47488]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-05-18 110976]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys [2006-05-09 62848]
R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\System32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-05-09 40192]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvm321;Vimicro USB PC Camera (VC0321); C:\WINDOWS\System32\Drivers\usbvm321.sys [2005-10-21 227840]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HdAudAddService;Ovladač funkcí Microsoft UAA pro služby sběrnice High Definition Audio; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\System32\DRIVERS\LHidKE.Sys [2005-11-03 27136]
S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\WINDOWS\System32\Drivers\LHidUsbK.Sys [2005-11-03 36608]
S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\WINDOWS\System32\DRIVERS\LMouKE.Sys [2005-11-03 69376]
S3 mbr;mbr; \??\C:\DOCUME~1\Holcova\LOCALS~1\Temp\mbr.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe [2007-12-12 65536]
R2 KoopPdfService;KoopPdfService; C:\Program Files\Kooperativa\Services\KoopPDFServer.exe [2010-04-25 447488]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-09-29 266343]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe [2007-12-12 1531989]
S2 eISISPostgreSQL;eISIS PostgreSQL Database Server; c:\eISIS\servers\postgresql\bin\pg_ctl.exe runservice -N eISISPostgreSQL -D c:\eISIS\data\db\data []
S2 eISISTomcat;eISIS Tomcat; c:\eISIS\servers\tomcat\bin\tomcat5.exe //RS//eISISTomcat []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-26 267824]
-----------------EOF-----------------
------------------------------
---------------------------------
---------------------------------
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4052
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
9.5.2010 17:27:33
mbam-log-2010-05-09 (17-27-33).txt
Typ skenu: Rychlý sken
Skenované objekty: 115263
Uplynulý čas: 11 minuta(y), 23 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Re: Pc odesila spam.
PC můžete připojit k Internetu.
1) Odinstalace ComboFixu
1) Odinstalace ComboFixu
- Proklikejte se přes Start do Spustit [klávesová zkratka je Win+R].
- Do textového pole napište:
Kód: Vybrat vše
ComboFix /Uninstall - Stiskněte Enter.
- Spustí se odinstalace ComboFixu, která smaže všechny jeho součásti.
- Stáhněte OTC a dvojklikem ho spusťte.
- Vyskočí okénko, kde kliknete na 'CleanUp!'.
- Potvrdíte kliknutím na 'Yes'.
- Poté se ještě zeptá, zda chcete restartovat PC - to proveďte opět kliknutím na 'Yes'.
- Stáhněte si program jménem CCleaner.
- Normálně nainstalujte, jen dávejte pozor a odškrtněte položku 'Instalovat Yahoo! Toolbar'.
- Spusťte ho.
- Záložka Čistič → nechte zatrženo vše, jak je, a klikněte na 'Spustit CCleaner'.
- Záložka Registry → klikněte na 'Hledej problémy'. Vyhledá problémy v registru, až dokončí analyzování, klikněte na 'Opravit vybrané problémy'. Nabídne Vám vytvoření zálohy - pro jistotu ji vytvořte a uložte například na Plochu.
- CCleaner doporučuji používat pravidelně, celkem rapidně dokáže zrychlit PC.
- Defragmentujte disk.
- Lze to udělat několika způsoby ↓
- Přes defragmentaci integrovanou ve Windows [Start → Spustit → dfrg.msc → Enter]. Toto není příliš účinný způsob.
- Přes jednoduchý a přehledný program jménem Defraggler.
- Přes geniální program, který se nemusí instalovat a je hodně jednoduchý - JKDefrag.
- Abyste měl/a přehled o aktualizacích, doporučuji stáhnout program FileHippo.com UpdateChecker.
- Běžně ho nainstalujte.
- Spouštějte ho například jednou až dvakrát týdně.
- Přehledně zobrazí všechny programy, které jsou neaktualizované, nabídne stažení novější verze (což doporučuji).
- Dávejte si pozor,co dané aplikace instalují 's sebou' → například zbytečné toolbary (lišty).
- Proto se nevyplatí bezmyšlenkovitě klikat na 'Next', popřípadě 'Další'.
inactive
Re: Pc odesila spam.
Zatím moc děkuji. Budu postupovat dále dle rad. Defragmentace bude trvat urcite dlouho. Děkuji. 
-
Unlimited_Killer
- Přítel fóra
- Příspěvky: 1969
- Registrován: 24 srp 2009 16:18
Přispějete na provoz fóra?