Zdravím Všechny na foru a prosím o kontrolu logu:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:02:12, on 6.6.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: (no name) - {C9F97205-62A3-41F2-9F2C-D99392F882EB} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
--
End of file - 5935 bytes
Díky
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé hledání stránek a velmi často "Spojení přerušeno"
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pomalé hledání stránek a velmi často "Spojení přerušeno"
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Pomalé hledání stránek a velmi často "Spojení přerušeno"
zdravím 
z mého podpisu stáhněte RSIT, nechte proběhnout sken a výsledný log mi sem vložte
z mého podpisu stáhněte RSIT, nechte proběhnout sken a výsledný log mi sem vložte
Re: Pomalé hledání stránek a velmi často "Spojení přerušeno"
Ahoj z Čáslavi, posílám žádáný log
Logfile of random's system information tool 1.07 (written by random/random)
Run by Jirka at 2010-06-06 10:31:47
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 28 GB (23%) free of 119 GB
Total RAM: 2047 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:32:06, on 6.6.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jirka\Desktop\RSIT.exe
C:\Program Files\trend micro\Jirka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: (no name) - {C9F97205-62A3-41F2-9F2C-D99392F882EB} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
--
End of file - 6133 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-24 341600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll [2009-12-22 157232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9F97205-62A3-41F2-9F2C-D99392F882EB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-18 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-03-12 6965792]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-24 202256]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"UIWatcher"=C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe [2009-02-23 3508568]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-06-04 15:31:43 ----SHD---- C:\Windows\system32\%APPDATA%
2010-05-27 23:12:49 ----A---- C:\Windows\system32\tzres.dll
2010-05-12 13:17:04 ----A---- C:\Windows\system32\inetcomm.dll
2010-05-10 23:02:40 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-05-10 23:01:42 ----D---- C:\Program Files\DAEMON Tools Lite
======List of files/folders modified in the last 1 months======
2010-06-06 10:32:06 ----D---- C:\Program Files\Trend Micro
2010-06-06 10:32:05 ----D---- C:\Windows\Prefetch
2010-06-06 10:31:57 ----D---- C:\Windows\temp
2010-06-06 10:31:47 ----D---- C:\rsit
2010-06-05 17:38:23 ----D---- C:\Users\Jirka\AppData\Roaming\BITS
2010-06-05 17:30:04 ----D---- C:\Downloads
2010-06-04 17:33:14 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2010-06-04 16:09:13 ----D---- C:\Users\Jirka\AppData\Roaming\skypePM
2010-06-04 15:32:10 ----SHD---- C:\Windows\Installer
2010-06-04 15:32:09 ----SD---- C:\ProgramData\Microsoft
2010-06-04 15:31:43 ----AD---- C:\Windows\System32
2010-06-04 15:31:31 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-04 15:31:11 ----SHD---- C:\System Volume Information
2010-06-03 20:33:07 ----D---- C:\Windows\inf
2010-06-03 20:33:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-06-02 17:43:12 ----RD---- C:\Program Files
2010-06-02 15:01:23 ----D---- C:\Windows\system32\Tasks
2010-05-31 17:34:57 ----AD---- C:\ProgramData\TEMP
2010-05-31 17:10:46 ----D---- C:\Windows\rescache
2010-05-29 10:08:26 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-05-28 03:01:32 ----D---- C:\Windows\winsxs
2010-05-28 03:01:32 ----D---- C:\Windows\system32\cs-CZ
2010-05-28 03:01:12 ----D---- C:\Program Files\Internet Explorer
2010-05-27 23:12:23 ----D---- C:\Windows\system32\catroot
2010-05-27 23:12:22 ----D---- C:\Windows\system32\catroot2
2010-05-27 23:05:42 ----D---- C:\Users\Jirka\AppData\Roaming\HpUpdate
2010-05-27 23:02:05 ----D---- C:\Windows\system32\Msdtc
2010-05-27 23:02:03 ----D---- C:\Windows
2010-05-27 23:02:02 ----D---- C:\Windows\system32\wbem
2010-05-27 23:01:00 ----D---- C:\Windows\system32\config
2010-05-27 23:00:43 ----D---- C:\Windows\Tasks
2010-05-27 23:00:43 ----D---- C:\Windows\system32\spool
2010-05-27 23:00:43 ----D---- C:\Windows\system32\CodeIntegrity
2010-05-27 23:00:42 ----SD---- C:\Windows\Downloaded Program Files
2010-05-27 23:00:41 ----D---- C:\ProgramData\HP Product Assistant
2010-05-27 23:00:40 ----D---- C:\Program Files\Internet Download Manager
2010-05-27 23:00:39 ----D---- C:\Windows\registration
2010-05-21 14:14:28 ----N---- C:\Windows\system32\MpSigStub.exe
2010-05-16 13:22:46 ----D---- C:\Users\Jirka\AppData\Roaming\Vso
2010-05-12 22:15:01 ----D---- C:\Program Files\Windows Mail
2010-05-10 22:58:23 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-05-10 22:29:53 ----D---- C:\Program Files\Uloz.to Uploader
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 EIO;EIO; \??\C:\Windows\system32\drivers\EIO.sys [2006-06-14 12288]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R3 3xHybrid;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
R3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\Windows\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-03-12 2342688]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-04-03 11573800]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 ayr4uig1;ayr4uig1; C:\Windows\system32\drivers\ayr4uig1.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2009-07-25 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2009-07-25 25512]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-06-15 47360]
S3 se3ebus;Sony Ericsson Device 062 (WDM); C:\Windows\system32\DRIVERS\se3ebus.sys [2007-04-10 83080]
S3 se3emdfl;Sony Ericsson Device 062 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\se3emdfl.sys [2007-04-10 15112]
S3 se3emdm;Sony Ericsson Device 062 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\se3emdm.sys [2007-04-10 108552]
S3 se3emgmt;Sony Ericsson Device 062 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\se3emgmt.sys [2007-04-10 100360]
S3 se3eobex;Sony Ericsson Device 062 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\se3eobex.sys [2007-04-10 98568]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
-----------------EOF-----------------
Přeji "hezký den"
Logfile of random's system information tool 1.07 (written by random/random)
Run by Jirka at 2010-06-06 10:31:47
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 28 GB (23%) free of 119 GB
Total RAM: 2047 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:32:06, on 6.6.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jirka\Desktop\RSIT.exe
C:\Program Files\trend micro\Jirka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: (no name) - {C9F97205-62A3-41F2-9F2C-D99392F882EB} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\GetUrl.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing)
--
End of file - 6133 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-24 341600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll [2009-12-22 157232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9F97205-62A3-41F2-9F2C-D99392F882EB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-18 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-03-12 6965792]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-24 202256]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"UIWatcher"=C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe [2009-02-23 3508568]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-06-04 15:31:43 ----SHD---- C:\Windows\system32\%APPDATA%
2010-05-27 23:12:49 ----A---- C:\Windows\system32\tzres.dll
2010-05-12 13:17:04 ----A---- C:\Windows\system32\inetcomm.dll
2010-05-10 23:02:40 ----D---- C:\Program Files\DAEMON Tools Toolbar
2010-05-10 23:01:42 ----D---- C:\Program Files\DAEMON Tools Lite
======List of files/folders modified in the last 1 months======
2010-06-06 10:32:06 ----D---- C:\Program Files\Trend Micro
2010-06-06 10:32:05 ----D---- C:\Windows\Prefetch
2010-06-06 10:31:57 ----D---- C:\Windows\temp
2010-06-06 10:31:47 ----D---- C:\rsit
2010-06-05 17:38:23 ----D---- C:\Users\Jirka\AppData\Roaming\BITS
2010-06-05 17:30:04 ----D---- C:\Downloads
2010-06-04 17:33:14 ----D---- C:\Users\Jirka\AppData\Roaming\Skype
2010-06-04 16:09:13 ----D---- C:\Users\Jirka\AppData\Roaming\skypePM
2010-06-04 15:32:10 ----SHD---- C:\Windows\Installer
2010-06-04 15:32:09 ----SD---- C:\ProgramData\Microsoft
2010-06-04 15:31:43 ----AD---- C:\Windows\System32
2010-06-04 15:31:31 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-04 15:31:11 ----SHD---- C:\System Volume Information
2010-06-03 20:33:07 ----D---- C:\Windows\inf
2010-06-03 20:33:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-06-02 17:43:12 ----RD---- C:\Program Files
2010-06-02 15:01:23 ----D---- C:\Windows\system32\Tasks
2010-05-31 17:34:57 ----AD---- C:\ProgramData\TEMP
2010-05-31 17:10:46 ----D---- C:\Windows\rescache
2010-05-29 10:08:26 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-05-28 03:01:32 ----D---- C:\Windows\winsxs
2010-05-28 03:01:32 ----D---- C:\Windows\system32\cs-CZ
2010-05-28 03:01:12 ----D---- C:\Program Files\Internet Explorer
2010-05-27 23:12:23 ----D---- C:\Windows\system32\catroot
2010-05-27 23:12:22 ----D---- C:\Windows\system32\catroot2
2010-05-27 23:05:42 ----D---- C:\Users\Jirka\AppData\Roaming\HpUpdate
2010-05-27 23:02:05 ----D---- C:\Windows\system32\Msdtc
2010-05-27 23:02:03 ----D---- C:\Windows
2010-05-27 23:02:02 ----D---- C:\Windows\system32\wbem
2010-05-27 23:01:00 ----D---- C:\Windows\system32\config
2010-05-27 23:00:43 ----D---- C:\Windows\Tasks
2010-05-27 23:00:43 ----D---- C:\Windows\system32\spool
2010-05-27 23:00:43 ----D---- C:\Windows\system32\CodeIntegrity
2010-05-27 23:00:42 ----SD---- C:\Windows\Downloaded Program Files
2010-05-27 23:00:41 ----D---- C:\ProgramData\HP Product Assistant
2010-05-27 23:00:40 ----D---- C:\Program Files\Internet Download Manager
2010-05-27 23:00:39 ----D---- C:\Windows\registration
2010-05-21 14:14:28 ----N---- C:\Windows\system32\MpSigStub.exe
2010-05-16 13:22:46 ----D---- C:\Users\Jirka\AppData\Roaming\Vso
2010-05-12 22:15:01 ----D---- C:\Program Files\Windows Mail
2010-05-10 22:58:23 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-05-10 22:29:53 ----D---- C:\Program Files\Uloz.to Uploader
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 easdrv;easdrv; C:\Windows\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 EIO;EIO; \??\C:\Windows\system32\drivers\EIO.sys [2006-06-14 12288]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R3 3xHybrid;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
R3 ASUSVRC;ASUSTeK Virtual Capture Device; C:\Windows\system32\DRIVERS\AsusVRC.sys [2007-01-29 18432]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-03-12 2342688]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-04-03 11573800]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 ayr4uig1;ayr4uig1; C:\Windows\system32\drivers\ayr4uig1.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2009-07-25 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2009-07-25 25512]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2009-06-15 47360]
S3 se3ebus;Sony Ericsson Device 062 (WDM); C:\Windows\system32\DRIVERS\se3ebus.sys [2007-04-10 83080]
S3 se3emdfl;Sony Ericsson Device 062 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\se3emdfl.sys [2007-04-10 15112]
S3 se3emdm;Sony Ericsson Device 062 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\se3emdm.sys [2007-04-10 108552]
S3 se3emgmt;Sony Ericsson Device 062 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\se3emgmt.sys [2007-04-10 100360]
S3 se3eobex;Sony Ericsson Device 062 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\se3eobex.sys [2007-04-10 98568]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-03 129640]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
-----------------EOF-----------------
Přeji "hezký den"
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Pomalé hledání stránek a velmi často "Spojení přerušeno"
stáhněte a uložte nejlépe na plochu ComboFix
spusťte aplikaci pod účtem s administrátorským oprávněním
po startu se zobrazí obrazovka s licenčními podmínkami, klikněte na tlačítko Ano:
může dojít k varování ohledně rezidentního štítu Vašeho antiviru a upozornění na nenainstalovanou konzoli pro zotavení; zatím jí neinstalujte
sken trvá cca 10 minut (může trvat i déle, podle množství souborů a rychlosti pc); během skenu nespouštějte žádné aplikace
během skenování může být Vaše pc restartováno, proto nepropadejte panice
upozornění: pokud používate antispyware s rezidentním štítem, deaktivujte jeho rezidentní štít, protože dochází při skenu a výmazu případného malware k nežádoucím kolizím Combofixu s rezidentem antispyware
po restartování vytvoří aplikace log, uložený na C:/Combofix.txt jeho obsah vložte sem
spusťte aplikaci pod účtem s administrátorským oprávněním
po startu se zobrazí obrazovka s licenčními podmínkami, klikněte na tlačítko Ano:
může dojít k varování ohledně rezidentního štítu Vašeho antiviru a upozornění na nenainstalovanou konzoli pro zotavení; zatím jí neinstalujte
sken trvá cca 10 minut (může trvat i déle, podle množství souborů a rychlosti pc); během skenu nespouštějte žádné aplikace
během skenování může být Vaše pc restartováno, proto nepropadejte panice
upozornění: pokud používate antispyware s rezidentním štítem, deaktivujte jeho rezidentní štít, protože dochází při skenu a výmazu případného malware k nežádoucím kolizím Combofixu s rezidentem antispyware
po restartování vytvoří aplikace log, uložený na C:/Combofix.txt jeho obsah vložte sem
Re: Pomalé hledání stránek a velmi často "Spojení přerušeno"
Log zašlu až po obědě, musím si zajít do hospody na oběd, bo doma nic nemám. Tak zatím ahoj.
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
Re: Pomalé hledání stránek a velmi často "Spojení přerušeno"
Tak se tady celé odpoledne trápím. Log nejde otevřít a zkopírovat
Takové oznámení se objeví i pri pokusu spustit pozn.blok, malování, winrar, skype, výstřižky, atd. Co s tím budeme dělat?
Po dalším restartu počítače vkládám log z "ComboFix". Sorry, mohl jsem to zkusit dřív, asi jsem nějak mimo
ComboFix 10-06-05.02 - Jirka 06.06.2010 16:13:51.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.1324 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 3.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet 3\adns.dll
c:\program files\FlashGet Network\FlashGet 3\btcoreu.dll
c:\program files\FlashGet Network\FlashGet 3\BugReport.dll
c:\program files\FlashGet Network\FlashGet 3\BugReport.exe
c:\program files\FlashGet Network\FlashGet 3\cd1.ico
c:\program files\FlashGet Network\FlashGet 3\ckcore.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\14_43260.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\28_83260.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\atrc.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\Codecs.zip
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\cook.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\ddnt3260.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\dnet3260.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\drv1.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\drv2.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\drvc.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\hxltcolor.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\raac.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\ralf.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\rv10.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\rv20.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\rv30.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\rv40.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\sipr.dll
c:\program files\FlashGet Network\FlashGet 3\commonlib.dll
c:\program files\FlashGet Network\FlashGet 3\componentskrnl.dll
c:\program files\FlashGet Network\FlashGet 3\config\clients.met
c:\program files\FlashGet Network\FlashGet 3\config\clients.met.bak
c:\program files\FlashGet Network\FlashGet 3\config\cryptkey.dat
c:\program files\FlashGet Network\FlashGet 3\config\emfriends.met
c:\program files\FlashGet Network\FlashGet 3\config\known.met
c:\program files\FlashGet Network\FlashGet 3\config\known2_64.met
c:\program files\FlashGet Network\FlashGet 3\config\preferences.dat
c:\program files\FlashGet Network\FlashGet 3\config\preferences.ini
c:\program files\FlashGet Network\FlashGet 3\config\server.met
c:\program files\FlashGet Network\FlashGet 3\config\server_met.old
c:\program files\FlashGet Network\FlashGet 3\config\upload.met
c:\program files\FlashGet Network\FlashGet 3\corestat.dll
c:\program files\FlashGet Network\FlashGet 3\dbghelp.dll
c:\program files\FlashGet Network\FlashGet 3\fg.ico
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\default.htm
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\FGResDetector.conf
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\banner.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\bullet.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\close.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\closelabel.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\download-icon.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\explorer.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\ftp.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\image.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\introTextBg.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\loading.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\nextlabel.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\prevlabel.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\software.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\vod.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\FGResDetector.exe
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\about.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\ftplist_tree_icon.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\option_icon.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\quickop_hide.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\quickop_show.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\statusbar_bk.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\tasktab_close.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_back.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_bk.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_close.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_forward.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_refresh.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\lang\l.eng.xml
c:\program files\FlashGet Network\FlashGet 3\FGSoftware.exe
c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe
c:\program files\FlashGet Network\FlashGet 3\FlashGet3.xpi
c:\program files\FlashGet Network\FlashGet 3\FlashGetBHO3.dll
c:\program files\FlashGet Network\FlashGet 3\FlashGetHook.dll
c:\program files\FlashGet Network\FlashGet 3\fnsArchive.dll
c:\program files\FlashGet Network\FlashGet 3\fnsDirectuix.dll
c:\program files\FlashGet Network\FlashGet 3\fnsLanguage.dll
c:\program files\FlashGet Network\FlashGet 3\fnslanguage_en.dll
c:\program files\FlashGet Network\FlashGet 3\fnsSecurity.dll
c:\program files\FlashGet Network\FlashGet 3\fnsScheduler.dll
c:\program files\FlashGet Network\FlashGet 3\fnsSkinX.dll
c:\program files\FlashGet Network\FlashGet 3\fnsStatistics.dll
c:\program files\FlashGet Network\FlashGet 3\game.ico
c:\program files\FlashGet Network\FlashGet 3\gb2312-unicode.dic
c:\program files\FlashGet Network\FlashGet 3\gdiplus.dll
c:\program files\FlashGet Network\FlashGet 3\GetAllUrl.htm
c:\program files\FlashGet Network\FlashGet 3\GetUrl.htm
c:\program files\FlashGet Network\FlashGet 3\GoogleToolbarInstaller_download_signed.exe
c:\program files\FlashGet Network\FlashGet 3\libem.dll
c:\program files\FlashGet Network\FlashGet 3\license.txt
c:\program files\FlashGet Network\FlashGet 3\lst_tz.bin
c:\program files\FlashGet Network\FlashGet 3\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet 3\p2pcore.dll
c:\program files\FlashGet Network\FlashGet 3\p2score.dll
c:\program files\FlashGet Network\FlashGet 3\perf.ini
c:\program files\FlashGet Network\FlashGet 3\pncrt.dll
c:\program files\FlashGet Network\FlashGet 3\pstat.dat
c:\program files\FlashGet Network\FlashGet 3\pup.dat
c:\program files\FlashGet Network\FlashGet 3\RdOldDb.dll
c:\program files\FlashGet Network\FlashGet 3\RealMediaSplitter.ax
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\BarSet.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\btn_check.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\btn_normal.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\btn_radio.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\desktoplink.ico
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\login_line.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\menu_icon.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\option_line.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\option_page_line.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\skin.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\SuspendLogo.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\SuspendNoLogo.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_backgrand.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_cancle.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_catgroy.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_group.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_new.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_open.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_option.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_pause.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_recly.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_start.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbarbutton_left.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbarbutton_middle.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbarbutton_right.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\top_logotitle.gif
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\torrent.ico
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\userinfo_head.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\VistaStyleListItems.bmp
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\preview.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\skin.xml
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\sound\loginfailed.wav
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\sound\loginsucc.wav
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\sound\msgnotify.wav
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\sound\notify.wav
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\topmain.png
c:\program files\FlashGet Network\FlashGet 3\SnapShot.dll
c:\program files\FlashGet Network\FlashGet 3\storage.dll
c:\program files\FlashGet Network\FlashGet 3\SysOptimize.exe
c:\program files\FlashGet Network\FlashGet 3\uninst.exe
c:\program files\FlashGet Network\FlashGet 3\VodCore.dll
c:\program files\FlashGet Network\FlashGet 3\zlib.dll
c:\programdata\hpe62CA.dll
c:\programdata\hpeFD7E.dll
c:\users\Jirka\AppData\Roaming\BITS
c:\users\Jirka\AppData\Roaming\BITS\BITS.ini
c:\users\Jirka\AppData\Roaming\BITS\DHTTable.dat
c:\users\Jirka\AppData\Roaming\BITS\ProxyList.ini
c:\users\Jirka\AppData\Roaming\FlashGetBHO
c:\users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
c:\users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetHook.dll
c:\users\Jirka\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
c:\users\Jirka\AppData\Roaming\FlashGetBHO\GetUrl.htm
c:\users\Jirka\AppData\Roaming\inst.exe
c:\users\Jirka\Documents\cc_20100514_210500.reg
c:\windows\system32\%appdata%
c:\windows\system32\secustat.dat
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-06 do 2010-06-06 )))))))))))))))))))))))))))))))
.
2010-06-06 14:02 . 2010-06-06 14:01 318976 ----a-w- c:\windows\system32\CF13246.exe
2010-05-27 21:12 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-05-12 11:17 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-10 21:02 . 2010-05-10 21:02 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-05-10 21:01 . 2010-05-10 21:02 -------- d-----w- c:\program files\DAEMON Tools Lite
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-06 14:25 . 2009-11-13 03:43 34901 ----a-w- c:\programdata\nvModes.dat
2010-06-06 14:16 . 2007-01-08 21:09 607294 ----a-w- c:\windows\system32\perfh005.dat
2010-06-06 14:16 . 2007-01-08 21:09 119760 ----a-w- c:\windows\system32\perfc005.dat
2010-06-06 14:08 . 2009-04-28 08:35 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-06 13:37 . 2009-03-26 10:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-06-06 13:37 . 2009-03-25 16:51 -------- d-----w- c:\users\Jirka\AppData\Roaming\Media Player Classic
2010-06-06 13:36 . 2009-03-22 10:29 -------- d-----w- c:\program files\CCleaner
2010-06-06 08:32 . 2009-06-06 20:54 -------- d-----w- c:\program files\Trend Micro
2010-06-04 15:33 . 2009-07-28 18:47 -------- d-----w- c:\users\Jirka\AppData\Roaming\Skype
2010-06-04 14:09 . 2009-07-28 18:53 -------- d-----w- c:\users\Jirka\AppData\Roaming\skypePM
2010-05-27 21:05 . 2009-10-03 12:24 -------- d-----w- c:\users\Jirka\AppData\Roaming\HpUpdate
2010-05-27 21:00 . 2009-09-26 12:25 -------- d-----w- c:\programdata\HP Product Assistant
2010-05-27 21:00 . 2009-09-30 17:41 -------- d-----w- c:\program files\Internet Download Manager
2010-05-21 12:14 . 2009-10-02 23:45 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-16 11:22 . 2009-03-27 00:21 -------- d-----w- c:\users\Jirka\AppData\Roaming\Vso
2010-05-12 20:15 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-05-10 21:02 . 2009-06-24 13:51 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-05-10 20:58 . 2009-06-25 09:16 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-05-10 20:29 . 2010-04-03 12:31 -------- d-----w- c:\program files\Uloz.to Uploader
2010-05-01 06:45 . 2010-03-25 10:23 -------- d-----w- c:\program files\Opera
2010-04-27 12:45 . 2010-04-27 12:45 72856 ----a-w- c:\windows\system32\xliveinstallhost.exe
2010-04-27 12:45 . 2010-04-27 12:45 187544 ----a-w- c:\windows\system32\xliveinstall.dll
2010-04-25 21:56 . 2010-04-25 21:56 -------- d-----w- c:\program files\Ligos
2010-04-25 20:36 . 2010-04-25 20:36 -------- d-----w- c:\users\Jirka\AppData\Roaming\2K Sports
2010-04-25 20:20 . 2010-04-25 20:20 -------- d-----w- c:\program files\2K Sports
2010-04-25 11:25 . 2009-03-22 00:13 -------- d-----w- c:\programdata\NVIDIA
2010-04-25 11:25 . 2010-03-11 03:11 -------- d-----w- c:\program files\NVIDIA Corporation
2010-04-24 19:38 . 2010-04-24 19:36 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-04-24 19:38 . 2010-04-24 19:36 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-04-24 19:37 . 2009-06-05 09:37 -------- d-----w- c:\programdata\Electronic Arts
2010-04-21 13:34 . 2009-07-18 13:37 -------- d-----w- c:\program files\Sony Ericsson
2010-04-21 13:34 . 2009-03-22 20:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-21 13:33 . 2010-04-21 13:33 -------- d-----w- c:\program files\Avanquest update
2010-04-18 11:59 . 2010-04-18 12:00 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-16 14:49 . 2010-04-16 13:27 325177 ----a-w- c:\windows\hpoins12.dat
2010-04-16 14:47 . 2009-04-06 21:56 -------- d-----w- c:\users\Jirka\AppData\Roaming\Image Zone Express
2010-04-16 14:43 . 2010-04-16 14:43 -------- d-----w- c:\program files\Hewlett-Packard
2010-04-11 14:59 . 2009-10-19 16:38 181096 ----a-w- c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\vuhsvq3u.default\FlashGot.exe
2010-04-10 10:41 . 2009-06-23 08:23 -------- d-----w- c:\users\Jirka\AppData\Roaming\ICQ
2010-04-03 16:27 . 2010-04-03 16:27 985704 ----a-w- c:\windows\system32\nvsvc.dll
2010-04-03 16:27 . 2010-04-03 16:27 13683816 ----a-w- c:\windows\system32\nvcpl.dll
2010-04-03 16:27 . 2010-04-03 16:27 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-04-03 16:27 . 2010-04-03 16:27 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-04-02 15:17 . 2010-04-02 15:17 15426200 ----a-w- c:\windows\system32\xlive.dll
2010-04-02 15:17 . 2010-04-02 15:17 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2010-04-01 20:04 . 2010-04-01 19:58 69 ----a-w- c:\users\Jirka\jagex_runescape_preferences2.dat
2010-04-01 19:58 . 2010-04-01 19:56 41 ----a-w- c:\users\Jirka\jagex_runescape_preferences.dat
2010-03-25 09:27 . 2010-03-25 09:27 1107264 ----a-w- c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\vuhsvq3u.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2010-03-23 23:31 . 2010-03-23 23:31 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-03-23 23:31 . 2010-03-23 23:31 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-03-23 23:31 . 2010-03-23 23:31 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-03-23 23:31 . 2010-03-23 23:31 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-03-23 23:31 . 2010-03-23 23:31 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-03-23 23:31 . 2010-03-23 23:31 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-03-23 23:31 . 2010-03-23 23:31 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-03-23 23:31 . 2010-03-23 23:31 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-03-23 23:31 . 2010-03-23 23:31 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-03-16 22:09 . 2009-03-21 21:37 49168 ----a-w- c:\users\Jirka\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UIWatcher"="c:\program files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe" [2009-02-23 3508568]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-12 6965792]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-23 202256]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"VistaSp2"=hex(b):f0,e7,89,9f,2d,fb,c9,01
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-07-25 13224]
R3 se3ebus;Sony Ericsson Device 062 (WDM);c:\windows\system32\DRIVERS\se3ebus.sys [2007-04-10 83080]
R3 se3emdfl;Sony Ericsson Device 062 USB WMC Modem Filter;c:\windows\system32\DRIVERS\se3emdfl.sys [2007-04-10 15112]
R3 se3emdm;Sony Ericsson Device 062 USB WMC Modem Driver;c:\windows\system32\DRIVERS\se3emdm.sys [2007-04-10 108552]
R3 se3emgmt;Sony Ericsson Device 062 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\se3emgmt.sys [2007-04-10 100360]
R3 se3eobex;Sony Ericsson Device 062 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\se3eobex.sys [2007-04-10 98568]
R3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-05-10 691696]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 3xHybrid;3xHybrid service;c:\windows\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
IE: Download all by FlashGet3 - c:\users\Jirka\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\Jirka\AppData\Roaming\FlashGetBHO\GetUrl.htm
Trusted Zone: kuaiche.com\software
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\vuhsvq3u.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\vuhsvq3u.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\NativeComponent.dll
FF - component: c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\vuhsvq3u.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashgetXpi.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\Npindeo.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-FlashGet 3.3 - c:\program files\FlashGet Network\FlashGet 3\uninst.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-06 16:25
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8521A1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x883a5d24
\Driver\ACPI -> acpi.sys @ 0x807bfd68
\Driver\atapi -> 0x8521a1f8
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3770246164-1455068142-2756262975-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:30,be,7a,e3,a2,2b,71,63,2d,48,b5,27,7a,1d,af,64,a1,23,24,83,a3,d3,95,
82,4b,d4,64,78,a7,7f,28,e2,bf,0c,96,fb,0a,cd,e7,d7,93,4d,42,9d,15,ed,1b,3b,\
"??"=hex:6c,cb,1b,99,c2,8a,d9,a1,1a,70,a0,28,38,3f,f5,29
[HKEY_USERS\S-1-5-21-3770246164-1455068142-2756262975-1000\Software\SecuROM\License information*]
"datasecu"=hex:37,82,9b,f1,8c,01,f5,93,9a,fc,fa,db,31,35,42,e3,32,35,0a,89,50,
6d,5d,88,ca,a9,4f,af,60,65,ce,31,5d,22,9c,cd,8c,83,aa,61,a9,ee,75,ee,86,2a,\
"rkeysecu"=hex:e2,34,26,8b,df,c8,0d,33,12,f3,82,33,39,4b,54,6b
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\conime.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2010-06-06 16:32:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-06-06 14:32
Před spuštěním: Volných bajtů: 29 704 241 152
Po spuštění: Volných bajtů: 29 656 735 744
- - End Of File - - 64C858B171BEFDD14A1D5673EA43F64F
Takové oznámení se objeví i pri pokusu spustit pozn.blok, malování, winrar, skype, výstřižky, atd. Co s tím budeme dělat?
Po dalším restartu počítače vkládám log z "ComboFix". Sorry, mohl jsem to zkusit dřív, asi jsem nějak mimo
ComboFix 10-06-05.02 - Jirka 06.06.2010 16:13:51.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2047.1324 [GMT 2:00]
Spuštěný z: c:\users\Jirka\Desktop\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
SP: ESET Smart Security 3.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet 3\adns.dll
c:\program files\FlashGet Network\FlashGet 3\btcoreu.dll
c:\program files\FlashGet Network\FlashGet 3\BugReport.dll
c:\program files\FlashGet Network\FlashGet 3\BugReport.exe
c:\program files\FlashGet Network\FlashGet 3\cd1.ico
c:\program files\FlashGet Network\FlashGet 3\ckcore.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\14_43260.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\28_83260.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\atrc.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\Codecs.zip
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\cook.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\ddnt3260.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\dnet3260.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\drv1.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\drv2.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\drvc.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\hxltcolor.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\raac.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\ralf.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\rv10.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\rv20.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\rv30.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\rv40.dll
c:\program files\FlashGet Network\FlashGet 3\codec\real\Codecs\sipr.dll
c:\program files\FlashGet Network\FlashGet 3\commonlib.dll
c:\program files\FlashGet Network\FlashGet 3\componentskrnl.dll
c:\program files\FlashGet Network\FlashGet 3\config\clients.met
c:\program files\FlashGet Network\FlashGet 3\config\clients.met.bak
c:\program files\FlashGet Network\FlashGet 3\config\cryptkey.dat
c:\program files\FlashGet Network\FlashGet 3\config\emfriends.met
c:\program files\FlashGet Network\FlashGet 3\config\known.met
c:\program files\FlashGet Network\FlashGet 3\config\known2_64.met
c:\program files\FlashGet Network\FlashGet 3\config\preferences.dat
c:\program files\FlashGet Network\FlashGet 3\config\preferences.ini
c:\program files\FlashGet Network\FlashGet 3\config\server.met
c:\program files\FlashGet Network\FlashGet 3\config\server_met.old
c:\program files\FlashGet Network\FlashGet 3\config\upload.met
c:\program files\FlashGet Network\FlashGet 3\corestat.dll
c:\program files\FlashGet Network\FlashGet 3\dbghelp.dll
c:\program files\FlashGet Network\FlashGet 3\fg.ico
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\default.htm
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\FGResDetector.conf
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\banner.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\bullet.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\close.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\closelabel.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\download-icon.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\explorer.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\ftp.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\image.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\introTextBg.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\loading.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\nextlabel.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\prevlabel.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\software.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\data\images\vod.gif
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\FGResDetector.exe
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\about.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\ftplist_tree_icon.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\option_icon.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\quickop_hide.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\quickop_show.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\statusbar_bk.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\tasktab_close.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_back.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_bk.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_close.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_forward.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\image\toolbar_refresh.png
c:\program files\FlashGet Network\FlashGet 3\FGResDetector_I\lang\l.eng.xml
c:\program files\FlashGet Network\FlashGet 3\FGSoftware.exe
c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe
c:\program files\FlashGet Network\FlashGet 3\FlashGet3.xpi
c:\program files\FlashGet Network\FlashGet 3\FlashGetBHO3.dll
c:\program files\FlashGet Network\FlashGet 3\FlashGetHook.dll
c:\program files\FlashGet Network\FlashGet 3\fnsArchive.dll
c:\program files\FlashGet Network\FlashGet 3\fnsDirectuix.dll
c:\program files\FlashGet Network\FlashGet 3\fnsLanguage.dll
c:\program files\FlashGet Network\FlashGet 3\fnslanguage_en.dll
c:\program files\FlashGet Network\FlashGet 3\fnsSecurity.dll
c:\program files\FlashGet Network\FlashGet 3\fnsScheduler.dll
c:\program files\FlashGet Network\FlashGet 3\fnsSkinX.dll
c:\program files\FlashGet Network\FlashGet 3\fnsStatistics.dll
c:\program files\FlashGet Network\FlashGet 3\game.ico
c:\program files\FlashGet Network\FlashGet 3\gb2312-unicode.dic
c:\program files\FlashGet Network\FlashGet 3\gdiplus.dll
c:\program files\FlashGet Network\FlashGet 3\GetAllUrl.htm
c:\program files\FlashGet Network\FlashGet 3\GetUrl.htm
c:\program files\FlashGet Network\FlashGet 3\GoogleToolbarInstaller_download_signed.exe
c:\program files\FlashGet Network\FlashGet 3\libem.dll
c:\program files\FlashGet Network\FlashGet 3\license.txt
c:\program files\FlashGet Network\FlashGet 3\lst_tz.bin
c:\program files\FlashGet Network\FlashGet 3\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet 3\p2pcore.dll
c:\program files\FlashGet Network\FlashGet 3\p2score.dll
c:\program files\FlashGet Network\FlashGet 3\perf.ini
c:\program files\FlashGet Network\FlashGet 3\pncrt.dll
c:\program files\FlashGet Network\FlashGet 3\pstat.dat
c:\program files\FlashGet Network\FlashGet 3\pup.dat
c:\program files\FlashGet Network\FlashGet 3\RdOldDb.dll
c:\program files\FlashGet Network\FlashGet 3\RealMediaSplitter.ax
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\BarSet.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\btn_check.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\btn_normal.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\btn_radio.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\desktoplink.ico
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\login_line.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\menu_icon.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\option_line.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\option_page_line.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\skin.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\SuspendLogo.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\SuspendNoLogo.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_backgrand.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_cancle.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_catgroy.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_group.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_new.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_open.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_option.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_pause.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_recly.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbar_start.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbarbutton_left.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbarbutton_middle.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\toolbarbutton_right.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\top_logotitle.gif
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\torrent.ico
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\userinfo_head.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\image\VistaStyleListItems.bmp
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\preview.png
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\skin.xml
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\sound\loginfailed.wav
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\sound\loginsucc.wav
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\sound\msgnotify.wav
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\sound\notify.wav
c:\program files\FlashGet Network\FlashGet 3\skin\international\default\topmain.png
c:\program files\FlashGet Network\FlashGet 3\SnapShot.dll
c:\program files\FlashGet Network\FlashGet 3\storage.dll
c:\program files\FlashGet Network\FlashGet 3\SysOptimize.exe
c:\program files\FlashGet Network\FlashGet 3\uninst.exe
c:\program files\FlashGet Network\FlashGet 3\VodCore.dll
c:\program files\FlashGet Network\FlashGet 3\zlib.dll
c:\programdata\hpe62CA.dll
c:\programdata\hpeFD7E.dll
c:\users\Jirka\AppData\Roaming\BITS
c:\users\Jirka\AppData\Roaming\BITS\BITS.ini
c:\users\Jirka\AppData\Roaming\BITS\DHTTable.dat
c:\users\Jirka\AppData\Roaming\BITS\ProxyList.ini
c:\users\Jirka\AppData\Roaming\FlashGetBHO
c:\users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
c:\users\Jirka\AppData\Roaming\FlashGetBHO\FlashGetHook.dll
c:\users\Jirka\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
c:\users\Jirka\AppData\Roaming\FlashGetBHO\GetUrl.htm
c:\users\Jirka\AppData\Roaming\inst.exe
c:\users\Jirka\Documents\cc_20100514_210500.reg
c:\windows\system32\%appdata%
c:\windows\system32\secustat.dat
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-06 do 2010-06-06 )))))))))))))))))))))))))))))))
.
2010-06-06 14:02 . 2010-06-06 14:01 318976 ----a-w- c:\windows\system32\CF13246.exe
2010-05-27 21:12 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-05-12 11:17 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-10 21:02 . 2010-05-10 21:02 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-05-10 21:01 . 2010-05-10 21:02 -------- d-----w- c:\program files\DAEMON Tools Lite
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-06 14:25 . 2009-11-13 03:43 34901 ----a-w- c:\programdata\nvModes.dat
2010-06-06 14:16 . 2007-01-08 21:09 607294 ----a-w- c:\windows\system32\perfh005.dat
2010-06-06 14:16 . 2007-01-08 21:09 119760 ----a-w- c:\windows\system32\perfc005.dat
2010-06-06 14:08 . 2009-04-28 08:35 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-06 13:37 . 2009-03-26 10:26 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-06-06 13:37 . 2009-03-25 16:51 -------- d-----w- c:\users\Jirka\AppData\Roaming\Media Player Classic
2010-06-06 13:36 . 2009-03-22 10:29 -------- d-----w- c:\program files\CCleaner
2010-06-06 08:32 . 2009-06-06 20:54 -------- d-----w- c:\program files\Trend Micro
2010-06-04 15:33 . 2009-07-28 18:47 -------- d-----w- c:\users\Jirka\AppData\Roaming\Skype
2010-06-04 14:09 . 2009-07-28 18:53 -------- d-----w- c:\users\Jirka\AppData\Roaming\skypePM
2010-05-27 21:05 . 2009-10-03 12:24 -------- d-----w- c:\users\Jirka\AppData\Roaming\HpUpdate
2010-05-27 21:00 . 2009-09-26 12:25 -------- d-----w- c:\programdata\HP Product Assistant
2010-05-27 21:00 . 2009-09-30 17:41 -------- d-----w- c:\program files\Internet Download Manager
2010-05-21 12:14 . 2009-10-02 23:45 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-16 11:22 . 2009-03-27 00:21 -------- d-----w- c:\users\Jirka\AppData\Roaming\Vso
2010-05-12 20:15 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-05-10 21:02 . 2009-06-24 13:51 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-05-10 20:58 . 2009-06-25 09:16 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-05-10 20:29 . 2010-04-03 12:31 -------- d-----w- c:\program files\Uloz.to Uploader
2010-05-01 06:45 . 2010-03-25 10:23 -------- d-----w- c:\program files\Opera
2010-04-27 12:45 . 2010-04-27 12:45 72856 ----a-w- c:\windows\system32\xliveinstallhost.exe
2010-04-27 12:45 . 2010-04-27 12:45 187544 ----a-w- c:\windows\system32\xliveinstall.dll
2010-04-25 21:56 . 2010-04-25 21:56 -------- d-----w- c:\program files\Ligos
2010-04-25 20:36 . 2010-04-25 20:36 -------- d-----w- c:\users\Jirka\AppData\Roaming\2K Sports
2010-04-25 20:20 . 2010-04-25 20:20 -------- d-----w- c:\program files\2K Sports
2010-04-25 11:25 . 2009-03-22 00:13 -------- d-----w- c:\programdata\NVIDIA
2010-04-25 11:25 . 2010-03-11 03:11 -------- d-----w- c:\program files\NVIDIA Corporation
2010-04-24 19:38 . 2010-04-24 19:36 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-04-24 19:38 . 2010-04-24 19:36 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-04-24 19:37 . 2009-06-05 09:37 -------- d-----w- c:\programdata\Electronic Arts
2010-04-21 13:34 . 2009-07-18 13:37 -------- d-----w- c:\program files\Sony Ericsson
2010-04-21 13:34 . 2009-03-22 20:42 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-21 13:33 . 2010-04-21 13:33 -------- d-----w- c:\program files\Avanquest update
2010-04-18 11:59 . 2010-04-18 12:00 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-16 14:49 . 2010-04-16 13:27 325177 ----a-w- c:\windows\hpoins12.dat
2010-04-16 14:47 . 2009-04-06 21:56 -------- d-----w- c:\users\Jirka\AppData\Roaming\Image Zone Express
2010-04-16 14:43 . 2010-04-16 14:43 -------- d-----w- c:\program files\Hewlett-Packard
2010-04-11 14:59 . 2009-10-19 16:38 181096 ----a-w- c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\vuhsvq3u.default\FlashGot.exe
2010-04-10 10:41 . 2009-06-23 08:23 -------- d-----w- c:\users\Jirka\AppData\Roaming\ICQ
2010-04-03 16:27 . 2010-04-03 16:27 985704 ----a-w- c:\windows\system32\nvsvc.dll
2010-04-03 16:27 . 2010-04-03 16:27 13683816 ----a-w- c:\windows\system32\nvcpl.dll
2010-04-03 16:27 . 2010-04-03 16:27 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-04-03 16:27 . 2010-04-03 16:27 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-04-02 15:17 . 2010-04-02 15:17 15426200 ----a-w- c:\windows\system32\xlive.dll
2010-04-02 15:17 . 2010-04-02 15:17 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2010-04-01 20:04 . 2010-04-01 19:58 69 ----a-w- c:\users\Jirka\jagex_runescape_preferences2.dat
2010-04-01 19:58 . 2010-04-01 19:56 41 ----a-w- c:\users\Jirka\jagex_runescape_preferences.dat
2010-03-25 09:27 . 2010-03-25 09:27 1107264 ----a-w- c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\vuhsvq3u.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2010-03-23 23:31 . 2010-03-23 23:31 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll
2010-03-23 23:31 . 2010-03-23 23:31 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll
2010-03-23 23:31 . 2010-03-23 23:31 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll
2010-03-23 23:31 . 2010-03-23 23:31 45056 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll
2010-03-23 23:31 . 2010-03-23 23:31 49152 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll
2010-03-23 23:31 . 2010-03-23 23:31 40960 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
2010-03-23 23:31 . 2010-03-23 23:31 341600 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
2010-03-23 23:31 . 2010-03-23 23:31 308808 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll
2010-03-23 23:31 . 2010-03-23 23:31 14848 ----a-w- c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
2010-03-16 22:09 . 2009-03-21 21:37 49168 ----a-w- c:\users\Jirka\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UIWatcher"="c:\program files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe" [2009-02-23 3508568]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-12 6965792]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-23 202256]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"VistaSp2"=hex(b):f0,e7,89,9f,2d,fb,c9,01
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-07-25 13224]
R3 se3ebus;Sony Ericsson Device 062 (WDM);c:\windows\system32\DRIVERS\se3ebus.sys [2007-04-10 83080]
R3 se3emdfl;Sony Ericsson Device 062 USB WMC Modem Filter;c:\windows\system32\DRIVERS\se3emdfl.sys [2007-04-10 15112]
R3 se3emdm;Sony Ericsson Device 062 USB WMC Modem Driver;c:\windows\system32\DRIVERS\se3emdm.sys [2007-04-10 108552]
R3 se3emgmt;Sony Ericsson Device 062 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\se3emgmt.sys [2007-04-10 100360]
R3 se3eobex;Sony Ericsson Device 062 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\se3eobex.sys [2007-04-10 98568]
R3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-05-10 691696]
S2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 3xHybrid;3xHybrid service;c:\windows\system32\DRIVERS\3xHybrid.sys [2007-04-20 674048]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
IE: Download all by FlashGet3 - c:\users\Jirka\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\Jirka\AppData\Roaming\FlashGetBHO\GetUrl.htm
Trusted Zone: kuaiche.com\software
FF - ProfilePath - c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\vuhsvq3u.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\vuhsvq3u.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\NativeComponent.dll
FF - component: c:\users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\vuhsvq3u.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashgetXpi.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\Npindeo.dll
FF - plugin: c:\programdata\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-FlashGet 3.3 - c:\program files\FlashGet Network\FlashGet 3\uninst.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-06 16:25
Windows 6.0.6002 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x8521A1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0x883a5d24
\Driver\ACPI -> acpi.sys @ 0x807bfd68
\Driver\atapi -> 0x8521a1f8
IoDeviceObjectType ->\Device\Harddisk0\DR0 ->Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3770246164-1455068142-2756262975-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:30,be,7a,e3,a2,2b,71,63,2d,48,b5,27,7a,1d,af,64,a1,23,24,83,a3,d3,95,
82,4b,d4,64,78,a7,7f,28,e2,bf,0c,96,fb,0a,cd,e7,d7,93,4d,42,9d,15,ed,1b,3b,\
"??"=hex:6c,cb,1b,99,c2,8a,d9,a1,1a,70,a0,28,38,3f,f5,29
[HKEY_USERS\S-1-5-21-3770246164-1455068142-2756262975-1000\Software\SecuROM\License information*]
"datasecu"=hex:37,82,9b,f1,8c,01,f5,93,9a,fc,fa,db,31,35,42,e3,32,35,0a,89,50,
6d,5d,88,ca,a9,4f,af,60,65,ce,31,5d,22,9c,cd,8c,83,aa,61,a9,ee,75,ee,86,2a,\
"rkeysecu"=hex:e2,34,26,8b,df,c8,0d,33,12,f3,82,33,39,4b,54,6b
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\conime.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Celkový čas: 2010-06-06 16:32:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-06-06 14:32
Před spuštěním: Volných bajtů: 29 704 241 152
Po spuštění: Volných bajtů: 29 656 735 744
- - End Of File - - 64C858B171BEFDD14A1D5673EA43F64F
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Pomalé hledání stránek a velmi často "Spojení přerušeno"
stáhněte TDSSKiller , rozbalte do složky C:\WINDOWS\system32\drivers a spusťte
zobrazí se následující okno:
proběhne sken, na jehož konci se v případě infekce zobrazí následující okno:
Pokud uvidíte na posledním řádku hlášku "Close all programs and choose Y to restart or N to continue", zmáčkněte klávesu Y a vaše pc bude restartováno
po restartu znovu aplikujte Combofix a vložte sem log po aplikaci
zobrazí se následující okno:
proběhne sken, na jehož konci se v případě infekce zobrazí následující okno:
Pokud uvidíte na posledním řádku hlášku "Close all programs and choose Y to restart or N to continue", zmáčkněte klávesu Y a vaše pc bude restartováno
po restartu znovu aplikujte Combofix a vložte sem log po aplikaci
Re: Pomalé hledání stránek a velmi často "Spojení přerušeno"
Je potřeba znovu log z "Combofixu"?
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Pomalé hledání stránek a velmi často "Spojení přerušeno"
stáhněte GMER , rozbalte a spusťte
proběhně sken; po jeho ukončení se zobrazí výsledky
poté klikněte na Save a uložíte tak log, jeho obsah sem vložte
pak dle tohoto návodu absolvujte druhý sken a opět obsah logu sem
pokud by se Vám to nedařilo, zkuste to v nouzovém režimu
proběhně sken; po jeho ukončení se zobrazí výsledky
poté klikněte na Save a uložíte tak log, jeho obsah sem vložte
pak dle tohoto návodu absolvujte druhý sken a opět obsah logu sem
pokud by se Vám to nedařilo, zkuste to v nouzovém režimu
Re: Pomalé hledání stránek a velmi často "Spojení přerušeno"
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-06-06 23:36:26
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\Jirka\AppData\Local\Temp\uwlcypoc.sys
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 8521B1F8
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
Device \FileSystem\fastfat \Fat 86FFC500
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
AttachedDevice \FileSystem\fastfat \Fat eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\tdx \Device\Ip epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\tdx \Device\Tcp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\tdx \Device\Udp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\tdx \Device\RawIp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
---- EOF - GMER 1.0.15 ----
Rootkit quick scan 2010-06-06 23:36:26
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\Jirka\AppData\Local\Temp\uwlcypoc.sys
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 8521B1F8
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
Device \FileSystem\fastfat \Fat 86FFC500
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
AttachedDevice \FileSystem\fastfat \Fat eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\tdx \Device\Ip epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\tdx \Device\Tcp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\tdx \Device\Udp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\tdx \Device\RawIp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
---- EOF - GMER 1.0.15 ----
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
Re: Pomalé hledání stránek a velmi často "Spojení přerušeno"
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-06 23:58:44
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\Jirka\AppData\Local\Temp\uwlcypoc.sys
---- System - GMER 1.0.15 ----
INT 0x52 ? 860E5BF8
INT 0x62 ? 860E5BF8
INT 0x72 ? 85216BF8
INT 0x82 ? 85216BF8
INT 0x92 ? 85216BF8
INT 0x92 ? 85216BF8
INT 0x92 ? 860E5BF8
INT 0x92 ? 85216BF8
INT 0xB2 ? 860E5BF8
---- Kernel code sections - GMER 1.0.15 ----
? System32\Drivers\spsz.sys Systém nemůže nalézt uvedenou cestu. !
.text USBPORT.SYS!DllUnload 833CA41B 5 Bytes JMP 860E51D8
.text ai7elxxc.SYS 8C153000 22 Bytes [82, 23, 02, 82, 6C, 22, 02, ...]
.text ai7elxxc.SYS 8C153017 98 Bytes [00, 32, B7, 78, 80, 3D, B5, ...]
.text ai7elxxc.SYS 8C15307A 82 Bytes [13, 82, E3, 71, 06, 82, 18, ...]
.text ai7elxxc.SYS 8C1530CE 10 Bytes [00, 00, 00, 00, 00, 00, C9, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; LEAVE ; HLT ; POP ESP; DEC EDX}
.text ai7elxxc.SYS 8C1530DA 12 Bytes [00, 00, 02, 00, 00, 00, 24, ...]
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[2100] kernel32.dll!SetUnhandledExceptionFilter 7724A84F 4 Bytes [C2, 04, 00, 00]
.text C:\Program Files\Mozilla Firefox\firefox.exe[2940] ntdll.dll!LdrLoadDll 77D49390 5 Bytes JMP 00DB13F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8068F6D6] \SystemRoot\System32\Drivers\spsz.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8068F042] \SystemRoot\System32\Drivers\spsz.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8068F800] \SystemRoot\System32\Drivers\spsz.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [8068F0C0] \SystemRoot\System32\Drivers\spsz.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8068F13E] \SystemRoot\System32\Drivers\spsz.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [8069EB90] \SystemRoot\System32\Drivers\spsz.sys
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortNotification] CC358B04
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortWritePortUchar] 838C179F
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortWritePortUlong] 458B38C6
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortGetPhysicalAddress] A5A5A514
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] [100D8BA5] \Program Files\DAEMON Tools Lite\Engine.dll (Helper library/DT Soft Ltd)
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortGetScatterGatherList] 5F8C1770
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortReadPortUchar] 30810889
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortStallExecution] 54771129
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortGetParentBusType] 10C25D5E
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortRequestCallback] 8B55CC00
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortWritePortBufferUshort] 084D8BEC
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortGetUnCachedExtension] 0CF0918B
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortCompleteRequest] 458B0000
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortMoveMemory] 8B108910
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 000CF491
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 04508900
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 053C7980
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortReadPortUshort] 560C558B
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortReadPortBufferUshort] C6127557
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortInitialize] B18D0502
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortGetDeviceBase] 00000CF8
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortDeviceStateChange] A508788D
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74D67817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74DBA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [74D6BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [74D5F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74D675E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74D5E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74D98395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [74D6DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74D5FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74D5FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74D571CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [74DECAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74D8C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74D5D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74D56853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74D5687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74D62AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\user32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 8521B1F8
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
Device \FileSystem\fastfat \FatCdrom 86FFC500
Device \Driver\volmgr \Device\VolMgrControl 852181F8
Device \Driver\usbuhci \Device\USBPDO-0 860E71F8
Device \Driver\usbuhci \Device\USBPDO-1 860E71F8
Device \Driver\usbuhci \Device\USBPDO-2 860E71F8
Device \Driver\usbuhci \Device\USBPDO-3 860E71F8
Device \Driver\usbehci \Device\USBPDO-4 860D41F8
AttachedDevice \Driver\tdx \Device\Tcp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
Device \Driver\volmgr \Device\HarddiskVolume1 852181F8
Device \Driver\volmgr \Device\HarddiskVolume2 852181F8
Device \Driver\cdrom \Device\CdRom0 860E81F8
Device \Driver\USBSTOR \Device\00000065 868B0500
Device \Driver\volmgr \Device\HarddiskVolume3 852181F8
Device \Driver\cdrom \Device\CdRom1 860E81F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 8521A1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-2 8521A1F8
Device \Driver\atapi \Device\Ide\IdePort0 8521A1F8
Device \Driver\atapi \Device\Ide\IdePort1 8521A1F8
Device \Driver\atapi \Device\Ide\IdePort2 8521A1F8
Device \Driver\atapi \Device\Ide\IdePort3 8521A1F8
Device \Driver\USBSTOR \Device\00000066 868B0500
Device \Driver\volmgr \Device\HarddiskVolume4 852181F8
Device \Driver\USBSTOR \Device\00000067 868B0500
Device \Driver\volmgr \Device\HarddiskVolume5 852181F8
Device \Driver\USBSTOR \Device\00000068 868B0500
Device \Driver\volmgr \Device\HarddiskVolume6 852181F8
Device \Driver\USBSTOR \Device\00000069 868B0500
Device \Driver\volmgr \Device\HarddiskVolume7 852181F8
Device \Driver\netbt \Device\NetBt_Wins_Export 867311F8
Device \Driver\Smb \Device\NetbiosSmb 867181F8
Device \Driver\PCI_PNP9466 \Device\0000004d spsz.sys
Device \Driver\netbt \Device\NetBT_Tcpip_{F44E462B-75E7-4DAA-B80A-B95F5B6FF338} 867311F8
Device \Driver\iScsiPrt \Device\RaidPort0 8618D1F8
AttachedDevice \Driver\tdx \Device\Udp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\tdx \Device\RawIp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
Device \Driver\USBSTOR \Device\0000006a 868B0500
Device \Driver\USBSTOR \Device\0000006b 868B0500
Device \Driver\sptd \Device\234580716 spsz.sys
Device \Driver\usbuhci \Device\USBFDO-0 860E71F8
Device \Driver\usbuhci \Device\USBFDO-1 860E71F8
Device \Driver\usbuhci \Device\USBFDO-2 860E71F8
Device \Driver\usbuhci \Device\USBFDO-3 860E71F8
Device \Driver\usbehci \Device\USBFDO-4 860D41F8
Device \Driver\ai7elxxc \Device\Scsi\ai7elxxc1Port5Path0Target0Lun0 851D01F8
Device \Driver\ai7elxxc \Device\Scsi\ai7elxxc1 851D01F8
Device \FileSystem\fastfat \Fat 86FFC500
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
AttachedDevice \FileSystem\fastfat \Fat eamon.sys (Amon monitor/ESET)
Device \FileSystem\cdfs \Cdfs 874891F8
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBC 0xF0 0xC9 0x90 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x4F 0x9A 0x03 0x4E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7E 0x04 0x76 0xA9 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBC 0xF0 0xC9 0x90 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x4F 0x9A 0x03 0x4E ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7E 0x04 0x76 0xA9 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Service\Scheduler@Heartbeat 0xD1 0x15 0x15 0xE2 ...
---- EOF - GMER 1.0.15 ----
Rootkit scan 2010-06-06 23:58:44
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\Jirka\AppData\Local\Temp\uwlcypoc.sys
---- System - GMER 1.0.15 ----
INT 0x52 ? 860E5BF8
INT 0x62 ? 860E5BF8
INT 0x72 ? 85216BF8
INT 0x82 ? 85216BF8
INT 0x92 ? 85216BF8
INT 0x92 ? 85216BF8
INT 0x92 ? 860E5BF8
INT 0x92 ? 85216BF8
INT 0xB2 ? 860E5BF8
---- Kernel code sections - GMER 1.0.15 ----
? System32\Drivers\spsz.sys Systém nemůže nalézt uvedenou cestu. !
.text USBPORT.SYS!DllUnload 833CA41B 5 Bytes JMP 860E51D8
.text ai7elxxc.SYS 8C153000 22 Bytes [82, 23, 02, 82, 6C, 22, 02, ...]
.text ai7elxxc.SYS 8C153017 98 Bytes [00, 32, B7, 78, 80, 3D, B5, ...]
.text ai7elxxc.SYS 8C15307A 82 Bytes [13, 82, E3, 71, 06, 82, 18, ...]
.text ai7elxxc.SYS 8C1530CE 10 Bytes [00, 00, 00, 00, 00, 00, C9, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; LEAVE ; HLT ; POP ESP; DEC EDX}
.text ai7elxxc.SYS 8C1530DA 12 Bytes [00, 00, 02, 00, 00, 00, 24, ...]
.text ...
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[2100] kernel32.dll!SetUnhandledExceptionFilter 7724A84F 4 Bytes [C2, 04, 00, 00]
.text C:\Program Files\Mozilla Firefox\firefox.exe[2940] ntdll.dll!LdrLoadDll 77D49390 5 Bytes JMP 00DB13F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8068F6D6] \SystemRoot\System32\Drivers\spsz.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8068F042] \SystemRoot\System32\Drivers\spsz.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8068F800] \SystemRoot\System32\Drivers\spsz.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [8068F0C0] \SystemRoot\System32\Drivers\spsz.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8068F13E] \SystemRoot\System32\Drivers\spsz.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [8069EB90] \SystemRoot\System32\Drivers\spsz.sys
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortNotification] CC358B04
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortWritePortUchar] 838C179F
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortWritePortUlong] 458B38C6
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortGetPhysicalAddress] A5A5A514
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] [100D8BA5] \Program Files\DAEMON Tools Lite\Engine.dll (Helper library/DT Soft Ltd)
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortGetScatterGatherList] 5F8C1770
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortReadPortUchar] 30810889
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortStallExecution] 54771129
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortGetParentBusType] 10C25D5E
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortRequestCallback] 8B55CC00
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortWritePortBufferUshort] 084D8BEC
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortGetUnCachedExtension] 0CF0918B
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortCompleteRequest] 458B0000
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortMoveMemory] 8B108910
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 000CF491
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 04508900
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 053C7980
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortReadPortUshort] 560C558B
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortReadPortBufferUshort] C6127557
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortInitialize] B18D0502
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortGetDeviceBase] 00000CF8
IAT \SystemRoot\System32\Drivers\ai7elxxc.SYS[ataport.SYS!AtaPortDeviceStateChange] A508788D
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74D67817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74DBA86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [74D6BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [74D5F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74D675E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74D5E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [74D98395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [74D6DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74D5FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74D5FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74D571CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [74DECAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [74D8C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74D5D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74D56853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74D5687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[456] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74D62AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\user32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\WS2_32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2312] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 8521B1F8
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
Device \FileSystem\fastfat \FatCdrom 86FFC500
Device \Driver\volmgr \Device\VolMgrControl 852181F8
Device \Driver\usbuhci \Device\USBPDO-0 860E71F8
Device \Driver\usbuhci \Device\USBPDO-1 860E71F8
Device \Driver\usbuhci \Device\USBPDO-2 860E71F8
Device \Driver\usbuhci \Device\USBPDO-3 860E71F8
Device \Driver\usbehci \Device\USBPDO-4 860D41F8
AttachedDevice \Driver\tdx \Device\Tcp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
Device \Driver\volmgr \Device\HarddiskVolume1 852181F8
Device \Driver\volmgr \Device\HarddiskVolume2 852181F8
Device \Driver\cdrom \Device\CdRom0 860E81F8
Device \Driver\USBSTOR \Device\00000065 868B0500
Device \Driver\volmgr \Device\HarddiskVolume3 852181F8
Device \Driver\cdrom \Device\CdRom1 860E81F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 8521A1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-2 8521A1F8
Device \Driver\atapi \Device\Ide\IdePort0 8521A1F8
Device \Driver\atapi \Device\Ide\IdePort1 8521A1F8
Device \Driver\atapi \Device\Ide\IdePort2 8521A1F8
Device \Driver\atapi \Device\Ide\IdePort3 8521A1F8
Device \Driver\USBSTOR \Device\00000066 868B0500
Device \Driver\volmgr \Device\HarddiskVolume4 852181F8
Device \Driver\USBSTOR \Device\00000067 868B0500
Device \Driver\volmgr \Device\HarddiskVolume5 852181F8
Device \Driver\USBSTOR \Device\00000068 868B0500
Device \Driver\volmgr \Device\HarddiskVolume6 852181F8
Device \Driver\USBSTOR \Device\00000069 868B0500
Device \Driver\volmgr \Device\HarddiskVolume7 852181F8
Device \Driver\netbt \Device\NetBt_Wins_Export 867311F8
Device \Driver\Smb \Device\NetbiosSmb 867181F8
Device \Driver\PCI_PNP9466 \Device\0000004d spsz.sys
Device \Driver\netbt \Device\NetBT_Tcpip_{F44E462B-75E7-4DAA-B80A-B95F5B6FF338} 867311F8
Device \Driver\iScsiPrt \Device\RaidPort0 8618D1F8
AttachedDevice \Driver\tdx \Device\Udp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\tdx \Device\RawIp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET)
Device \Driver\USBSTOR \Device\0000006a 868B0500
Device \Driver\USBSTOR \Device\0000006b 868B0500
Device \Driver\sptd \Device\234580716 spsz.sys
Device \Driver\usbuhci \Device\USBFDO-0 860E71F8
Device \Driver\usbuhci \Device\USBFDO-1 860E71F8
Device \Driver\usbuhci \Device\USBFDO-2 860E71F8
Device \Driver\usbuhci \Device\USBFDO-3 860E71F8
Device \Driver\usbehci \Device\USBFDO-4 860D41F8
Device \Driver\ai7elxxc \Device\Scsi\ai7elxxc1Port5Path0Target0Lun0 851D01F8
Device \Driver\ai7elxxc \Device\Scsi\ai7elxxc1 851D01F8
Device \FileSystem\fastfat \Fat 86FFC500
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
AttachedDevice \FileSystem\fastfat \Fat eamon.sys (Amon monitor/ESET)
Device \FileSystem\cdfs \Cdfs 874891F8
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBC 0xF0 0xC9 0x90 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x4F 0x9A 0x03 0x4E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7E 0x04 0x76 0xA9 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBC 0xF0 0xC9 0x90 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x4F 0x9A 0x03 0x4E ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7E 0x04 0x76 0xA9 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Media Center\Service\Scheduler@Heartbeat 0xD1 0x15 0x15 0xE2 ...
---- EOF - GMER 1.0.15 ----
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Pomalé hledání stránek a velmi často "Spojení přerušeno"
stáhněte MBR
přesuňte mbr.exe do adresáře C:\Windows
další postup je následující:
Start/Spustit, do okna napište cmd a stiskněte Enter.
zobrazí se okénko příkazového řádku; vy napište ručně příkaz:
mbr.exe -f
a stiskněte Enter
Po provedení operace restartujte a spusťte mbr ještě jednou, již normálně a vložte sem log
přesuňte mbr.exe do adresáře C:\Windows
další postup je následující:
Start/Spustit, do okna napište cmd a stiskněte Enter.
zobrazí se okénko příkazového řádku; vy napište ručně příkaz:
mbr.exe -f
a stiskněte Enter
Po provedení operace restartujte a spusťte mbr ještě jednou, již normálně a vložte sem log
Re: Pomalé hledání stránek a velmi často "Spojení přerušeno"
Vše jsem provedl dle návodu, ale log nikde nevidím.
MS Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika), Genuine Intel CPU2140@ 1.60GHz, 2.00GB RAM , NVIDIA GeForce 9400 GT
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Pomalé hledání stránek a velmi často "Spojení přerušeno"
log je umístněn C:\Windows\mbr.log
Přispějete na provoz fóra?