Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

internet

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
martin juhanak
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 11 kvě 2010 05:02

Re: internet

#16 Příspěvek od martin juhanak »

a-squared 4.5.0.50 2010.05.10 Trojan.Win32.Bagle!IK
AhnLab-V3 2010.05.21.00 2010.05.20 -
AntiVir 8.2.1.242 2010.05.21 -
Antiy-AVL 2.0.3.7 2010.05.21 -
Authentium 5.2.0.5 2010.05.21 W32/Bagle.IJ
Avast 4.8.1351.0 2010.05.21 -
Avast5 5.0.332.0 2010.05.21 -
AVG 9.0.0.787 2010.05.21 -
BitDefender 7.2 2010.05.21 Rootkit.Bagle.K
CAT-QuickHeal 10.00 2010.05.21 -
ClamAV 0.96.0.3-git 2010.05.21 Trojan.Agent-66914
Comodo 4899 2010.05.21 -
DrWeb 5.0.2.03300 2010.05.21 -
eSafe 7.0.17.0 2010.05.20 Win32.Bagle.RC.worm
eTrust-Vet 35.2.7502 2010.05.21 -
F-Prot 4.6.0.103 2010.05.20 W32/Bagle.IJ
F-Secure 9.0.15370.0 2010.05.21 Rootkit:W32/Bagle.SR
Fortinet 4.1.133.0 2010.05.21 W32/Bagle.ZNG!worm
GData 21 2010.05.21 Rootkit.Bagle.K
Ikarus T3.1.1.84.0 2010.05.21 Trojan.Win32.Bagle
Jiangmin 13.0.900 2010.05.21 Trojan/Agent.cmdf
Kaspersky 7.0.0.125 2010.05.21 -
McAfee 5.400.0.1158 2010.05.21 -
McAfee-GW-Edition 2010.1 2010.05.21 -
Microsoft 1.5802 2010.05.21 -
NOD32 5136 2010.05.21 -
Norman 6.04.12 2010.05.21 -
nProtect 2010-05-21.01 2010.05.21 Worm/W32.Bagle.7168
Panda 10.0.2.7 2010.05.21 -
PCTools 7.0.3.5 2010.05.21 Trojan-Downloader.Bagle
Prevx 3.0 2010.05.21 Medium Risk Malware
Rising 22.48.04.04 2010.05.21 Trojan.Win32.Generic.51E920C9
Sophos 4.53.0 2010.05.21 -
Sunbelt 6334 2010.05.21 Trojan.Win32.Generic!BT
Symantec 20101.1.0.89 2010.05.21 -
TheHacker 6.5.2.0.284 2010.05.20 Trojan/Rootkit.gen
TrendMicro 9.120.0.1004 2010.05.21 -
TrendMicro-HouseCall 9.120.0.1004 2010.05.21 -
VBA32 3.12.12.5 2010.05.21 -
ViRobot 2010.5.20.2326 2010.05.21 Trojan.Win32.Bagle.7168
VirusBuster 5.0.27.0 2010.05.21 -
Rozšiřující informace
File size: 7168 bytes
MD5...: 524d8d450622db4a7875b111c299a76b
SHA1..: fe22db1e0b864e77baeca5520c05c42431784fd8
SHA256: 7ae9aae77884ac0baa2f8168b3ed4de0c0c9834a42d8e5a775f47a2c66cec237
ssdeep: 96:wQQovxXZHQ7SioGfU2zSVeUvaUOPLNI8n1Sw1xJj0o:w+PQ/oV2z2eaaUOW8R
I
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1990
timedatestamp.....: 0x4788d40f (Sat Jan 12 14:51:59 2008)
machinetype.......: 0x14c (I386)

( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x9d4 0xa00 5.78 b65e29f81689fbde8b3d49891e4011de
.rdata 0x2000 0x144 0x200 2.93 4c5e3a3a7d9a4ad57704be677563d7ca
.data 0x3000 0x20 0x200 0.26 4f4f5306b935a3d853c02c6c206aa506
INIT 0x4000 0x292 0x400 3.74 a077364ef66a2ed1ad88d7557f37474a
.rsrc 0x5000 0x300 0x400 2.56 85021f99de084aa59772f678fd7aaf3a
.reloc 0x6000 0x106 0x200 2.65 173202905f3e2cfaecaf72eb73fd3c1c

( 2 imports )
> ntoskrnl.exe: MmIsAddressValid, MmProbeAndLockPages, MmMapLockedPagesSpecifyCache, MmBuildMdlForNonPagedPool, IoAllocateMdl, _except_handler3, ObfDereferenceObject, ObReferenceObjectByName, MmUnlockPages, RtlInitUnicodeString, KeServiceDescriptorTable, PsGetCurrentProcessId, IoGetCurrentProcess, IoDeleteDevice, IoCreateSymbolicLink, IoCreateDevice, IoDeleteSymbolicLink, IoFreeMdl, IoDriverObjectType, IofCompleteRequest
> HAL.dll: KfLowerIrql, KeRaiseIrqlToDpcLevel

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx ... 11c299a76b' target='_blank'>http://www.threatexpert.com/report.aspx ... 299a76b</a>
sigcheck:
publisher....: n/a
copyright....: Zaitsev Oleg, Copyright (C) 2004-2006
product......: AVZ Driver
description..: AVZ Driver
original name: avz.sys
internal name: avz.sys
file version.: 1, 2, 0, 0
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
<a href='http://info.prevx.com/aboutprogramtext. ... 00CCFB2D16' target='_blank'>http://info.prevx.com/aboutprogramtext. ... CFB2D16</a>



VAROVÁNÍ: VirusTotal je služba poskytovaná zdarma společnosti Hispasec Sistemas. Kvalita výsledků není nijak zaručena. Výsledky jsou závislé na tvůrci daného produktu. Vysledky testů nemusí být 100% správné. Tyto výsledky nemusí znamenat, že daný soubor je infikován, nebo čistý!
Nahoru
martin juhanak
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 11 kvě 2010 05:02

Re: internet

#17 Příspěvek od martin juhanak »

videa se sekají pořád!!
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: internet

#18 Příspěvek od earl »

:arrow: pokud jste tak jeste neucinil(a), presunte Combofix na plochu

otevrete si Poznamkovy blok

do nej zkopirujte skript z nasledujiciho okna:

Kód: Vybrat vše

KillALL::
Collect::
c:\windows\system32\drivers\uti3mtk2.sys
Driver::
uti3mtk2
Reboot::
ulozte vami vytvoreny textovy soubor jako CFScript.txt na plochu

po ulozeni uchopte vami vytvoreny skript levym tlacitkem mysi a presunte jej nad ikonu Combofixu, nad niz skript upustte:

Obrázek

po aplikaci by na vas mel vyskocit dalsi log, vlozte jej sem

Upozorneni: je mozne, ze po aplikaci skriptu a restartu nenabehnou Windows, v takovem pripade znovu restartujte, po restartu mackejte F8 a zvolte Posledni znamou funkcni konfiguraci
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
martin juhanak
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 11 kvě 2010 05:02

Re: internet

#19 Příspěvek od martin juhanak »

omboFix 10-05-15.03 - J-O-H-N-Y 22.05.2010 5:54.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.591 [GMT 2:00]
Spuštěný z: c:\documents and settings\J-O-H-N-Y\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\J-O-H-N-Y\Plocha\CFScript.txt.txt
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

file zipped: c:\windows\system32\drivers\uti3mtk2.sys
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\uti3mtk2.sys

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_UTI3MTK2
-------\Service_uti3mtk2


((((((((((((((((((((((((( Soubory vytvořené od 2010-04-22 do 2010-05-22 )))))))))))))))))))))))))))))))
.

2010-05-16 05:35 . 2010-05-16 05:35 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-05-14 16:01 . 2010-05-14 16:01 -------- d-----w- c:\windows\system32\drivers\NSS
2010-05-14 16:01 . 2010-05-14 16:01 -------- d-----w- c:\program files\Norton Security Scan
2010-05-12 04:00 . 2010-05-12 04:00 -------- d--h--w- c:\windows\$hf_mig$
2010-05-06 17:22 . 2010-05-06 17:22 -------- d-----r- c:\documents and settings\J-O-H-N-Y\Nabídka Start
2010-05-06 16:23 . 2010-03-30 21:38 20968 ----a-w- c:\windows\system32\drivers\cpuz133_x32.sys
2010-05-02 19:33 . 2010-05-02 19:35 7562568 ----a-w- c:\program files\Opera_964_int_Setup.exe
2010-05-02 08:27 . 2010-05-02 08:32 13019280 ----a-w- C:\Opera_1053_int_Setup.exe
2010-04-27 10:33 . 2010-04-27 10:33 -------- d-----w- c:\program files\1C Company

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-09 07:51 . 2006-03-02 12:00 47206 ----a-w- c:\windows\system32\perfc005.dat
2010-05-09 07:51 . 2006-03-02 12:00 312970 ----a-w- c:\windows\system32\perfh005.dat
2010-05-06 19:12 . 2009-12-20 15:43 -------- d-----w- c:\program files\Activision
2010-05-06 17:51 . 2007-02-09 14:52 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-05-06 17:05 . 2009-11-15 05:22 -------- d-----w- c:\program files\HottieStar Toolbar
2010-05-06 04:27 . 2010-05-06 04:27 2136885 ----a-w- c:\program files\kluci 034.jpg
2010-05-02 20:03 . 2009-05-25 19:31 -------- d-----w- c:\program files\Opera
2010-04-11 15:30 . 2009-09-01 14:27 -------- d-----w- c:\program files\DivX
2010-04-02 09:04 . 2006-12-23 14:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-02 09:04 . 2010-04-02 09:04 -------- d-----w- c:\program files\Rockstar Games
2010-03-10 06:17 . 2006-03-02 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-02-25 06:18 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2006-03-02 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-22 16:05 . 2010-02-22 16:05 127034 ------r- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2008-07-24 16:46 . 2008-07-24 16:45 455966 -c--a-w- c:\program files\cc_20080724_1845.reg
.

((((((((((((((((((((((((((((( SnapShot@2010-05-16_15.23.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-05-22 03:00 . 2010-05-22 03:00 16384 c:\windows\Temp\Perflib_Perfdata_94.dat
+ 2010-05-22 04:02 . 2010-05-22 04:02 16384 c:\windows\Temp\Perflib_Perfdata_68.dat
- 2010-05-16 09:04 . 2010-05-16 09:04 16384 c:\windows\Temp\Perflib_Perfdata_68.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-18 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\j2re1.4.2_04\bin\jusched.exe" [2004-02-22 32881]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-05-15 204800]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8491008]
"nwiz"="nwiz.exe" [2007-10-04 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"SoundMan"="SOUNDMAN.EXE" [2006-08-03 577536]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"Adobe Reader Speed Launcher"="c:\adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\T-o-m-a-s\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.0.lnk - c:\program files\OpenOffice.org 2.0\program\quickstart.exe [2006-6-28 393216]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2010-2-22 67128]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-2-22 688128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^J-O-H-N-Y^Nabídka Start^Programy^Po spuštění^VirtuaGirl HD.LNK]
path=c:\documents and settings\J-O-H-N-Y\Nabídka Start\Programy\Po spuštění\VirtuaGirl HD.LNK
backup=c:\windows\pss\VirtuaGirl HD.LNKStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Simon and Schuster\\Real War Rogue States\\rsclient.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Opera\\opera.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"15278:TCP"= 15278:TCP:*:Disabled:BitComet 15278 TCP
"15278:UDP"= 15278:UDP:*:Disabled:BitComet 15278 UDP
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1008000.029\SymEFA.sys [3.2.2010 19:13 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NIS\1008000.029\BHDrvx86.sys [3.2.2010 19:13 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1008000.029\cchpx86.sys [3.2.2010 19:12 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100513.002\IDSXpx86.sys [18.5.2010 5:08 329592]
R2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [6.5.2010 18:23 20968]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [10.3.2009 13:49 222456]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [3.2.2010 19:13 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2.5.2010 7:54 102448]
S1 prodrv03;Star Force copy protection driver v3;c:\windows\system32\drivers\prodrv03.sys [23.12.2006 21:39 115968]
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver;c:\windows\system32\drivers\Amps2prt.sys [9.5.2006 18:27 13824]
.
Obsah adresáře 'Naplánované úlohy'

2010-05-16 c:\windows\Tasks\Norton Security Scan for J-O-H-N-Y.job
- c:\program files\Norton Security Scan\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-05-14 16:01]

2010-05-22 c:\windows\Tasks\User_Feed_Synchronization-{3EBC8E45-B673-409E-B6A8-39CD28DB869A}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

2010-05-22 c:\windows\Tasks\User_Feed_Synchronization-{D16A776A-452B-4C18-A5F6-B3F8C0AF5170}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.gametop.com/?utm_source=OstrichRunner&utm_medium=start
mSearch Bar = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
TCP: {ABD1FD42-0011-486C-A9D8-08698785EC69} = 10.0.0.1
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
FF - ProfilePath - c:\documents and settings\J-O-H-N-Y\Data aplikací\Mozilla\Firefox\Profiles\n4u7d9kw.default\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-22 06:03
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.8.0.41\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-796845957-2000478354-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3760)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\Amhooker.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\E_S00RP1.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\SAgent4.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\SOUNDMAN.EXE
c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE
.
**************************************************************************
.
Celkový čas: 2010-05-22 06:07:02 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-05-22 04:06
ComboFix2.txt 2010-05-21 04:27
ComboFix3.txt 2010-05-16 15:27

Před spuštěním: Volných bajtů: 38 640 709 632
Po spuštění: Volných bajtů: 38 601 072 640

- - End Of File - - C5C2B6D1AACAE4A501E85B3AA3C6C9AB
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: internet

#20 Příspěvek od earl »

c:\documents and settings\J-O-H-N-Y\Nabídka Start\Programy\Po spuštění\VirtuaGirl HD.LNK

Toto osobne bych dal z pc pryc.Najdete to i v Pridat odebrat programy.

Jeste docistime po procesu odvirovani:

:arrow: Start - spustit - napiste ComboFix /Uninstall - a klepnout na OK,

pokud to takto nepujde,tak přejmenovat ComboFix.exe na Uninstall.exe a spustit ho.
-----------------------------------------------------------------------------------------------------------------

:arrow: Pouzijte T-Cleaner na vycisteni pc po utilitach pouzitych pri odvirovani.

Postupujte dle instrukci na obrazovce.Pri detekci antivirem se jedna o falesny poplach. :!:
-----------------------------------------------------------------------------------------------------------------

:arrow: Vycistete pc Ccleanerem.

Vzdy nejprve Analyzovat a pak Spustit Cleaner.2x po sobe.

Windows-odskrtnout historii a historii automatickeho vyplnovani formularu - prisel byste o historii navstivenych stranek a o ulozena hesla ve formularich

(je to sice z pohledu zabezpeceni spatne,ale aspon pak uzivatel nenadava,kam ze mu to zmizelo :D )

Aplikace-u prohlizecu internetu odskrtnout Historii internetu.

Registry-nechat vse zaskrtle,Hledej problemy,Opravit vybrane problemy

(nechat ho udelat zalohu-ta je ulozena v Dokumentech-DULEZITE).

Taktez 2x-3x po sobe.
------------------------------------------------------------------------------------------------------------------

:arrow: Provedte nekolikrat po sobe defragmentaci systemoveho disku C:

A je to vse.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
martin juhanak
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 11 kvě 2010 05:02

Re: internet

#21 Příspěvek od martin juhanak »

videa na internetu se stále sekají.a když mam spuštěný internet a chci zapnout něco na pc tak se pc hryže a dlouho se načítá...dík
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: internet

#22 Příspěvek od earl »

Sekaji se videa kde presne nacitana?

url,link...?
když mam spuštěný internet a chci zapnout něco na pc tak se pc hryže a dlouho se načítá
Toto znamena presne co? - mate otevren prohlizec(IE,Firefox,Opera) a pak spustite treba Microsoft Office?
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
martin juhanak
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 11 kvě 2010 05:02

Re: internet

#23 Příspěvek od martin juhanak »

zdravím videa se sekají jak v opeře tak i v firefoxu.a sekase to,jak v micr. office,nebo když chci něco vitisknout,a dlouhé nač.stránek.
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: internet

#24 Příspěvek od earl »

Jakou mate rychlost pripojeni prichozi/odchozi?

Pouzivate posledni verze Firefoxu,IE a Opery?

Spustte Spravce uloh (LCTRL+LAlt+Del) a napiste sem pocet procesu,ktery bezi v okamziku problematickeho chodu pc a ktere procesy vytezuji procesor nejvic.

:arrow: Stahnete a rozbalte do slozky na plochu Ultimate Process Manager v5.0.0

Spustte pod uctem s admin pravy a vpravo dole klepnete na tlacitko Vytvorit log.

V nasledujicim okne zaskrtnete tyto polozky:

SmallARK
Bezici procesy
Scanner
Po spusteni
Moduly
Blokace
Sluzby
Ovladace
INetStat
Ostatni
\System32
\Drivers
Filter MS
DigiSign


a zkontrolujte cestu v hornim radku,kam se log ulozi,popr. si ji zmente.

Po oskenovani pc a ulozeni logu jej nasledne vlozte sem.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
martin juhanak
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 11 kvě 2010 05:02

Re: internet

#25 Příspěvek od martin juhanak »

Windows XP SP 3 (build 2600)
Boot Mode: Normal
Ověření souborů Microsoftu: Ano
Whitelist: Ano
Internet Explorer v8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
Log vygenerován: 2.6.2010 21:01:53
================================================================

SmallARK
================================================================
[?]NtAlertResumeThread -> <?>
[?]NtAlertThread -> <?>
[?]NtAllocateVirtualMemory -> <?>
[?]NtAssignProcessToJobObject -> <?>
[?]NtConnectPort -> <?>
[R]NtCreateKey -> C:\WINDOWS\system32\drivers\SYMEVENT.SYS
[?]NtCreateMutant -> <?>
[?]NtCreateSymbolicLinkObject -> <?>
[?]NtCreateThread -> <?>
[?]NtDebugActiveProcess -> <?>
[R]NtDeleteKey -> C:\WINDOWS\system32\drivers\SYMEVENT.SYS
[R]NtDeleteValueKey -> C:\WINDOWS\system32\drivers\SYMEVENT.SYS
[?]NtDuplicateObject -> <?>
[?]NtFreeVirtualMemory -> <?>
[?]NtImpersonateAnonymousToken -> <?>
[?]NtImpersonateThread -> <?>
[?]NtLoadDriver -> <?>
[?]NtMapViewOfSection -> <?>
[?]NtOpenEvent -> <?>
[?]NtOpenProcess -> <?>
[?]NtOpenProcessToken -> <?>
[?]NtOpenSection -> <?>
[?]NtOpenThread -> <?>
[?]NtProtectVirtualMemory -> <?>
[?]NtResumeThread -> <?>
[?]NtSetContextThread -> <?>
[?]NtSetInformationProcess -> <?>
[?]NtSetSystemInformation -> <?>
[R]NtSetValueKey -> C:\WINDOWS\system32\drivers\SYMEVENT.SYS
[?]NtSuspendProcess -> <?>
[?]NtSuspendThread -> <?>
[?]NtTerminateProcess -> <?>
[?]NtTerminateThread -> <?>
[?]NtUnmapViewOfSection -> <?>
[?]NtWriteVirtualMemory -> <?>


Bežiace procesy
================================================================

C:\WINDOWS\SYSTEM32\E_S00RP1.EXE
C:\PROGRAM FILES\JAVA\J2RE1.4.2_04\BIN\JUSCHED.EXE
C:\WINDOWS\SYSTEM32\NVSVC32.E
Běžící procesy
================================================================

C:\WINDOWS\SYSTEM32\E_S00RP1.EXE
C:\PROGRAM FILES\JAVA\J2RE1.4.2_04\BIN\JUSCHED.EXE
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
C:\WINDOWS\SYSTEM32\SAGENT4.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRAM FILES\LOGITECH\SETPOINT\SETPOINT.EXE
C:\DOCUMENTS AND SETTINGS\J-O-H-N-Y\PLOCHA\ PLOCHA MANAGER 5\UPM.EXE
C:\DOCUMENTS AND SETTINGS\J-O-H-N-Y\PLOCHA\ PLOCHA MANAGER 5\UPM.EXE
C:\DOCUMENTS AND SETTINGS\J-O-H-N-Y\PLOCHA\ PLOCHA MANAGER 5\UPM.EXE
C:\DOCUMENTS AND SETTINGS\J-O-H-N-Y\PLOCHA\ PLOCHA MANAGER 5\UPM.EXE

Scanner
================================================================
[S] explorer.exe
Spouští se po startu HKLM Winlogon [Shell]

[?] E_S00RP1.EXE
Non Microsoft v System32:
Nemá okno

[?] jusched.exe
Bez výrobce
Spouští se po startu HKLM Run [SunJavaUpdateSched]
Nemá okno
Soubor 12%

[R] Amoumain.exe
Spouští se po startu HKLM Run [WheelMouse]

[?] nvsvc32.exe
Non Microsoft v System32:

[?] SAgent4.exe
Non Microsoft v System32:
Nemá okno

[?] soundman.exe
Spouští se po startu HKLM Run [SoundMan]

[R] apdproxy.exe
Spouští se po startu HKLM Run [Adobe Photo Downloader]

[R] GoogleToolbarNotifier.exe
Spouští se po startu HKCU Run [swg]

[S] ctfmon.exe
Spouští se po startu HKCU Run [ctfmon.exe]

[?] SetPoint.exe
Soubor 7%

[?] UPM.exe
Soubor 7%

[?] UPM.exe
Soubor 7%

[?] UPM.exe
Soubo
Po spustení
================================================================

HKLM Run
|_ [?][SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
|_ [?][NvCplDaemon] C:\WIND
Po spuštění
================================================================

HKLM Run
|_ [?][SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
|_ [?][NvCplDaemon] C:\WINDOWS\system32\NvCpl.dll ,NvStartup
|_ [?][nwiz] nwiz.exe /install
|_ [?][NvMediaCenter] C:\WINDOWS\system32\NvMcTray.dll ,NvTaskbarInit
|_ [?][SoundMan] C:\WINDOWS\SOUNDMAN.EXE

HKLM IC
|_ [X][>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP (Soubor nenalezen)
|_ [?][{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] C:\WINDOWS\INF\msnetmtg.inf ,NetMtg.Install.PerUser.NT
|_ [?][{5945c046-1e7d-11d1-bc44-00c04fd912be}] C:\WINDOWS\INF\msmsgs.inf ,BLC.QuietInstall.PerUser
|_ [?][{6BF52A52-394A-11d3-B153-00C04F79FAA6}] C:\WINDOWS\INF\wmp11.inf ,PerUserStub
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll


HKLM BHO
|_ [X][{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] (Soubor nenalezen)
|_ [X][{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Soubor nenalezen)
|_ [X][{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] (Soubor nenalezen)
|_ [X][{F97DA966-F09D-4cab-BF29-75A0026986EA}] (Soubor nenalezen)

HKCU IE WebBrowser Toolbar
|_ [X][{EE5D279F-081B-4404-994D-C6B60AAEBA6D}] (Soubor nenalezen)
|_ [X][{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}] (Soubor nenalezen)
|_ [X][{855F3B16-6D32-4FE6-8A56-BBB695989046}] (Soubor nenalezen)
|_ [X][{A057A204-BACC-4D26-9990-79A187E2698E}] (Soubor nenalezen)
|_ [X][{2318C2B1-4965-11D4-9B18-009027A5CD4F}] (Soubor nenalezen)
|_ [X][{5617ECA9-488D-4BA2-8562-9710B9AB78D2}] (Soubor nenalez
Služby (Zobraz bežiace: True, Zobraz zastavené: False, Zobraz i bezpečné: False)
================================================================
[?] EPSON V3 Service2(03)
|_ Cesta: C:\WINDOWS\system32\E_S00RP1.EXE
| |_ Výrobca: SEIKO EPSON CORPORATION
| |_ Popis: EPSON Status Monitor 3
| |_ MD5: 9B3ECBF38CC2B378373B7278D36432C6
|
|_ Meno: EPSON_PM_RPCV2_01
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Win32 Own Process
|_ Dependency:

[X] Norton Internet Security
|_ Cesta: C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.8.0.41\diMaster.dll /prefetch:1
| |_ Výrobca:
| |_ Popis:
| |_ MD5:
|
|_ Meno: Norton Internet Security
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Win32 Own Process
|_ Dependency: RpcSs

[?] NVIDIA Display Driver Service
|_ Cesta: C:\WINDOWS\system32\nvsvc32.exe
| |_ Výrobca: NVIDIA Corporation
| |_ Popis: NVIDIA Driver Helper Service, Version 163.75
| |_ MD5: 8D64B827A6709C3D18F855619D7D89E9
|
|_ Meno: NVSvc
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Win32 Own Process
|_ Dependency:

[?] Epson Printer Status Agent4
|_ Cesta: C:\WINDOWS\system32\SAgent4.exe
| |_ Výrobca: SEIKO EPSON CORPORATION
| |_ Popis: SAgent4
| |_ MD5: EF8E6DDAE54B9ACDAD7C05DAE79305C0
|
|_ Meno: StatusAgent4
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Win32 Own Process
|_ Dependency:


Ovládače (Zobraz bežiace: True, Zobraz zastavené: False, Zobraz i bezpečné: False)
================================================================
[?] Service for Realtek AC97 Audio (WDM)
|_ Cesta: C:\WINDOWS\system32\drivers\ALCXWDM.SYS
| |_ Výrobca: Realtek Semiconductor Corp.
| |_ Popis: Realtek AC'97 Audio Driver (WDM)
| |_ MD5: 8EAA98894A004A47964DCD84F57493C1
|
|_ Meno: ALCXWDM
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] atksgt
|_ Cesta: C:\WINDOWS\system32\DRIVERS\atksgt.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5: 6E996CF8459A2594E0E9609D0E34D41F
|
|_ Meno: atksgt
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] 3Com EtherLink XL 90X Adapter Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\el90xnd5.sys
| |_ Výrobca: 3Com Corporation
| |_ Popis: 3Com Fast EtherLink XL / EtherLink XL Network Miniport Driver
| |_ MD5: C277E6ACA6FD90C2F7C744B5BA228FBF
|
|_ Meno: EL90X
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] lirsgt
|_ Cesta: C:\WINDOWS\system32\DRIVERS\lirsgt.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5: 975B6CF65F44E95883F3855BAE8CECAF
|
|_ Meno: lirsgt
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] nv
|_ Cesta: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
| |_ Výrobca: NVIDIA Corporation
| |_ Popis: NVIDIA Compatible Windows 2000 Miniport Driver, Version 163.75
| |_ MD5: C190757A29A9BC0199032F353DD2557A
|
|_ Meno: nv
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] StarForce Protection Synchronization Driver v1
|_ Cesta: C:\WINDOWS\System32\drivers\prosync1.sys
| |_ Výrobca: Protection Technology
| |_ Popis: StarForce Protection Synchronization Driver
| |_ MD5: 960BCE3ED38761B446AABAC06C76BADF
|
|_ Meno: prosync1
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] StarForce Protection Environment Driver (version 1.x)
|_ Cesta: C:\WINDOWS\System32\drivers\sfdrv01.sys
| |_ Výrobca: Protection Technology (StarForce)
| |_ Popis: FrontLine Environment Driver
| |_ MD5: 9E7DEE11FD5A4355941A45F13C0ED59A
|
|_ Meno: sfdrv01
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] StarForce Protection Helper Driver (version 2.x)
|_ Cesta: C:\WINDOWS\System32\drivers\sfhlp02.sys
| |_ Výrobca: Protection Technology (StarForce)
| |_ Popis: FrontLine Helper Driver
| |_ MD5: ECEFB59D2206D281E6D317AF0EA0D8BD
|
|_ Meno: sfhlp02
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] StarForce Protection Synchronization Driver (version 2.x)
|_ Cesta: C:\WINDOWS\System32\drivers\sfsync02.sys
| |_ Výrobca: Protection Technology
| |_ Popis: StarForce Protection Synchronization Driver
| |_ MD5: 798D918D8F20380008277CE3CE5319D1
|
|_ Meno: sfsync02
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] StarForce Protection Synchronization Driver (version 4.x)
|_ Cesta: C:\WINDOWS\System32\drivers\sfsync04.sys
| |_ Výrobca: Protection Technology (StarForce)
| |_ Popis: FrontLine Synchronization Driver
| |_ MD5: 05E3038180CD846B0BCA0E915163606A
|
|_ Meno: sfsync04
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:


lNetStat
================================================================
Typ: PID Proces Local <-> Remote Status
---------------------------------------------------------------------------
lNetStat
================================================================
Typ: PID Proces Local <-> Remote Status
-----------------------------------------------------------------------------------------
TCP (1284) svchost.exe 0.0.0.0:135 LISTENING
TCP (1428) svchost.exe 0.0.0.0:251 LISTENING
TCP (4) Systém 0.0.0.0:445 LISTENING
TCP (3348) opera.exe 21.21.21.10:1087 <-> 91.203.99.45:80 ESTABLISHED
TCP (0) 21.21.21.10:1094 TIME_WAIT
TCP (0) 21.21.21.10:1096 TIME_WAIT
TCP (0) 21.21.21.10:1097 TIME_WAIT
TCP (0) 21.21.21.10:1099 TIME_WAIT
TCP (0) 21.21.21.10:1100 TIME_WAIT
TCP (0) 21.21.21.10:1101 TIME_WAIT
TCP (0) 21.21.21.10:1102 TIME_WAIT
TCP (0) 21.21.21.10:1106 TIME_WAIT
TCP (0) 21.21.21.10:1108 TIME_WAIT
TCP (0) 21.21.21.10:1110 TIME_WAIT
TCP (0) 21.21.21.10:1111 TIME_WAIT
TCP (0) 21.21.21.10:1112 TIME_WAIT
TCP (0) 21.21.21.10:1113 TIME_WAIT
TCP (0) 21.21.21.10:1114 TIME_WAIT
TCP (0) 21.21.21.10:1116 TIME_WAIT
TCP (0) 21.21.21.10:1120 TIME_WAIT
TCP (0) 21.21.21.10:1121 TIME_WAIT
TCP (3348) opera.exe 21.21.21.10:1123 <-> 209.85.135.138:80 ESTABLISHED
TCP (0) 21.21.21.10:1125 TIME_WAIT
TCP (0) 21.21.21.10:1129 TIME_WAIT
TCP (0) 21.21.21.10:1130 TIME_WAIT
TCP (0) 21.21.21.10:1131 TIME_WAIT
TCP (0) 21.21.21.10:1132 TIME_WAIT
TCP (0) 21.21.21.10:1133 TIME_WAIT
TCP (0) 21.21.21.10:1135 TIME_WAIT
TCP (0) 21.21.21.10:1137 TIME_WAIT
TCP (0) 21.21.21.10:1138 TIME_WAIT
TCP (0) 21.21.21.10:1141 TIME_WAIT
TCP (0) 21.21.21.10:1144 TIME_WAIT
TCP (0) 21.21.21.10:1146 TIME_WAIT
TCP (0) 21.21.21.10:1147 TIME_WAIT
TCP (0) 21.21.21.10:1149 TIME_WAIT
TCP (0) 21.21.21.10:1150 TIME_WAIT
TCP (0) 21.21.21.10:1151 TIME_WAIT
TCP (0) 21.21.21.10:1152 TIME_WAIT
TCP (0) 21.21.21.10:1154 TIME_WAIT
TCP (0) 21.21.21.10:1156 TIME_WAIT
TCP (0) 21.21.21.10:1159 TIME_WAIT
TCP (0) 21.21.21.10:1160 TIME_WAIT
TCP (0) 21.21.21.10:1161 TIME_WAIT
TCP (0) 21.21.21.10:1163 TIME_WAIT
TCP (0) 21.21.21.10:1164 TIME_WAIT
TCP (0) 21.21.21.10:1166 TIME_WAIT
TCP (0) 21.21.21.10:1168 TIME_WAIT
TCP (0) 21.21.21.10:1169 TIME_WAIT
TCP (0) 21.21.21.10:1170 TIME_WAIT
TCP (0) 21.21.21.10:1171 TIME_WAIT
TCP (0) 21.21.21.10:1174 TIME_WAIT
TCP (0) 21.21.21.10:1177 TIME_WAIT
TCP (0) 21.21.21.10:1179 TIME_WAIT
TCP (0) 21.21.21.10:1180 TIME_WAIT
TCP (0) 21.21.21.10:1182 TIME_WAIT
TCP (0) 21.21.21.10:1183 TIME_WAIT
TCP (0) 21.21.21.10:1184 TIME_WAIT
TCP (0) 21.21.21.10:1185 TIME_WAIT
TCP (0) 21.21.21.10:1186 TIME_WAIT
TCP (0) 21.21.21.10:1187 TIME_WAIT
TCP (0) 21.21.21.10:1188 TIME_WAIT
TCP (0) 21.21.21.10:1189 TIME_WAIT
TCP (3348) opera.exe 21.21.21.10:1191 FIN_WAIT1
TCP (0) 21.21.21.10:1192 TIME_WAIT
TCP (0) 21.21.21.10:1194 TIME_WAIT
TCP (0) 21.21.21.10:1195 TIME_WAIT
TCP (0) 21.21.21.10:1196 TIME_WAIT
TCP (0) 21.21.21.10:1197 TIME_WAIT
TCP (0) 21.21.21.10:1198 TIME_WAIT
TCP (0) 21.21.21.10:1199 TIME_WAIT
TCP (0) 21.21.21.10:1200 TIME_WAIT
TCP (0) 21.21.21.10:1201 TIME_WAIT
TCP (0) 21.21.21.10:1203 TIME_WAIT
TCP (0) 21.21.21.10:1204 TIME_WAIT
TCP (0) 21.21.21.10:1208 TIME_WAIT
TCP (0) 21.21.21.10:1209 TIME_WAIT
TCP (0) 21.21.21.10:1210 TIME_WAIT
TCP (0) 21.21.21.10:1211 TIME_WAIT
TCP (0) 21.21.21.10:1212 TIME_WAIT
TCP (0) 21.21.21.10:1213 TIME_WAIT
TCP (0) 21.21.21.10:1214 TIME_WAIT
TCP (0) 21.21.21.10:1218 TIME_WAIT
TCP (0) 21.21.21.10:1220 TIME_WAIT
TCP (0) 21.21.21.10:1221 TIME_WAIT
TCP (0) 21.21.21.10:1222 TIME_WAIT
TCP (0) 21.21.21.10:1223 TIME_WAIT
TCP (0) 21.21.21.10:1224 TIME_WAIT
TCP (0) 21.21.21.10:1225 TIME_WAIT
TCP (0) 21.21.21.10:1226 TIME_WAIT
TCP (0) 21.21.21.10:1227 TIME_WAIT
TCP (0) 21.21.21.10:1228 TIME_WAIT
TCP (0) 21.21.21.10:1229 TIME_WAIT
TCP (0) 21.21.21.10:1230 TIME_WAIT
TCP (3348) opera.exe 21.21.21.10:1231 FIN_WAIT1
TCP (0) 21.21.21.10:1232 TIME_WAIT
TCP (0) 21.21.21.10:1234 TIME_WAIT
TCP (0) 21.21.21.10:1235 TIME_WAIT
TCP (0) 21.21.21.10:1237 TIME_WAIT
TCP (0) 21.21.21.10:1238 TIME_WAIT
TCP (0) 21.21.21.10:1239 TIME_WAIT
TCP (0) 21.21.21.10:1241 TIME_WAIT
TCP (3348) opera.exe 21.21.21.10:1243 FIN_WAIT1
TCP (0) 21.21.21.10:1244 TIME_WAIT
TCP (0) 21.21.21.10:1245 TIME_WAIT
TCP (0) 21.21.21.10:1246 TIME_WAIT
TCP (0) 21.21.21.10:1247 TIME_WAIT
TCP (0) 21.21.21.10:1248 TIME_WAIT
TCP (0) 21.21.21.10:1249 TIME_WAIT
TCP (0) 21.21.21.10:1250 TIME_WAIT
TCP (0) 21.21.21.10:1251 TIME_WAIT
TCP (0) 21.21.21.10:1252 TIME_WAIT
TCP (0) 21.21.21.10:1254 TIME_WAIT
TCP (0) 21.21.21.10:1255 TIME_WAIT
TCP (0) 21.21.21.10:1256 TIME_WAIT
TCP (0) 21.21.21.10:1257 TIME_WAIT
TCP (0) 21.21.21.10:1258 TIME_WAIT
TCP (0) 21.21.21.10:1259 TIME_WAIT
TCP (0) 21.21.21.10:1262 TIME_WAIT
TCP (0) 21.21.21.10:1264 TIME_WAIT
TCP (0) 21.21.21.10:1265 TIME_WAIT
TCP (0) 21.21.21.10:1266 TIME_WAIT
TCP (0) 21.21.21.10:1267 TIME_WAIT
TCP (0) 21.21.21.10:1271 TIME_WAIT
TCP (0) 21.21.21.10:1273 TIME_WAIT
TCP (0) 21.21.21.10:1274 TIME_WAIT
TCP (0) 21.21.21.10:1275 TIME_WAIT
TCP (0) 21.21.21.10:1276 TIME_WAIT
TCP (0) 21.21.21.10:1277 TIME_WAIT
TCP (0) 21.21.21.10:1278 TIME_WAIT
TCP (0) 21.21.21.10:1279 TIME_WAIT
TCP (0) 21.21.21.10:1280 TIME_WAIT
TCP (0) 21.21.21.10:1281 TIME_WAIT
TCP (0) 21.21.21.10:1282 TIME_WAIT
TCP (0) 21.21.21.10:1283 TIME_WAIT
TCP (0) 21.21.21.10:1285 TIME_WAIT
TCP (0) 21.21.21.10:1286 TIME_WAIT
TCP (0) 21.21.21.10:1288 TIME_WAIT
TCP (0) 21.21.21.10:1289 TIME_WAIT
TCP (0) 21.21.21.10:1290 TIME_WAIT
TCP (0) 21.21.21.10:1291 TIME_WAIT
TCP (0) 21.21.21.10:1292 TIME_WAIT
TCP (0) 21.21.21.10:1294 TIME_WAIT
TCP (0) 21.21.21.10:1295 TIME_WAIT
TCP (0) 21.21.21.10:1296 TIME_WAIT
TCP (0) 21.21.21.10:1297 TIME_WAIT
TCP (0) 21.21.21.10:1298 TIME_WAIT
TCP (0) 21.21.21.10:1299 TIME_WAIT
TCP (0) 21.21.21.10:1302 TIME_WAIT
TCP (0) 21.21.21.10:1303 TIME_WAIT
TCP (0) 21.21.21.10:1305 TIME_WAIT
TCP (0) 21.21.21.10:1306 TIME_WAIT
TCP (0) 21.21.21.10:1307 TIME_WAIT
TCP (0) 21.21.21.10:1308 TIME_WAIT
TCP (0) 21.21.21.10:1310 TIME_WAIT
TCP (0) 21.21.21.10:1311 TIME_WAIT
TCP (0) 21.21.21.10:1312 TIME_WAIT
TCP (0) 21.21.21.10:1313 TIME_WAIT
TCP (0) 21.21.21.10:1314 TIME_WAIT
TCP (0) 21.21.21.10:1315 TIME_WAIT
TCP (0) 21.21.21.10:1319 TIME_WAIT
TCP (0) 21.21.21.10:1321 TIME_WAIT
TCP (0) 21.21.21.10:1322 TIME_WAIT
TCP (3348) opera.exe 21.21.21.10:1323 FIN_WAIT1
TCP (0) 21.21.21.10:1324 TIME_WAIT
TCP (0) 21.21.21.10:1326 TIME_WAIT
TCP (0) 21.21.21.10:1327 TIME_WAIT
TCP (0) 21.21.21.10:1328 TIME_WAIT
TCP (0) 21.21.21.10:1331 TIME_WAIT
TCP (0) 21.21.21.10:1333 TIME_WAIT
TCP (0) 21.21.21.10:1335 TIME_WAIT
TCP (0) 21.21.21.10:1336 TIME_WAIT
TCP (0) 21.21.21.10:1337 TIME_WAIT
TCP (0) 21.21.21.10:1338 TIME_WAIT
TCP (0) 21.21.21.10:1340 TIME_WAIT
TCP (0) 21.21.21.10:1341 TIME_WAIT
TCP (0) 21.21.21.10:1342 TIME_WAIT
TCP (0) 21.21.21.10:1343 TIME_WAIT
TCP (0) 21.21.21.10:1345 TIME_WAIT
TCP (0) 21.21.21.10:1346 TIME_WAIT
TCP (0) 21.21.21.10:1347 TIME_WAIT
TCP (0) 21.21.21.10:1348 TIME_WAIT
TCP (0) 21.21.21.10:1350 TIME_WAIT
TCP (0) 21.21.21.10:1353 TIME_WAIT
TCP (0) 21.21.21.10:1354 TIME_WAIT
TCP (0) 21.21.21.10:1357 TIME_WAIT
TCP (0) 21.21.21.10:1358 TIME_WAIT
TCP (0) 21.21.21.10:1360 TIME_WAIT
TCP (0) 21.21.21.10:1361 TIME_WAIT
TCP (0) 21.21.21.10:1363 TIME_WAIT
TCP (0) 21.21.21.10:1365 TIME_WAIT
TCP (0) 21.21.21.10:1366 TIME_WAIT
TCP (0) 21.21.21.10:1368 TIME_WAIT
TCP (0) 21.21.21.10:1369 TIME_WAIT
TCP (0) 21.21.21.10:1370 TIME_WAIT
TCP (0) 21.21.21.10:1371 TIME_WAIT
TCP (0) 21.21.21.10:1372 TIME_WAIT
TCP (0) 21.21.21.10:1373 TIME_WAIT
TCP (0) 21.21.21.10:1375 TIME_WAIT
TCP (0) 21.21.21.10:1376 TIME_WAIT
TCP (0) 21.21.21.10:1377 TIME_WAIT
TCP (0) 21.21.21.10:1378 TIME_WAIT
TCP (0) 21.21.21.10:1380 TIME_WAIT
TCP (0) 21.21.21.10:1381 TIME_WAIT
TCP (0) 21.21.21.10:1383 TIME_WAIT
TCP (0) 21.21.21.10:1384 TIME_WAIT
TCP (0) 21.21.21.10:1386 TIME_WAIT
TCP (0) 21.21.21.10:1387 TIME_WAIT
TCP (0) 21.21.21.10:1389 TIME_WAIT
TCP (0) 21.21.21.10:1392 TIME_WAIT
TCP (0) 21.21.21.10:1393 TIME_WAIT
TCP (0) 21.21.21.10:1394 TIME_WAIT
TCP (0) 21.21.21.10:1395 TIME_WAIT
TCP (0) 21.21.21.10:1396 TIME_WAIT
TCP (0) 21.21.21.10:1398 TIME_WAIT
TCP (0) 21.21.21.10:1399 TIME_WAIT
TCP (0) 21.21.21.10:1400 TIME_WAIT
TCP (0) 21.21.21.10:1401 TIME_WAIT
TCP (0) 21.21.21.10:1402 TIME_WAIT
TCP (0) 21.21.21.10:1403 TIME_WAIT
TCP (0) 21.21.21.10:1404 TIME_WAIT
TCP (0) 21.21.21.10:1405 TIME_WAIT
TCP (0) 21.21.21.10:1406 TIME_WAIT
TCP (0) 21.21.21.10:1407 TIME_WAIT
TCP (0) 21.21.21.10:1408 TIME_WAIT
TCP (0) 21.21.21.10:1409 TIME_WAIT
TCP (0) 21.21.21.10:1410 TIME_WAIT
TCP (0) 21.21.21.10:1411 TIME_WAIT
TCP (0) 21.21.21.10:1412 TIME_WAIT
TCP (3348) opera.exe 21.21.21.10:1413 FIN_WAIT1
TCP (0) 21.21.21.10:1414 TIME_WAIT
TCP (0) 21.21.21.10:1416 TIME_WAIT
TCP (0) 21.21.21.10:1417 TIME_WAIT
TCP (0) 21.21.21.10:1421 TIME_WAIT
TCP (0) 21.21.21.10:1422 TIME_WAIT
TCP (0) 21.21.21.10:1424 TIME_WAIT
TCP (0) 21.21.21.10:1426 TIME_WAIT
TCP (0) 21.21.21.10:1427 TIME_WAIT
TCP (0) 21.21.21.10:1430 TIME_WAIT
TCP (0) 21.21.21.10:1434 TIME_WAIT
TCP (0) 21.21.21.10:1438 TIME_WAIT
TCP (0) 21.21.21.10:1439 TIME_WAIT
TCP (0) 21.21.21.10:1440 TIME_WAIT
TCP (0) 21.21.21.10:1441 TIME_WAIT
TCP (0) 21.21.21.10:1442 TIME_WAIT
TCP (0) 21.21.21.10:1443 TIME_WAIT
TCP (0) 21.21.21.10:1445 TIME_WAIT
TCP (0) 21.21.21.10:1446 TIME_WAIT
TCP (0) 21.21.21.10:1448 TIME_WAIT
TCP (0) 21.21.21.10:1449 TIME_WAIT
TCP (0) 21.21.21.10:1451 TIME_WAIT
TCP (0) 21.21.21.10:1452 TIME_WAIT
TCP (0) 21.21.21.10:1453 TIME_WAIT
TCP (0) 21.21.21.10:1456 TIME_WAIT
TCP (0) 21.21.21.10:1457 TIME_WAIT
TCP (0) 21.21.21.10:1459 TIME_WAIT
TCP (3348) opera.exe 21.21.21.10:1460 FIN_WAIT1
TCP (0) 21.21.21.10:1461 TIME_WAIT
TCP (0) 21.21.21.10:1463 TIME_WAIT
TCP (0) 21.21.21.10:1464 TIME_WAIT
TCP (0) 21.21.21.10:1465 TIME_WAIT
TCP (0) 21.21.21.10:1467 TIME_WAIT
TCP (0) 21.21.21.10:1469 TIME_WAIT
TCP (0) 21.21.21.10:1470 TIME_WAIT
TCP (0) 21.21.21.10:1472 TIME_WAIT
TCP (0) 21.21.21.10:1473 TIME_WAIT
TCP (0) 21.21.21.10:1474 TIME_WAIT
TCP (0) 21.21.21.10:1475 TIME_WAIT
TCP (0) 21.21.21.10:1476 TIME_WAIT
TCP (0) 21.21.21.10:1478 TIME_WAIT
TCP (0) 21.21.21.10:1479 TIME_WAIT
TCP (0) 21.21.21.10:1480 TIME_WAIT
TCP (0) 21.21.21.10:1481 TIME_WAIT
TCP (0) 21.21.21.10:1482 TIME_WAIT
TCP (0) 21.21.21.10:1483 TIME_WAIT
TCP (0) 21.21.21.10:1484 TIME_WAIT
TCP (0) 21.21.21.10:1485 TIME_WAIT
TCP (0) 21.21.21.10:1487 TIME_WAIT
TCP (0) 21.21.21.10:1488 TIME_WAIT
TCP (0) 21.21.21.10:1489 TIME_WAIT
TCP (0) 21.21.21.10:1491 TIME_WAIT
TCP (0) 21.21.21.10:1492 TIME_WAIT
TCP (0) 21.21.21.10:1494 TIME_WAIT
TCP (0) 21.21.21.10:1495 TIME_WAIT
TCP (3348) opera.exe 21.21.21.10:1496 FIN_WAIT1
TCP (0) 21.21.21.10:1497 TIME_WAIT
TCP (0) 21.21.21.10:1498 TIME_WAIT
TCP (0) 21.21.21.10:1499 TIME_WAIT
TCP (0) 21.21.21.10:1500 TIME_WAIT
TCP (0) 21.21.21.10:1501 TIME_WAIT
TCP (0) 21.21.21.10:1502 TIME_WAIT
TCP (0) 21.21.21.10:1504 TIME_WAIT
TCP (0) 21.21.21.10:1505 TIME_WAIT
TCP (0) 21.21.21.10:1508 TIME_WAIT
TCP (3348) opera.exe 21.21.21.10:1509 FIN_WAIT1
TCP (0) 21.21.21.10:1510 TIME_WAIT
TCP (0) 21.21.21.10:1513 TIME_WAIT
TCP (0) 21.21.21.10:1515 TIME_WAIT
TCP (0) 21.21.21.10:1516 TIME_WAIT
TCP (0) 21.21.21.10:1517 TIME_WAIT
TCP (0) 21.21.21.10:1519 TIME_WAIT
TCP (0) 21.21.21.10:1520 TIME_WAIT
TCP (0) 21.21.21.10:1522 TIME_WAIT
TCP (0) 21.21.21.10:1524 TIME_WAIT
TCP (0) 21.21.21.10:1527 TIME_WAIT
TCP (0) 21.21.21.10:1529 TIME_WAIT
TCP (0) 21.21.21.10:1533 TIME_WAIT
TCP (0) 21.21.21.10:1534 TIME_WAIT
TCP (0) 21.21.21.10:1535 TIME_WAIT
TCP (0) 21.21.21.10:1536 TIME_WAIT
TCP (0) 21.21.21.10:1537 TIME_WAIT
TCP (0) 21.21.21.10:1538 TIME_WAIT
TCP (0) 21.21.21.10:1539 TIME_WAIT
TCP (0) 21.21.21.10:1540 TIME_WAIT
TCP (0) 21.21.21.10:1541 TIME_WAIT
TCP (0) 21.21.21.10:1542 TIME_WAIT
TCP (0) 21.21.21.10:1544 TIME_WAIT
TCP (0) 21.21.21.10:1547 TIME_WAIT
TCP (0) 21.21.21.10:1548 TIME_WAIT
TCP (0) 21.21.21.10:1550 TIME_WAIT
TCP (0) 21.21.21.10:1552 TIME_WAIT
TCP (0) 21.21.21.10:1554 TIME_WAIT
TCP (0) 21.21.21.10:1556 TIME_WAIT
TCP (0) 21.21.21.10:1558 TIME_WAIT
TCP (0) 21.21.21.10:1559 TIME_WAIT
TCP (0) 21.21.21.10:1560 TIME_WAIT
TCP (0) 21.21.21.10:1564 TIME_WAIT
TCP (0) 21.21.21.10:1565 TIME_WAIT
TCP (0) 21.21.21.10:1566 TIME_WAIT
TCP (0) 21.21.21.10:1570 TIME_WAIT
TCP (3348) opera.exe 21.21.21.10:1572 FIN_WAIT1
TCP (0) 21.21.21.10:1574 TIME_WAIT
TCP (0) 21.21.21.10:1575 TIME_WAIT
TCP (0) 21.21.21.10:1577 TIME_WAIT
TCP (0) 21.21.21.10:1579 TIME_WAIT
TCP (0) 21.21.21.10:1580 TIME_WAIT
TCP (0) 21.21.21.10:1581 TIME_WAIT
TCP (0) 21.21.21.10:1582 TIME_WAIT
TCP (0) 21.21.21.10:1585 TIME_WAIT
TCP (0) 21.21.21.10:1586 TIME_WAIT
TCP (0) 21.21.21.10:1588 TIME_WAIT
TCP (0) 21.21.21.10:1597 TIME_WAIT
TCP (0) 21.21.21.10:1598 TIME_WAIT
TCP (0) 21.21.21.10:1599 TIME_WAIT
TCP (0) 21.21.21.10:1600 TIME_WAIT
TCP (3348) opera.exe 21.21.21.10:1601 FIN_WAIT1
TCP (0) 21.21.21.10:1602 TIME_WAIT
TCP (0) 21.21.21.10:1609 TIME_WAIT
TCP (0) 21.21.21.10:1610 TIME_WAIT
TCP (0) 21.21.21.10:1611 TIME_WAIT
TCP (0) 21.21.21.10:1612 TIME_WAIT
TCP (0) 21.21.21.10:1616 TIME_WAIT
TCP (0) 21.21.21.10:1617 TIME_WAIT
TCP (0) 21.21.21.10:1620 TIME_WAIT
TCP (0) 21.21.21.10:1621 TIME_WAIT
TCP (0) 21.21.21.10:1622 TIME_WAIT
TCP (0) 21.21.21.10:1624 TIME_WAIT
TCP (0) 21.21.21.10:1626 TIME_WAIT
TCP (0) 21.21.21.10:1628 TIME_WAIT
TCP (0) 21.21.21.10:1629 TIME_WAIT
TCP (0) 21.21.21.10:1631 TIME_WAIT
TCP (0) 21.21.21.10:1634 TIME_WAIT
TCP (0) 21.21.21.10:1636 TIME_WAIT
TCP (0) 21.21.21.10:1639 TIME_WAIT
TCP (0) 21.21.21.10:1640 TIME_WAIT
TCP (0) 21.21.21.10:1646 TIME_WAIT
TCP (0) 21.21.21.10:1650 TIME_WAIT
TCP (0) 21.21.21.10:1651 TIME_WAIT
TCP (0) 21.21.21.10:1652 TIME_WAIT
TCP (0) 21.21.21.10:1657 TIME_WAIT
TCP (0) 21.21.21.10:1660 TIME_WAIT
TCP (0) 21.21.21.10:1661 TIME_WAIT
TCP (0) 21.21.21.10:1663 TIME_WAIT
TCP (0) 21.21.21.10:1667 TIME_WAIT
TCP (0) 21.21.21.10:1668 TIME_WAIT
TCP (0) 21.21.21.10:1670 TIME_WAIT
TCP (0) 21.21.21.10:1672 TIME_WAIT
TCP (0) 21.21.21.10:1673 TIME_WAIT
TCP (0) 21.21.21.10:1677 TIME_WAIT
TCP (0) 21.21.21.10:1679 TIME_WAIT
TCP (0) 21.21.21.10:1680 TIME_WAIT
TCP (0) 21.21.21.10:1683 TIME_WAIT
TCP (0) 21.21.21.10:1684 TIME_WAIT
TCP (0) 21.21.21.10:1689 TIME_WAIT
TCP (0) 21.21.21.10:1690 TIME_WAIT
TCP (0) 21.21.21.10:1692 TIME_WAIT
TCP (0) 21.21.21.10:1694 TIME_WAIT
TCP (0) 21.21.21.10:1696 TIME_WAIT
TCP (0) 21.21.21.10:1697 TIME_WAIT
TCP (0) 21.21.21.10:1698 TIME_WAIT
TCP (0) 21.21.21.10:1701 TIME_WAIT
TCP (0) 21.21.21.10:1702 TIME_WAIT
TCP (0) 21.21.21.10:1704 TIME_WAIT
TCP (0) 21.21.21.10:1706 TIME_WAIT
TCP (0) 21.21.21.10:1708 TIME_WAIT
TCP (0) 21.21.21.10:1709 TIME_WAIT
TCP (0) 21.21.21.10:1711 TIME_WAIT
TCP (0) 21.21.21.10:1714 TIME_WAIT
TCP (0) 21.21.21.10:1715 TIME_WAIT
TCP (0) 21.21.21.10:1719 TIME_WAIT
TCP (0) 21.21.21.10:1720 TIME_WAIT
TCP (0) 21.21.21.10:1725 TIME_WAIT
TCP (0) 21.21.21.10:1726 TIME_WAIT
TCP (0) 21.21.21.10:1727 TIME_WAIT
TCP (0) 21.21.21.10:1728 TIME_WAIT
TCP (0) 21.21.21.10:1729 TIME_WAIT
TCP (3348) opera.exe 21.21.21.10:1730 FIN_WAIT1
TCP (0) 21.21.21.10:1731 TIME_WAIT
TCP (0) 21.21.21.10:1732 TIME_WAIT
TCP (0) 21.21.21.10:1736 TIME_WAIT
TCP (0) 21.21.21.10:1737 TIME_WAIT
TCP (3348) opera.exe 21.21.21.10:1741 SYN_SENT
TCP (3668) alg.exe 127.0.0.1:1031 LISTENING
UDP (4) Systém 0.0.0.0:445 LISTENING
UDP (1064) lsass.exe 0.0.0.0:500
UDP (712) SAgent4.exe 0.0.0.0:3259
UDP (1064) lsass.exe 0.0.0.0:4500
UDP (1428) svchost.exe 21.21.21.10:123
UDP (3348) opera.exe 21.21.21.10:1085
UDP (1580) svchost.exe 21.21.21.10:1900
UDP (3348) opera.exe 21.21.21.10:1900

Moduly (Zobraz i bezpečné: False, Len bez výrobcu: True, Zobraz registrované: False)
================================================================
[?] rarext.dll
|_ Cesta: C:\Program Files\WinRAR\RarExt.dll
|_ MD5: 6518296034B7B0E60
Moduly (Zobraz i bezpečné DLL: False, Jen bez výrobce: True, Zobraz registrované: False)
================================================================
[?] rarext.dll
|_ Cesta: C:\Program Files\WinRAR\RarExt.dll
|_ MD5: 6518296034B7B0E607689D59B01B8B61
|_ Výrobce:
|_ Procesy
|_ explorer.exe (280)

[?] eppshell.dll
|_ Cesta: C:\Program Files\epson\Creativity Suite\Easy Photo Print\EPPShell.dll
|_ MD5: 4231CDA22C192BD7810DC9842199641C
|_ Výrobce: SEIKO EPSON CORPORATION
|_ Procesy
|_ explorer.exe (280)

[?] nvshell.dll
|_ Cesta: C:\WINDOWS\system32\nvshell.dll
|_ MD5: 1634D99C80A31C3BF9552A4613ACF6AD
|_ Výrobce: ?
|_ Procesy
|_ explorer.exe (280)

[?] lgscroll.dll
|_ Cesta: C:\Program Files\Logitech\SetPoint\lgscroll.dll
|_ MD5: 77D376CF60E42F7310A3C93043F70389
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ explorer.exe (280)
|_ Amoumain.exe (608)
|_ soundman.exe (1608)
|_ apdproxy.exe (1628)
|_ GoogleToolbarNotifier.exe (1600)
|_ ctfmon.exe (1184)
|_ SetPoint.exe (1992)
|_ ccSvcHst.exe (1028)
|_ KHALMNPR.exe (2432)
|_ UPM.exe (2664)
|_ UPM.exe (3572)
|_ UPM.exe (1788)
|_ UPM.exe (1812)
|_ opera.exe (3348)

[?] uwinapi.dll
|_ Cesta: C:\Program Files\OpenOffice.org 2.0\program\uwinapi.dll
|_ MD5: 229685FBE3464374298A2C217CB468F3
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ explorer.exe (280)

[?] stlport_vc7145.dll
|_ Cesta: C:\Program Files\OpenOffice.org 2.0\program\stlport_vc7145.dll
|_ MD5: 66800BC45E22EF11345961CAF777CBEE
|_ Výrobce: STLport Consulting, Inc.
|_ Procesy
|_ explorer.exe (280)

[?] shlxthdl.dll
|_ Cesta: C:\Program Files\OpenOffice.org 2.0\program\shlxthdl.dll
|_ MD5: 70D5AB55F09F87E178BB0B109BAF297E
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ explorer.exe (280)

[?] msvcr71.dll
|_ Cesta: C:\Program Files\OpenOffice.org 2.0\program\msvcr71.dll
|_ MD5: C5FC68C2E9D18A318B84DA099355EBC9
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ explorer.exe (280)
|_ apdproxy.exe (1628)

[?] msvcp71.dll
|_ Cesta: C:\Program Files\OpenOffice.org 2.0\program\msvcp71.dll
|_ MD5: C28F170D1599E9AFF3A6E9A202F9E0B1
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ explorer.exe (280)
|_ apdproxy.exe (1628)

[?] apdboot.dll
|_ Cesta: C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdboot.dll
|_ MD5: A5A5AF3A7A1DBD4583E3BF577791287D
|_ Výrobce: Adobe Systems Incorporated
|_ Procesy
|_ apdproxy.exe (1628)

[?] khalapi.dll
|_ Cesta: C:\Program Files\Common Files\Logitech\khalshared\KHALAPI.DLL
|_ MD5: 64A8A5981E9AC409B6F302B770B7A6EC
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)
|_ KHALMNPR.exe (2432)

[?] kemhook.dll
|_ Cesta: C:\Program Files\Logitech\SetPoint\KEMHook.dll
|_ MD5: 07D796AF6763E37B6C86AD41DD1C9F6F
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)

[?] macrocore.dll
|_ Cesta: C:\Program Files\Logitech\SetPoint\Macros\MacroCore.dll
|_ MD5: B6679839843A4B644040573CBC44A6BE
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)

[?] kemutil.dll
|_ Cesta: C:\WINDOWS\system32\KemUtil.dll
|_ MD5: 46E713C6BA77146D82FCA597261C0C66
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)

[?] kemutb.dll
|_ Cesta: C:\WINDOWS\system32\kemutb.dll
|_ MD5: B98CBCB2F97F221B9134DEE413B252A8
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)

[?] kemxml.dll
|_ Cesta: C:\WINDOWS\system32\KemXML.dll
|_ MD5: 875D1E6672D89D6E025A1E96EE14647E
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)

[?] lcabhandler.dll
|_ Cesta: C:\Program Files\Logitech\SetPoint\LCabHandler.dll
|_ MD5: 06C4FE3FDE488F5FB6E591AC98158481
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)

[?] kemwnd.dll
|_ Cesta: C:\WINDOWS\system32\KemWnd.dll
|_ MD5: 0F69783D46178C8CDCF2E9AA8B67644D
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)

[?] gamehook.dll
|_ Cesta: C:\Program Files\Logitech\SetPoint\gamehook.dll
|_ MD5: F3C129A373290008B2B5553858969B96
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)

[?] kgame.dll
|_ Cesta: C:\Program Files\Logitech\SetPoint\kgame.dll
|_ MD5: 25FE2E8A7B2C5FDD92CD481EEF4F2E66
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)

[?] macromedia.dll
|_ Cesta: C:\Program Files\Logitech\SetPoint\Macros\MacroMedia.dll
|_ MD5: F9E7F6C69D00F2CB762CD759860FC6E2
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)

[?] imhook.dll
|_ Cesta: C:\Program Files\Logitech\SetPoint\IMHook.dll
|_ MD5: 94EFE06DFD91C0DB63F9B82F52D3AEE8
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)

[?] setpointcom.dll
|_ Cesta: C:\Program Files\Logitech\SetPoint\SetPointCOM.DLL
|_ MD5: 6721B8A71E4192F0CECFEEC874CFEF0B
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)

[?] webbrowsersupport.dll
|_ Cesta: C:\Program Files\Logitech\SetPoint\WebBrowserSupport.dll
|_ MD5: B9CBC863EDE9DA1C41550E91D7EC05E3
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ SetPoint.exe (1992)

[?] khalitch.dll
|_ Cesta: C:\Program Files\Common Files\Logitech\khalshared\KHALITCH.dll
|_ MD5: 37A0D54719DE38169E8DD1E3E2F9E98D
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ KHALMNPR.exe (2432)

[?] khalmw.dll
|_ Cesta: C:\Program Files\Common Files\Logitech\khalshared\KHALMW.dll
|_ MD5: 249079404C68AD9F4082BD44CD115261
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ KHALMNPR.exe (2432)

[?] khalhpp.dll
|_ Cesta: C:\Program Files\Common Files\Logitech\khalshared\KHALHPP.dll
|_ MD5: 699040A5ECF8145805C136C1BE875EEF
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ KHALMNPR.exe (2432)

[?] khalmou.dll
|_ Cesta: C:\Program Files\Common Files\Logitech\khalshared\KHALMOU.dll
|_ MD5: 018F1BEBF7E34153AE0F64BFE217D759
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ KHALMNPR.exe (2432)

[?] khalhid.dll
|_ Cesta: C:\Program Files\Common Files\Logitech\khalshared\KHALHID.dll
|_ MD5: 650E975E623935A9E808BD74BF5168A5
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ KHALMNPR.exe (2432)

[?] khalusb.dll
|_ Cesta: C:\Program Files\Common Files\Logitech\khalshared\KHALUSB.dll
|_ MD5: 039F81C1D85A6E6588A2726B6EDA9128
|_ Výrobce: Logitech Inc.
|_ Procesy
|_ KHALMNPR.exe (2432)


Výpis souborů
================================================================
\System32:
[?] acelpdec.ax 7 no vrfy, {85217B6B}
[?] actskn45.ocx 7 no vrfy, {BEB2A56F}
[?] AgCPanelFrench.dll AGCPAN~2.DLL 12 ncmpny, {B4000BFB}
[?] AgCPanelGerman.dll AGCPAN~1.DLL 12 ncmpny, {B42608B3}
[?] AgCPanelJapanese.dll AGCPAN~4.DLL 12 ncmpny, {67756355}
[?] AgCPanelKorean.dll AG6779~1.DLL 12 ncmpny, {CD141026}
[?] AgCPanelPortugese.dll AG9726~1.DLL 12 ncmpny, {B43408A1}
[?] AgCPanelSimplifiedChinese.dll AGE9E8~1.DLL 12 ncmpny, {1A7C5DB1}
[?] AgCPanelSpanish.dll AGE5A0~1.DLL 12 ncmpny, {B4EB0859}
[?] AgCPanelSwedish.dll AGCPAN~3.DLL 12 ncmpny, {B4E20AB8}
[?] AgCPanelTraditionalChinese.dll AGACAA~1.DLL 12 ncmpny, {7DEA03EC}
[!] DivX.dll 70 no vrfy, infected? {EA7B807A}
[?] divx_xx07.dll DIVX_X~3.DLL 14 no vrfy, {0E58ACDF}
[?] divx_xx0a.dll DIVX_X~4.DLL 14 no vrfy, {61FAA15B}
[?] divx_xx0c.dll DIVX_X~2.DLL 14 no vrfy, {94DE232E}
[?] divx_xx11.dll DIVX_X~1.DLL 14 no vrfy, {ED00689D}
[?] divx_xx16.dll DI4024~1.DLL 14 no vrfy, {616E6C4F}
[?] dpl100.dll 7 no vrfy, {4DF3406D}
[?] dxtmsft3.dll 12 ncmpny, {7A88D451}
[?] eax.dll 7 no vrfy, {CA73B322}
[?] EPPicMgr.dll 7 no vrfy, {385EC85D}
[?] EpPicPrt.dll 7 no vrfy, {A1785072}
[?] imagx5.dll 7 no vrfy, {344B79CD}
[?] iyvu9_32.dll 12 ncmpny, {C814E976}
[?] java.exe 12 ncmpny, {FE9F43E0}
[?] javaw.exe 12 ncmpny, {60ACC4DF}
[?] jpicpl32.cpl 14 no vrfy, {05E5A09C}
[?] kemutb.dll 7 no vrfy, {B45EE375}
[?] KemUtil.dll 7 no vrfy, {090BAB27}
[?] KemWnd.dll 7 no vrfy, {50E2282E}
[?] KemXML.dll 7 no vrfy, {76C81712}
[?] keystone.exe 12 ncmpny, {560F7782}
[?] LMRTREND.dll 12 ncmpny, {AE368A67}
[?] MafiaSetup.exe MAFIAS~1.EXE 14 no vrfy, {71DB2500}
[?] Msjint35.dll 12 ncmpny, {ABC7F5C1}
[?] msjter35.dll 12 ncmpny, {85522952}
[X] msln.exe 100 [ADS: 69e5bf2a3605ef12eb1f38ae5de9a8d8, (436 B)] {00000000}
[?] msltus35.dll 12 ncmpny, {FDC7C8F1}
[?] mspdox35.dll 12 ncmpny, {809BB033}
[?] msrepl35.dll 12 ncmpny, {0D6CEF7B}
[?] mstext35.dll 12 ncmpny, {440C978D}
[?] msxbse35.dll 12 ncmpny, {9A9054D4}
[?] npwmsdrm.dll 12 ncmpny, {AAC5F2FD}
[?] nvappbar.exe 25 ncmpny, {750EA98C}
[?] nvcolor.exe 7 no vrfy, {4D0972F7}
[?] nvcpl.cpl 14 no vrfy, {C0934B21}
[?] nvcplui.exe 7 no vrfy, {27ABB6DF}
[?] nvdspsch.exe 25 ncmpny, {C711E84D}
[?] nvexpbar.dll 7 no vrfy, {8D88BC22}
[?] nview.dll 12 ncmpny, {2A7C6F7E}
[?] nvshell.dll 25 ncmpny, {79F3CB44}
[?] nvudisp.exe 14 no vrfy, {82B3290B}
[?] NVUNINST.EXE 14 no vrfy, {82B3290B}
[?] nvwdmcpl.dll 25 ncmpny, {4E2B536D}
[?] nwiz.exe 25 ncmpny, {9857DB7E}
[?] PhysX.cpl 25 ncmpny, {D7D6E9C9}
[?] PhysXLoader.dll PHYSXL~1.DLL 12 ncmpny, {98ED76EF}
[?] PICEntry.dll 49 no vrfy, time mism., {E11C9F2A}
[?] PICSDK.dll 7 no vrfy, {2795717B}
[?] PICSDK2.dll 49 no vrfy, time mism., {51A182D8}
[?] pkcs11wrapper.dll PKCS11~1.DLL 7 no vrfy, {EEC6C5B6}
[?] qcut.dll 12 ncmpny, {7E75E009}
[?] tm20dec.ax 7 no vrfy, {64C154EF}
[?] tmp56.tmp 14 no vrfy, {0E96A449}
[?] tmp57.tmp 14 no vrfy, {0E96A449}
[?] unam4ie.exe 25 ncmpny, {5CA941F1}
[?] w95inf32.dll 25 ncmpny, {959D4F81}
[?] wmidx.ocx 12 ncmpny, {0C058DDC}

\Drivers:
[?] atksgt.sys 25 ncmpny, {E1714BFE}
[?] FNM7.tmp 14 no vrfy, {B64B4F4B}
[?] lirsgt.sys 25 ncmpny, {41811C40}
[?] prodrv03.sys 12 ncmpny, {445D4E0F}
[?] prosync1.sys 7 no vrfy, {5E0A8027}
[?] sfdrv01.sys 14 no vrfy, {E82D7E36}
[?] sfhlp02.sys 14 no vrfy, {9532C8BE}
[?] sfsync02.sys 14 no vrfy, {7ED9D7C4}
[?] v800bus.sys 7 no vrfy, {831D1E7A}
[?] v800cm95.sys 7 no vrfy, {FE9E96A3}
[?] v800cmnt.sys 7 no vrfy, {FE251899}
[?] v800cr.sys 7 no vrfy, {F0F41F2D}
[?] v800mdfl.sys 7 no vrfy, {0B4BA7B3}
[?] v800mdm.sys 7 no vrfy, {86C44624}
[?] v800mgmt.sys 7 no vrfy, {10CF2AA6}
[?] v800obex.sys 7 no vrfy, {0FE67956}
[?] v800wh95.sys 7 no vrfy, {384306B7}
[?] v800whnt.sys 7 no vrfy, {3356482D}

Access violations - HKCU
================================================================
když běží internet opera.exe tak běží procesor na 99%
a když je internet vypnutý ,,nečinné procesy 64 %,explorer.exe 20%,dumprex.exe.20 %


================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ] - Not Registered =(
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: internet

#26 Příspěvek od earl »

Pardon,nejak jste mi tu zapadl... :oops:
Jakou mate rychlost pripojeni prichozi/odchozi?

Pouzivate posledni verze Firefoxu,IE a Opery?
:???:

Dela to ve vsech prohlizecich?

:arrow: Start-Hledat a najdete tyto dva soubory a otestujte je na VIRUSTOTALu

tmp56.tmp

tmp57.tmp
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
martin juhanak
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 11 kvě 2010 05:02

Re: internet

#27 Příspěvek od martin juhanak »

díky už to funguje :D
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: internet

#28 Příspěvek od earl »

Ok,jeste kdyztak poprosim o jeden log z RSITu.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
martin juhanak
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 11 kvě 2010 05:02

Re: internet

#29 Příspěvek od martin juhanak »

info.txt logfile of random's system information tool 1.06 2010-07-04 19:17:28

======Uninstall list======

-->MsiExec /X{7032E73F-68A0-48F9-8100-E70E79169BAE}
-->MsiExec.exe /X{69495273-FCDC-4A86-BCB7-49B504D3FB0E}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
A4tech USB Mouse Quality Testing Program V5.0-->MsiExec.exe /I{361693F2-A153-4359-A4CB-A1B9FF2AA5E6}
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.3.3 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A93000000001}
Adobe® Photoshop® Album Starter Edition 3.2-->MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
AGEIA PhysX v6.12.02-->MsiExec.exe /X{7032E73F-68A0-48F9-8100-E70E79169BAE}
Aktualizace systému Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Benefit-->"d:\Benefit\MONITORING MŠMT NP\unins000.exe"
Brigade E5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\1C Company\BrigadeE5\Uninstall\setup.exe" -l0x5
CCleaner-->"d:\Program Files\CCleaner\uninst.exe"
CDDRV_Installer-->MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Conflict Vietnam-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "d:\Program Files\Sci Games\Conflict Vietnam\Uninstall\setup.exe" -l0x5
CPUID CPU-Z 1.54-->"d:\Program Files\CPUID\CPU-Z\unins000.exe"
Dofus 1.23.0-->C:\Program Files\Dofus\uninstall.exe
EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37}
EPSON Attach To Email-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG
EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}\SETUP.EXE" -l0x9 UNINST
EPSON File Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x9 UNINST
EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x9 -u
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
ESDX4000_4050_CX3900-->C:\Program Files\EPSON\TPMANUAL\ESDX4000_4050_CX3900\USE_G\DOCUNINS.EXE
FlightGear v0.9.10-->"D:\Program Files\FlightGear\unins000.exe"
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Chrome-->"C:\Program Files\Google\Chrome\Application\5.0.375.99\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Prix 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "d:\Grand Prix 4\setup.exe"
Grand Theft Auto Vice City-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}\Setup.exe" -l0x9
Java 2 Runtime Environment, SE v1.4.2_04-->MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142040}
KhalSetup-->MsiExec.exe /I{C89C8D86-4423-4A58-AA40-DD259ACE07C1}
Kill Deal-->"D:\Program Files\MyPlayCity.com\Kill Deal\unins000.exe"
KnightShift-->D:\PRIBEH~1\KSUninst.exe D:\PRIBEH~1\install.log
Kobra 11 Nitro-->"C:\Program Files\TopCD\Kobra 11\unins000.exe"
Labtec Legacy USB Camera Driver Package-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\10.51.1130\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"legacyqcam_10.51" /clone_wait /hide_progress
Locomotion CZ-->D:\Program Files\Atari\Locomotion\loco_eng.exe
Locomotion-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{77F45E76-E897-42CA-A9FE-5F56817D875C}\Setup.exe" -l0x9
Logitech Audio Echo Cancellation Component-->MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x9 UNINSTALL
Logitech QuickCam Driver Package-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.50.1145\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -promptuninstall -arpregkey"lvdrivers_11.50" /clone_wait /hide_progress
Logitech SetPoint-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
Logitech Video Enumerator-->MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Mafia-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\Cenega Czech\Mafia\Uninstall\setup.exe" -l0x5
Micro DVD Player-->C:\Program Files\Micro DVD Player\uninstall.exe
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mizerové II-->"D:\Program Files\Mizerové II\unins000.exe"
Morgan Stream Switcher-->"C:\Program Files\Morgan\mmswitch\uninst.exe"
MotoGP-->"D:\Program Files\MotoGP\unins000.exe"
MotoGP2-->"D:\Program Files\MotoGP2\unins000.exe"
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
Need for Speed™ Carbon-->d:\Need for Speed Carbon\EAUninstall.exe
Nero 6 Ultra Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\562C4DD5\16.8.0.41\InstStub.exe /X
Norton Security Scan-->C:\Program Files\NortonInstaller\{397E31AA-0D78-4649-A01C-339D73A2ED35}\NSS\LicenseType\2.7.3.34\InstStub.exe /X
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
O2 Internet Konfigurator-->C:\Program Files\TO2SSM\unSupportCenter.exe
OpenAL-->"C:\Program Files\OpenAL\OpenALwEAX.exe" /U
OpenOffice.org 2.0-->MsiExec.exe /I{5DB8BFC7-9595-49CC-BF0D-A17D3A83929A}
Opera 10.60-->MsiExec.exe /X{1D2C96C3-A3F3-49E7-B839-95279DED837F}
Opera 9.52-->MsiExec.exe /X{E1A88DE8-BD36-4DEA-8DD8-E35EF475ADC7}
Opera 9.64-->MsiExec.exe /X{E1BBBAC5-2857-4155-82A6-54492CE88620}
Oprava Hotfix systému Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
Prasátko a jeho velký piknik-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1D6FB37A-CBCA-11D6-8940-0002A5E32BEF}\setup.exe" Prasátko a jeho velký piknik
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
Rayman 3 1.0-->"D:\Program Files\Ubi Soft\Rayman 3\unins000.exe"
Real War Rogue States-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF75089-392B-4771-B791-17316E27EBA6}\setup.exe" -l0x9
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x5 -removeonly
Sid Meier's Pirates!-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{1632FD86-1BA4-4FC4-8B25-A8C655D63F68} /l1033
Smart-X7 7.80-->C:\Program Files\A4Tech\Mouse\Uninst32.exe
Sniper Elite-->"C:\Program Files\Sniper Elite\unins000.exe"
Software tiskárny EPSON-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
SWAT 4-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} uninstall
System Search Dispatcher-->"C:\Program Files\System Search Dispatcher\1.3.0.840\unins000.exe"
ToCA Race Driver 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0297C87B-CC40-446F-865A-031B4FC0CF22}\Setup.exe" -l0x5 -removeonly
Tony Hawks Pro Skater 4-->MsiExec.exe /X{E0F07676-2C60-4465-A727-20DE3BFCABAC}
Total Commander (Remove or Repair)-->c:\totalcmd\tcuninst.exe
Toy Story 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B431CA9E-4D14-4386-8BCC-2C13F46B8E70}\setup.exe" Toy Story 2
TRS2004-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDE1289F-4025-41A5-AD17-101DB4D82CA7}\Setup.exe" -l0x5
Ventrilo-->D:\PROGRA~1\Ventrilo\UNWISE.EXE D:\PROGRA~1\Ventrilo\INSTALL.LOG
VentriloMIX-->C:\Program Files\VentriloMIX\Uninstal.exe
Vesmírní kovbojové-->C:\WINDOWS\setup_rangers.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Wings Over Europe-->"D:\Program Files\Wings Over Europe\unins000.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: Norton Internet Security
FW: Norton Internet Security

======System event log======

Computer Name: JOHNY
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Sledování umístění v síti (NLA) úspěšně odeslán.

Record Number: 9327
Source Name: Service Control Manager
Time Written: 20100523162650.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: JOHNY
Event Code: 2003
Message: Symantec Antivirus minifilter successfully loaded.

Record Number: 9326
Source Name: SRTSP
Time Written: 20100523162647.000000+120
Event Type: Informace
User:

Computer Name: JOHNY
Event Code: 10
Message: Neprokázalo se, že by tato jednotka podporovala digitální přehrávání zvuku.

Record Number: 9325
Source Name: redbook
Time Written: 20100523162647.000000+120
Event Type: Informace
User:

Computer Name: JOHNY
Event Code: 6005
Message: Služba Event Log byla spuštěna.

Record Number: 9324
Source Name: EventLog
Time Written: 20100523162636.000000+120
Event Type: Informace
User:

Computer Name: JOHNY
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 3 Uniprocessor Free.

Record Number: 9323
Source Name: EventLog
Time Written: 20100523162636.000000+120
Event Type: Informace
User:

=====Application event log=====

Computer Name: JOHNY
Event Code: 0
Message:
Record Number: 5
Source Name: ICQ Service
Time Written: 20100508054426.000000+120
Event Type: Informace
User:

Computer Name: JOHNY
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 4
Source Name: SecurityCenter
Time Written: 20100507193225.000000+120
Event Type: Informace
User:

Computer Name: JOHNY
Event Code: 35
Message: Služba 'Norton Internet Security' je spuštěna.

Record Number: 3
Source Name: Norton Internet Security
Time Written: 20100507193214.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: JOHNY
Event Code: 34
Message: Probíhá spuštění služby 'Norton Internet Security'.

Record Number: 2
Source Name: Norton Internet Security
Time Written: 20100507193214.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: JOHNY
Event Code: 0
Message:
Record Number: 1
Source Name: ICQ Service
Time Written: 20100507193213.000000+120
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Common Files\DivX Shared
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0409
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------
Nahoru
Uživatelský avatar
earl
VIP
VIP
Příspěvky: 1279
Registrován: 14 pro 2005 20:59
Bydliště: Brno

Re: internet

#30 Příspěvek od earl »

Potrebuji soubor log.txt,nikoliv info.txt.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
ObrázekAKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ObrázekZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
ObrázekNEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
Obrázek Obrázek
Obrázek Obrázek
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“