Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Akutní problém
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Akutní problém
možné to je...ten log máte?
Re: Akutní problém
Který? RSIT, nebo ComboFix? Z RSIT už jsem posílal a ComboFix probíhal, když se to vyplo...a teď PC ani nejde zapnout...
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Akutní problém
jako vůbec nejde zapnout, ani v nouzovém režimu?
Re: Akutní problém
Vůbec. Zkoušel jsem to několikrát...vždycky jen blikne, jako že začíná nabíhat, ale ani ne po vteřině zas umře...
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Akutní problém
zkuste pc ručně zapnout, hned po startu mačkejte F8 a následně vyberte Poslední známá funkční konfigurace
Re: Akutní problém
Vůbec nic...zkouším pouze zmáčknout, ale to nejdede ani tak dlouho, aby začal reagovat na F8. Zkouším podržet tlačítko a při tom mačkat F8, ale počítač reaguje jen asi dvě vteřiny a pak se vypne....
Re: Akutní problém
Beru všechno zpět, protože jsem asi totální idiot...Omlouvám se...jedná se o notebook a já vůl ho nemám v zásuvce, protože jsme ho narychlo přemisťovali...doufám tedy, že jde jen o prázdnou baterku....
Re: Akutní problém
Dorazil zdroják a jede to...ComboFix spustím znovu...
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Akutní problém
to se stává
Re: Akutní problém
Logfile of random's system information tool 1.08 (written by random/random)
Run by OEM at 2010-07-14 19:18:13
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 39 GB (26%) free of 148 GB
Total RAM: 2038 MB (87% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-06-03 1615200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
TorrentMan Toolbar - C:\Program Files\TorrentMan\tbTor1.dll [2010-05-26 2515552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{7c5c0f58-e061-457d-9033-77307f5ed00c} - TorrentMan Toolbar - C:\Program Files\TorrentMan\tbTor1.dll [2010-05-26 2515552]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-29 16132608]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-04-21 138008]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-04-21 142104]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-04-21 162584]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-12 53248]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-04 69632]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-06-03 2065248]
"ftmbvxfq"=C:\Documents and Settings\OEM\Local Settings\Data aplikací\freonehsw\pnellietssd.exe [2010-07-14 289024]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ftmbvxfq"=C:\Documents and Settings\OEM\Local Settings\Data aplikací\freonehsw\pnellietssd.exe [2010-07-14 289024]
"Sdanozi"=C:\WINDOWS\mshSPl.dll,Startup []
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-05-08 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-04-17 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Team17\Worms2\frontend.exe"="C:\Program Files\Team17\Worms2\frontend.exe:*:Enabled:Worms 2 Frontend"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-07-14 19:18:14 ----D---- C:\Program Files\trend micro
2010-07-14 19:16:34 ----D---- C:\WINDOWS\CSC
2010-07-14 19:16:25 ----A---- C:\WINDOWS\ntbtlog.txt
2010-07-14 19:05:01 ----D---- C:\rsit
2010-07-14 18:05:12 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-07-14 18:05:11 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-07-14 18:05:10 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-07-14 18:05:09 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-07-14 18:05:07 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-07-14 18:05:07 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-07-14 18:05:06 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-07-14 18:05:03 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-07-14 17:58:58 ----D---- C:\Program Files\Alwil Software
2010-07-14 17:58:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-07-14 17:09:46 ----D---- C:\WINDOWS\system32\MpEngineStore
2010-07-14 14:13:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-14 14:13:12 ----A---- C:\WINDOWS\system32\MRT.INI
2010-07-14 13:19:45 ----A---- C:\WINDOWS\axarojewujoxuce.dll
2010-06-23 16:15:39 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2010-06-16 20:28:42 ----D---- C:\Program Files\Common Files\Skype
======List of files/folders modified in the last 1 months======
2010-07-14 19:18:14 ----RD---- C:\Program Files
2010-07-14 19:16:45 ----D---- C:\Documents and Settings
2010-07-14 19:16:34 ----D---- C:\WINDOWS
2010-07-14 19:15:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-14 19:14:21 ----D---- C:\WINDOWS\system32
2010-07-14 19:14:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-14 19:12:04 ----D---- C:\WINDOWS\Prefetch
2010-07-14 19:11:18 ----D---- C:\WINDOWS\Temp
2010-07-14 18:05:12 ----D---- C:\WINDOWS\system32\drivers
2010-07-14 18:02:20 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-14 14:13:49 ----HD---- C:\WINDOWS\inf
2010-07-14 14:13:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-14 14:13:20 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-14 13:22:47 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-07-13 15:30:42 ----D---- C:\Documents and Settings\OEM\Data aplikací\Skype
2010-07-13 08:51:34 ----D---- C:\Documents and Settings\OEM\Data aplikací\skypePM
2010-07-02 21:39:05 ----A---- C:\WINDOWS\system32\MRT.exe
2010-06-30 14:09:51 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-28 20:48:30 ----D---- C:\Program Files\ICQ6.5
2010-06-28 07:55:49 ----D---- C:\Program Files\Mozilla Firefox
2010-06-27 14:13:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\NOS
2010-06-16 20:28:55 ----SHD---- C:\WINDOWS\Installer
2010-06-16 20:28:49 ----RD---- C:\Program Files\Skype
2010-06-16 20:28:42 ----D---- C:\Program Files\Common Files
2010-06-16 20:28:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-06-03 242896]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-04-30 2206976]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
S1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-05-08 216200]
S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-03 29584]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
S2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
S2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-03-24 539072]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-03-24 37424]
S3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-04-01 876384]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-03-24 149123]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-04-01 55352]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-03-24 67960]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-12-23 988800]
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-12-23 209664]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-04-17 5760096]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-31 4424192]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-01-25 290304]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-12-23 730112]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AlerterALG;Výstrahy AlerterALG; C:\Documents and Settings\OEM\svchost.exe [2008-04-14 14336]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-05-08 308064]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-04-01 273256]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
S2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 RasAutoNtmsSvc;Správce automatického připojení pomocí vzdáleného přístupu RasAutoNtmsSvc; C:\WINDOWS\system32\adsndsn.exe srv []
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
-----------------EOF-----------------
Run by OEM at 2010-07-14 19:18:13
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 39 GB (26%) free of 148 GB
Total RAM: 2038 MB (87% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-06-03 1615200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
TorrentMan Toolbar - C:\Program Files\TorrentMan\tbTor1.dll [2010-05-26 2515552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{7c5c0f58-e061-457d-9033-77307f5ed00c} - TorrentMan Toolbar - C:\Program Files\TorrentMan\tbTor1.dll [2010-05-26 2515552]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-29 16132608]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-04-21 138008]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-04-21 142104]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-04-21 162584]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-12 53248]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-04 69632]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-06-03 2065248]
"ftmbvxfq"=C:\Documents and Settings\OEM\Local Settings\Data aplikací\freonehsw\pnellietssd.exe [2010-07-14 289024]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ftmbvxfq"=C:\Documents and Settings\OEM\Local Settings\Data aplikací\freonehsw\pnellietssd.exe [2010-07-14 289024]
"Sdanozi"=C:\WINDOWS\mshSPl.dll,Startup []
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-05-08 12464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-04-17 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Team17\Worms2\frontend.exe"="C:\Program Files\Team17\Worms2\frontend.exe:*:Enabled:Worms 2 Frontend"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-07-14 19:18:14 ----D---- C:\Program Files\trend micro
2010-07-14 19:16:34 ----D---- C:\WINDOWS\CSC
2010-07-14 19:16:25 ----A---- C:\WINDOWS\ntbtlog.txt
2010-07-14 19:05:01 ----D---- C:\rsit
2010-07-14 18:05:12 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-07-14 18:05:11 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-07-14 18:05:10 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-07-14 18:05:09 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-07-14 18:05:07 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-07-14 18:05:07 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-07-14 18:05:06 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-07-14 18:05:03 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-07-14 17:58:58 ----D---- C:\Program Files\Alwil Software
2010-07-14 17:58:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-07-14 17:09:46 ----D---- C:\WINDOWS\system32\MpEngineStore
2010-07-14 14:13:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-14 14:13:12 ----A---- C:\WINDOWS\system32\MRT.INI
2010-07-14 13:19:45 ----A---- C:\WINDOWS\axarojewujoxuce.dll
2010-06-23 16:15:39 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2010-06-16 20:28:42 ----D---- C:\Program Files\Common Files\Skype
======List of files/folders modified in the last 1 months======
2010-07-14 19:18:14 ----RD---- C:\Program Files
2010-07-14 19:16:45 ----D---- C:\Documents and Settings
2010-07-14 19:16:34 ----D---- C:\WINDOWS
2010-07-14 19:15:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-14 19:14:21 ----D---- C:\WINDOWS\system32
2010-07-14 19:14:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-14 19:12:04 ----D---- C:\WINDOWS\Prefetch
2010-07-14 19:11:18 ----D---- C:\WINDOWS\Temp
2010-07-14 18:05:12 ----D---- C:\WINDOWS\system32\drivers
2010-07-14 18:02:20 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-14 14:13:49 ----HD---- C:\WINDOWS\inf
2010-07-14 14:13:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-14 14:13:20 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-14 13:22:47 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-07-13 15:30:42 ----D---- C:\Documents and Settings\OEM\Data aplikací\Skype
2010-07-13 08:51:34 ----D---- C:\Documents and Settings\OEM\Data aplikací\skypePM
2010-07-02 21:39:05 ----A---- C:\WINDOWS\system32\MRT.exe
2010-06-30 14:09:51 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-28 20:48:30 ----D---- C:\Program Files\ICQ6.5
2010-06-28 07:55:49 ----D---- C:\Program Files\Mozilla Firefox
2010-06-27 14:13:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\NOS
2010-06-16 20:28:55 ----SHD---- C:\WINDOWS\Installer
2010-06-16 20:28:49 ----RD---- C:\Program Files\Skype
2010-06-16 20:28:42 ----D---- C:\Program Files\Common Files
2010-06-16 20:28:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-06-03 242896]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-04-30 2206976]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
S1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-05-08 216200]
S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-03 29584]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
S2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
S2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
S2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-03-24 539072]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-03-24 37424]
S3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-04-01 876384]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-03-24 149123]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-04-01 55352]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-03-24 67960]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-12-23 988800]
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-12-23 209664]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-04-17 5760096]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-31 4424192]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-01-25 290304]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-12-23 730112]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AlerterALG;Výstrahy AlerterALG; C:\Documents and Settings\OEM\svchost.exe [2008-04-14 14336]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-05-08 308064]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-04-01 273256]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
S2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 RasAutoNtmsSvc;Správce automatického připojení pomocí vzdáleného přístupu RasAutoNtmsSvc; C:\WINDOWS\system32\adsndsn.exe srv []
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
-----------------EOF-----------------
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Akutní problém
potřebovala bych vidět log z toho Combofixu 
najdete ho zde C:/Combofix.txt (při opakovaném použití jsou logy označeny Combofix2.txt atd.), vložte sem ten s nejvyšším číslem
najdete ho zde C:/Combofix.txt (při opakovaném použití jsou logy označeny Combofix2.txt atd.), vložte sem ten s nejvyšším číslem
Re: Akutní problém
Tak to jsem asi zas nějak zkonil...Asi budu muset ComboFix teda spustit znovu...Jste tady každý den? Já totiž už asi budu muset jít zalehnout, protože brzo vstávám do práce, tak jestli by nebylo možno pokračovat zítra....
Re: Akutní problém
No..budu to muset risknout...Tak zatím děkuji..nashledanou
-
1danab
- Nováček
- Příspěvky: 1412
- Registrován: 21 říj 2007 13:04
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Akutní problém
určitě tady budu to zvládneme, nebojte 
na cokoliv se budete chtít zeptat, klidně se ptejte...dobrou noc
to zvládneme, nebojte na cokoliv se budete chtít zeptat, klidně se ptejte...dobrou noc
Re: Akutní problém
ComboFix 10-07-14.01 - Administrator 15.07.2010 7:27.2.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1697 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\OEM\Local Settings\Temp\{79236CD3-FC16-4566-966B-0E6C2848920D}\{60DE4033-9503-48D1-A483-7846BD217CA9}\FlashPlayerControl.dll
c:\documents and settings\OEM\Local Settings\Temp\{F4DE3541-D423-4B73-9AAB-5FE3EC032216}\{60DE4033-9503-48D1-A483-7846BD217CA9}\FlashPlayerControl.dll
c:\documents and settings\OEM\Local Settings\Temp\~e5.0001
c:\documents and settings\OEM\Local Settings\Temp\128.tmp
c:\documents and settings\OEM\Local Settings\Temp\6ACC2D~1.exe
c:\documents and settings\OEM\Local Settings\Temp\718631~1.exe
c:\documents and settings\OEM\Local Settings\Temp\7zS3.tmp\dbghelp.dll
c:\documents and settings\OEM\Local Settings\Temp\7zS3.tmp\stub.exe
c:\documents and settings\OEM\Local Settings\Temp\7zS5.tmp\avgsetup.exe
c:\documents and settings\OEM\Local Settings\Temp\7zS5.tmp\sporder.dll
c:\documents and settings\OEM\Local Settings\Temp\AutoRun.exe
c:\documents and settings\OEM\Local Settings\Temp\AutoRunGUI.dll
c:\documents and settings\OEM\Local Settings\Temp\AVGDownloadManager\packages\u9iavi2860en.bin
c:\documents and settings\OEM\Local Settings\Temp\AVGDownloadManager\packages\u9ichjw4qt.bin
c:\documents and settings\OEM\Local Settings\Temp\BitLord_1.01.exe
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\browser.exe
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ARB\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\CSY\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\DAN\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\DEU\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ELL\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ENG\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ENU\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ESM\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ESP\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\FIN\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\FRA\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\FRC\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\HEB\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\HUN\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\CHS\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\CHT\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ITA\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\JPN\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\NLD\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\NOR\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\PLK\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\PTG\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\RUS\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\SVE\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\THA\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\TRK\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ZHH\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\E8FC7D~1.exe
c:\documents and settings\OEM\Local Settings\Temp\EAInstall.dll
c:\documents and settings\OEM\Local Settings\Temp\eauninstall.exe
c:\documents and settings\OEM\Local Settings\Temp\fox1B.tmp\Foxit Reader Setup.exe
c:\documents and settings\OEM\Local Settings\Temp\fox1B.tmp\Foxit Reader.exe
c:\documents and settings\OEM\Local Settings\Temp\fox1B.tmp\Uninstall.exe
c:\documents and settings\OEM\Local Settings\Temp\GLB1B.tmp
c:\documents and settings\OEM\Local Settings\Temp\GLB32.tmp
c:\documents and settings\OEM\Local Settings\Temp\IcqUpdater.exe
c:\documents and settings\OEM\Local Settings\Temp\IPMx3\Lang\PackMan\CSY\packmancsy.dll
c:\documents and settings\OEM\Local Settings\Temp\IXP000.TMP\VCREDI~3.EXE
c:\documents and settings\OEM\Local Settings\Temp\jKPIEYwLok.exe
c:\documents and settings\OEM\Local Settings\Temp\Need for Speed Most Wanted_uninst.exe
c:\documents and settings\OEM\Local Settings\Temp\niIbBggDVR.exe
c:\documents and settings\OEM\Local Settings\Temp\pdfupd.exe
c:\documents and settings\OEM\Local Settings\Temp\RtkBtMnt.exe
c:\documents and settings\OEM\Local Settings\Temp\setb0.tmp
c:\documents and settings\OEM\Local Settings\Temp\setb1.tmp
c:\documents and settings\OEM\Local Settings\Temp\setb2.tmp
c:\documents and settings\OEM\Local Settings\Temp\setb3.tmp
c:\documents and settings\OEM\Local Settings\Temp\setup.exe
c:\documents and settings\OEM\Local Settings\Temp\SkypeSetup.exe
c:\documents and settings\OEM\Local Settings\Temp\TorrentManToolbar.exe
.
---- Předchozí spuštění -------
.
c:\documents and settings\OEM\svchost.exe
c:\windows\axarojewujoxuce.dll
c:\windows\system32\2085561878.dat
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\wiaservim.log
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_RASAUTONTMSSVC
-------\Service_RasAutoNtmsSvc
-------\Legacy_AlerterALG
-------\Service_AlerterALG
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-15 do 2010-07-15 )))))))))))))))))))))))))))))))
.
2010-07-14 17:18 . 2010-07-14 17:18 -------- d-----w- c:\program files\trend micro
2010-07-14 17:17 . 2010-07-14 17:17 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-07-14 17:05 . 2010-07-14 17:18 -------- d-----w- C:\rsit
2010-07-14 16:05 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-07-14 16:05 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-07-14 16:05 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-07-14 16:05 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-07-14 16:05 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-07-14 16:05 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-07-14 16:05 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-07-14 16:05 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-07-14 16:05 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-07-14 15:58 . 2010-07-14 15:58 -------- d-----w- c:\program files\Alwil Software
2010-07-14 15:09 . 2010-07-14 16:08 -------- d-----w- c:\windows\system32\MpEngineStore
2010-07-14 11:24 . 2010-07-14 11:24 -------- d-sh--w- c:\documents and settings\OEM\IECompatCache
2010-07-14 08:07 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-06-23 14:15 . 2008-04-13 17:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-06-23 14:15 . 2008-04-13 17:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-06-16 18:28 . 2010-06-16 18:28 -------- d-----w- c:\program files\Common Files\Skype
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-15 05:28 . 2004-08-18 12:00 47404 ----a-w- c:\windows\system32\perfc005.dat
2010-07-15 05:28 . 2004-08-18 12:00 313208 ----a-w- c:\windows\system32\perfh005.dat
2010-06-28 18:48 . 2009-07-14 14:11 -------- d-----w- c:\program files\ICQ6.5
2010-06-16 18:28 . 2009-02-02 16:18 -------- d-----r- c:\program files\Skype
2010-06-14 14:31 . 2008-11-14 12:33 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-03 08:35 . 2009-07-12 15:37 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-06-03 08:35 . 2009-07-12 15:37 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-05-08 09:06 . 2009-07-12 15:37 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-05-08 09:06 . 2009-07-12 15:37 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-05-06 10:35 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:09 . 2004-08-18 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:32 . 2004-08-18 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
2010-05-26 15:56 2515552 ----a-w- c:\program files\TorrentMan\tbTor1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTor1.dll" [2010-05-26 2515552]
[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-29 16132608]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-21 138008]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-21 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-21 162584]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-12 53248]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-03 2065248]
"ftmbvxfq"="c:\documents and settings\OEM\Local Settings\Data aplikací\freonehsw\pnellietssd.exe" [2010-07-14 289024]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-11-14 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-05-08 09:06 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Team17\\Worms2\\frontend.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [12.7.2009 17:37 242896]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.7.2010 18:05 165456]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12.7.2009 17:37 216200]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.7.2010 18:05 17744]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [8.5.2010 11:05 308064]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [15.11.2008 22:59 222968]
.
.
------- Doplňkový sken -------
.
FF - ProfilePath - c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\4cyulq2l.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1640187&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=39&tp=ab&q=
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJPI150_02.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-15 07:33
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-07-15 07:35:51
ComboFix-quarantined-files.txt 2010-07-15 05:35
Před spuštěním: Volných bajtů: 40 778 878 976
Po spuštění: Volných bajtů: 40 738 402 304
- - End Of File - - 92544F1A4EB6CE131E6A194D2F7AB2BF
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1697 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\OEM\Local Settings\Temp\{79236CD3-FC16-4566-966B-0E6C2848920D}\{60DE4033-9503-48D1-A483-7846BD217CA9}\FlashPlayerControl.dll
c:\documents and settings\OEM\Local Settings\Temp\{F4DE3541-D423-4B73-9AAB-5FE3EC032216}\{60DE4033-9503-48D1-A483-7846BD217CA9}\FlashPlayerControl.dll
c:\documents and settings\OEM\Local Settings\Temp\~e5.0001
c:\documents and settings\OEM\Local Settings\Temp\128.tmp
c:\documents and settings\OEM\Local Settings\Temp\6ACC2D~1.exe
c:\documents and settings\OEM\Local Settings\Temp\718631~1.exe
c:\documents and settings\OEM\Local Settings\Temp\7zS3.tmp\dbghelp.dll
c:\documents and settings\OEM\Local Settings\Temp\7zS3.tmp\stub.exe
c:\documents and settings\OEM\Local Settings\Temp\7zS5.tmp\avgsetup.exe
c:\documents and settings\OEM\Local Settings\Temp\7zS5.tmp\sporder.dll
c:\documents and settings\OEM\Local Settings\Temp\AutoRun.exe
c:\documents and settings\OEM\Local Settings\Temp\AutoRunGUI.dll
c:\documents and settings\OEM\Local Settings\Temp\AVGDownloadManager\packages\u9iavi2860en.bin
c:\documents and settings\OEM\Local Settings\Temp\AVGDownloadManager\packages\u9ichjw4qt.bin
c:\documents and settings\OEM\Local Settings\Temp\BitLord_1.01.exe
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\browser.exe
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ARB\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\CSY\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\DAN\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\DEU\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ELL\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ENG\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ENU\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ESM\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ESP\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\FIN\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\FRA\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\FRC\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\HEB\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\HUN\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\CHS\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\CHT\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ITA\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\JPN\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\NLD\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\NOR\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\PLK\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\PTG\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\RUS\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\SVE\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\THA\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\TRK\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\daaa7f99-a00b-4021-a214-6898e09a4ee9\CD\lang\ZHH\browser.lng
c:\documents and settings\OEM\Local Settings\Temp\E8FC7D~1.exe
c:\documents and settings\OEM\Local Settings\Temp\EAInstall.dll
c:\documents and settings\OEM\Local Settings\Temp\eauninstall.exe
c:\documents and settings\OEM\Local Settings\Temp\fox1B.tmp\Foxit Reader Setup.exe
c:\documents and settings\OEM\Local Settings\Temp\fox1B.tmp\Foxit Reader.exe
c:\documents and settings\OEM\Local Settings\Temp\fox1B.tmp\Uninstall.exe
c:\documents and settings\OEM\Local Settings\Temp\GLB1B.tmp
c:\documents and settings\OEM\Local Settings\Temp\GLB32.tmp
c:\documents and settings\OEM\Local Settings\Temp\IcqUpdater.exe
c:\documents and settings\OEM\Local Settings\Temp\IPMx3\Lang\PackMan\CSY\packmancsy.dll
c:\documents and settings\OEM\Local Settings\Temp\IXP000.TMP\VCREDI~3.EXE
c:\documents and settings\OEM\Local Settings\Temp\jKPIEYwLok.exe
c:\documents and settings\OEM\Local Settings\Temp\Need for Speed Most Wanted_uninst.exe
c:\documents and settings\OEM\Local Settings\Temp\niIbBggDVR.exe
c:\documents and settings\OEM\Local Settings\Temp\pdfupd.exe
c:\documents and settings\OEM\Local Settings\Temp\RtkBtMnt.exe
c:\documents and settings\OEM\Local Settings\Temp\setb0.tmp
c:\documents and settings\OEM\Local Settings\Temp\setb1.tmp
c:\documents and settings\OEM\Local Settings\Temp\setb2.tmp
c:\documents and settings\OEM\Local Settings\Temp\setb3.tmp
c:\documents and settings\OEM\Local Settings\Temp\setup.exe
c:\documents and settings\OEM\Local Settings\Temp\SkypeSetup.exe
c:\documents and settings\OEM\Local Settings\Temp\TorrentManToolbar.exe
.
---- Předchozí spuštění -------
.
c:\documents and settings\OEM\svchost.exe
c:\windows\axarojewujoxuce.dll
c:\windows\system32\2085561878.dat
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\wiaservim.log
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_RASAUTONTMSSVC
-------\Service_RasAutoNtmsSvc
-------\Legacy_AlerterALG
-------\Service_AlerterALG
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-15 do 2010-07-15 )))))))))))))))))))))))))))))))
.
2010-07-14 17:18 . 2010-07-14 17:18 -------- d-----w- c:\program files\trend micro
2010-07-14 17:17 . 2010-07-14 17:17 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-07-14 17:05 . 2010-07-14 17:18 -------- d-----w- C:\rsit
2010-07-14 16:05 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-07-14 16:05 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-07-14 16:05 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-07-14 16:05 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-07-14 16:05 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-07-14 16:05 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-07-14 16:05 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-07-14 16:05 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-07-14 16:05 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-07-14 15:58 . 2010-07-14 15:58 -------- d-----w- c:\program files\Alwil Software
2010-07-14 15:09 . 2010-07-14 16:08 -------- d-----w- c:\windows\system32\MpEngineStore
2010-07-14 11:24 . 2010-07-14 11:24 -------- d-sh--w- c:\documents and settings\OEM\IECompatCache
2010-07-14 08:07 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-06-23 14:15 . 2008-04-13 17:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-06-23 14:15 . 2008-04-13 17:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-06-16 18:28 . 2010-06-16 18:28 -------- d-----w- c:\program files\Common Files\Skype
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-15 05:28 . 2004-08-18 12:00 47404 ----a-w- c:\windows\system32\perfc005.dat
2010-07-15 05:28 . 2004-08-18 12:00 313208 ----a-w- c:\windows\system32\perfh005.dat
2010-06-28 18:48 . 2009-07-14 14:11 -------- d-----w- c:\program files\ICQ6.5
2010-06-16 18:28 . 2009-02-02 16:18 -------- d-----r- c:\program files\Skype
2010-06-14 14:31 . 2008-11-14 12:33 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-03 08:35 . 2009-07-12 15:37 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-06-03 08:35 . 2009-07-12 15:37 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-05-08 09:06 . 2009-07-12 15:37 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-05-08 09:06 . 2009-07-12 15:37 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-05-06 10:35 . 2004-08-18 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:09 . 2004-08-18 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:32 . 2004-08-18 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
2010-05-26 15:56 2515552 ----a-w- c:\program files\TorrentMan\tbTor1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTor1.dll" [2010-05-26 2515552]
[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-29 16132608]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-21 138008]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-21 142104]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-21 162584]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-12 53248]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-03 2065248]
"ftmbvxfq"="c:\documents and settings\OEM\Local Settings\Data aplikací\freonehsw\pnellietssd.exe" [2010-07-14 289024]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2008-11-14 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-05-08 09:06 12464 ----a-w- c:\windows\system32\avgrsstx.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Team17\\Worms2\\frontend.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [12.7.2009 17:37 242896]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.7.2010 18:05 165456]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [12.7.2009 17:37 216200]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.7.2010 18:05 17744]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [8.5.2010 11:05 308064]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [15.11.2008 22:59 222968]
.
.
------- Doplňkový sken -------
.
FF - ProfilePath - c:\documents and settings\OEM\Data aplikací\Mozilla\Firefox\Profiles\4cyulq2l.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1640187&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.webhledani.cz/results.aspx?i=39&tp=ab&q=
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\Java\jre1.5.0_02\bin\NPJPI150_02.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-15 07:33
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-07-15 07:35:51
ComboFix-quarantined-files.txt 2010-07-15 05:35
Před spuštěním: Volných bajtů: 40 778 878 976
Po spuštění: Volných bajtů: 40 738 402 304
- - End Of File - - 92544F1A4EB6CE131E6A194D2F7AB2BF
Přispějete na provoz fóra?