Problem s explorer.exe

Zpráva

libor_berka · #16 Příspěvek od **libor_berka** » 31 črc 2010 19:51

Takze jsem trochu stagnoval protoze mel proble se znovuspustenim toho Combofixu.
Ale nakonec jsem jej precejenom spustil po novem jeho nainstalovani.
Zrejme po zakonceni jeho procesovani se podarilo problem s tim explorererm vyresit aspon
tak ze po startu Skypu jiz nenabehne se spotrebou procesoru.
Novy log z combofixu po teto korekture nize:

ComboFix 10-07-31.01 - Libor 31.07.2010 17:51:39.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2038.1035 [GMT 0:00]
Spuštěný z: c:\documents and settings\Libor\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
ADS - drivers: deleted 204 bytes in 1 streams.

((((((((((((((((((((((((( Soubory vytvořené od 2010-06-28 do 2010-07-31 )))))))))))))))))))))))))))))))
.

2010-07-31 16:20 . 2010-07-31 16:20 -------- d-----w- c:\program files\Common Files\Skype
2010-07-31 16:20 . 2010-07-31 16:20 -------- d-----r- c:\program files\Skype
2010-07-31 13:23 . 2010-07-31 13:25 -------- d-----w- c:\program files\Unlocker
2010-07-30 11:59 . 2010-07-30 13:34 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-07-29 19:08 . 2010-07-29 19:08 -------- d-----w- c:\windows\system32\AppData
2010-07-29 19:06 . 2010-07-29 19:49 -------- d-----w- c:\program files\All in one Cleaner
2010-07-29 19:06 . 2002-03-01 17:58 50688 ----a-w- c:\windows\system32\wbhelp2.dll
2010-07-29 19:06 . 2002-03-01 17:58 28160 ----a-w- c:\windows\system32\anim.dll
2010-07-29 15:24 . 2010-07-29 15:24 -------- d-----w- C:\Process_Explorer
2010-07-24 14:07 . 2010-07-27 14:47 -------- d-----w- C:\ZZZZZZZZ
2010-07-23 18:56 . 2010-07-23 19:03 -------- d-----w- c:\program files\Common Files\Ahead
2010-07-23 15:29 . 2010-07-23 15:29 3208 ----a-w- c:\windows\im32st.dat
2010-07-23 13:51 . 2010-07-23 13:51 -------- d-----w- c:\program files\PJsoft
2010-07-23 13:35 . 2010-07-23 13:35 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-07-23 11:48 . 2010-07-27 22:39 -------- d-----w- c:\program files\trend micro
2010-07-23 11:47 . 2010-07-27 22:42 -------- d-----w- C:\rsit
2010-07-19 21:36 . 2010-07-19 21:36 -------- d-----w- c:\program files\Photo!
2010-07-19 20:50 . 2010-07-29 19:36 -------- d-----w- C:\Microsoft Photo Editor
2010-07-19 12:19 . 2010-07-19 15:23 -------- d-----w- c:\program files\KillSoft
2010-07-17 19:25 . 2010-07-17 19:25 -------- d-----w- c:\program files\GiPo@Utilities
2010-07-17 19:25 . 2010-07-17 19:25 -------- d-----w- c:\program files\Common Files\Gibinsoft Shared
2010-07-15 16:32 . 2010-07-15 16:32 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-15 16:32 . 2010-07-15 16:32 420192 ----a-w- c:\temp\fixcfg.exe
2010-07-14 19:58 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-12 19:25 . 2010-07-30 11:26 -------- d-----w- c:\program files\Security Task Manager
2010-07-10 16:51 . 2010-07-10 16:51 -------- d-----w- c:\program files\4Easysoft Studio

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-31 17:20 . 2001-10-13 13:11 78 ----a-w- c:\windows\battery.dat
2010-07-31 16:21 . 2001-10-25 14:00 601192 ----a-w- c:\windows\system32\perfh005.dat
2010-07-31 16:21 . 2001-10-25 14:00 143322 ----a-w- c:\windows\system32\perfc005.dat
2010-07-30 12:59 . 2010-07-30 13:06 4804096 ----a-w- c:\windows\Internet Logs\xDB2B7.tmp
2010-07-30 11:26 . 2010-04-15 15:12 -------- d-----w- c:\program files\PHPRunner4.2
2010-07-30 01:18 . 2010-07-30 10:58 4813824 ----a-w- c:\windows\Internet Logs\xDB2B6.tmp
2010-07-29 21:01 . 2008-09-17 13:18 -------- d-----w- c:\program files\ShowIP
2010-07-29 19:37 . 2009-03-06 02:09 -------- d-----w- c:\program files\TC UP
2010-07-29 19:37 . 2008-08-11 17:58 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-07-29 19:37 . 2010-03-17 14:12 -------- d-----w- c:\program files\ImageConverter Plus
2010-07-29 15:51 . 2010-07-29 16:50 54272 ----a-w- c:\windows\Internet Logs\xDB2B9.tmp
2010-07-29 15:50 . 2010-07-29 16:50 4795904 ----a-w- c:\windows\Internet Logs\xDB2B5.tmp
2010-07-29 11:27 . 2010-07-29 11:34 4794368 ----a-w- c:\windows\Internet Logs\xDB2B2.tmp
2010-07-29 11:27 . 2010-07-29 11:34 118784 ----a-w- c:\windows\Internet Logs\xDB2B4.tmp
2010-07-29 04:15 . 2010-07-29 11:16 4800512 ----a-w- c:\windows\Internet Logs\xDB2B1.tmp
2010-07-28 21:47 . 2010-07-28 21:55 4807168 ----a-w- c:\windows\Internet Logs\xDB2B0.tmp
2010-07-28 14:05 . 2010-07-28 14:17 2664448 ----a-w- c:\windows\Internet Logs\xDB2B3.tmp
2010-07-28 14:05 . 2010-07-28 14:16 4794880 ----a-w- c:\windows\Internet Logs\xDB2AF.tmp
2010-07-28 11:03 . 2010-07-28 11:11 4795392 ----a-w- c:\windows\Internet Logs\xDB2AE.tmp
2010-07-27 22:45 . 2010-07-27 23:00 4797440 ----a-w- c:\windows\Internet Logs\xDB2AD.tmp
2010-07-27 13:45 . 2010-07-27 14:54 4794368 ----a-w- c:\windows\Internet Logs\xDB2AC.tmp
2010-07-26 23:09 . 2010-07-27 12:04 4809728 ----a-w- c:\windows\Internet Logs\xDB2AB.tmp
2010-07-26 00:00 . 2010-07-26 11:15 4795904 ----a-w- c:\windows\Internet Logs\xDB2AA.tmp
2010-07-24 23:45 . 2010-07-24 23:56 4795904 ----a-w- c:\windows\Internet Logs\xDB2A9.tmp
2010-07-24 21:53 . 2008-08-13 14:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-21 18:49 . 2010-07-21 19:52 4780544 ----a-w- c:\windows\Internet Logs\xDB2A8.tmp
2010-07-20 18:07 . 2010-07-20 19:55 4778496 ----a-w- c:\windows\Internet Logs\xDB2A7.tmp
2010-07-19 23:37 . 2010-07-20 11:21 4780544 ----a-w- c:\windows\Internet Logs\xDB2A6.tmp
2010-07-19 16:45 . 2010-07-19 19:40 4771840 ----a-w- c:\windows\Internet Logs\xDB2A5.tmp
2010-07-19 15:19 . 2010-07-19 15:29 4813824 ----a-w- c:\windows\Internet Logs\xDB2A4.tmp
2010-07-19 01:05 . 2010-07-19 11:02 4774400 ----a-w- c:\windows\Internet Logs\xDB2A3.tmp
2010-07-18 17:06 . 2010-07-18 20:46 4771840 ----a-w- c:\windows\Internet Logs\xDB2A2.tmp
2010-07-18 01:34 . 2010-07-18 12:10 4773376 ----a-w- c:\windows\Internet Logs\xDB2A1.tmp
2010-07-17 18:16 . 2010-07-17 18:28 4775936 ----a-w- c:\windows\Internet Logs\xDB2A0.tmp
2010-07-15 16:33 . 2008-08-11 15:05 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-15 16:27 . 2008-08-11 15:05 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-15 15:45 . 2010-07-15 16:01 4759552 ----a-w- c:\windows\Internet Logs\xDB29F.tmp
2010-07-15 02:48 . 2010-07-15 12:21 4754432 ----a-w- c:\windows\Internet Logs\xDB29E.tmp
2010-07-14 20:39 . 2010-07-14 20:52 4755968 ----a-w- c:\windows\Internet Logs\xDB29D.tmp
2010-07-13 23:25 . 2010-07-13 23:38 4762112 ----a-w- c:\windows\Internet Logs\xDB29C.tmp
2010-07-13 20:45 . 2010-07-13 21:01 4756992 ----a-w- c:\windows\Internet Logs\xDB29B.tmp
2010-07-13 15:28 . 2010-07-13 15:42 4756992 ----a-w- c:\windows\Internet Logs\xDB29A.tmp
2010-07-13 12:52 . 2010-04-19 16:48 -------- d-----w- c:\program files\FreeCall.com
2010-07-12 20:12 . 2010-07-12 20:29 4731392 ----a-w- c:\windows\Internet Logs\xDB299.tmp
2010-07-12 20:03 . 2010-04-19 19:16 -------- d-----w- c:\program files\TV IR
2010-07-12 16:08 . 2010-07-12 18:38 4670976 ----a-w- c:\windows\Internet Logs\xDB298.tmp
2010-07-11 21:08 . 2010-07-11 21:42 4732928 ----a-w- c:\windows\Internet Logs\xDB297.tmp
2010-07-10 23:47 . 2010-07-11 11:55 4726784 ----a-w- c:\windows\Internet Logs\xDB296.tmp
2010-07-09 23:40 . 2010-07-10 11:49 4730880 ----a-w- c:\windows\Internet Logs\xDB295.tmp
2010-07-09 20:54 . 2008-08-13 12:23 -------- d-----w- c:\program files\Pidgin
2010-07-09 12:32 . 2010-07-09 12:49 4657664 ----a-w- c:\windows\Internet Logs\xDB294.tmp
2010-07-08 12:01 . 2010-07-08 15:02 4650496 ----a-w- c:\windows\Internet Logs\xDB293.tmp
2010-07-07 22:28 . 2010-07-07 22:40 4659712 ----a-w- c:\windows\Internet Logs\xDB291.tmp
2010-07-06 16:57 . 2010-07-06 21:43 2962432 ----a-w- c:\windows\Internet Logs\xDB292.tmp
2010-07-06 16:55 . 2010-07-06 21:42 4644352 ----a-w- c:\windows\Internet Logs\xDB290.tmp
2010-07-05 17:13 . 2010-07-05 17:30 4643840 ----a-w- c:\windows\Internet Logs\xDB28F.tmp
2010-07-05 00:55 . 2010-07-05 11:24 4653056 ----a-w- c:\windows\Internet Logs\xDB28E.tmp
2010-07-04 17:08 . 2010-07-04 17:18 4682752 ----a-w- c:\windows\Internet Logs\xDB28D.tmp
2010-07-03 23:39 . 2010-07-04 12:10 4642816 ----a-w- c:\windows\Internet Logs\xDB28C.tmp
2010-07-02 23:56 . 2010-07-03 12:31 4680704 ----a-w- c:\windows\Internet Logs\xDB28B.tmp
2010-07-02 20:55 . 2008-09-12 18:54 -------- d-----w- c:\program files\Common Files\Merge Modules
2010-07-01 12:09 . 2010-07-02 11:57 4407808 ----a-w- c:\windows\Internet Logs\xDB28A.tmp
2010-07-01 05:55 . 2010-07-01 06:04 5166080 ----a-w- c:\windows\Internet Logs\xDB289.tmp
2010-06-30 22:10 . 2010-06-30 22:10 -------- d-----w- c:\program files\Microsoft Device Emulator
2010-06-30 22:10 . 2010-06-30 21:55 -------- d-----w- c:\program files\Windows Mobile 6 SDK
2010-06-30 20:58 . 2010-06-30 21:08 4463104 ----a-w- c:\windows\Internet Logs\xDB288.tmp
2010-06-30 20:04 . 2008-11-25 12:12 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2010-06-30 15:10 . 2010-06-30 15:10 -------- d-----w- c:\program files\CE Remote Tools
2010-06-30 15:06 . 2008-11-25 12:26 -------- d-----w- c:\program files\Microsoft Web Designer Tools
2010-06-29 13:36 . 2010-06-29 15:12 4258816 ----a-w- c:\windows\Internet Logs\xDB287.tmp
2010-06-28 23:48 . 2010-06-29 12:27 4762112 ----a-w- c:\windows\Internet Logs\xDB286.tmp
2010-06-28 22:10 . 2010-06-28 20:56 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2010-06-28 22:04 . 2008-10-18 22:19 -------- d-----w- c:\program files\MSBuild
2010-06-28 22:01 . 2008-08-27 17:51 -------- d-----w- c:\program files\Microsoft SDKs
2010-06-28 21:55 . 2010-06-28 21:55 -------- d-----w- c:\program files\Microsoft ASP.NET
2010-06-28 21:54 . 2010-06-28 21:54 -------- d-----w- c:\program files\IIS
2010-06-28 21:33 . 2010-06-28 20:56 -------- d-----w- c:\program files\Microsoft F#
2010-06-28 21:12 . 2010-06-28 20:56 -------- d-----w- c:\program files\HTML Help Workshop
2010-06-28 20:56 . 2010-06-28 20:56 -------- d-----w- c:\program files\Microsoft Help Viewer
2010-06-28 05:34 . 2010-06-28 11:50 1699840 ----a-w- c:\windows\Internet Logs\xDB285.tmp
2010-06-28 05:32 . 2010-06-28 11:50 4527104 ----a-w- c:\windows\Internet Logs\xDB284.tmp
2010-06-26 17:52 . 2010-06-26 19:32 4248064 ----a-w- c:\windows\Internet Logs\xDB282.tmp
2010-06-25 22:40 . 2010-06-25 23:17 1841152 ----a-w- c:\windows\Internet Logs\xDB283.tmp
2010-06-25 22:39 . 2010-06-25 23:17 4249088 ----a-w- c:\windows\Internet Logs\xDB281.tmp
2010-06-24 23:01 . 2010-06-24 23:01 -------- d-----w- c:\program files\CoffeeCup Software
2010-06-24 22:21 . 2010-06-24 22:21 -------- d-----w- c:\program files\Microangelo Toolset 6
2010-06-24 21:44 . 2008-08-11 14:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-23 17:55 . 2010-06-23 21:17 4230144 ----a-w- c:\windows\Internet Logs\xDB280.tmp
2010-06-22 23:56 . 2010-06-23 11:33 716800 ----a-w- c:\windows\Internet Logs\xDB27F.tmp
2010-06-22 23:55 . 2010-06-23 11:33 4217344 ----a-w- c:\windows\Internet Logs\xDB27D.tmp
2010-06-22 19:15 . 2009-04-24 20:21 -------- d-----w- c:\program files\SoundGen
2010-06-22 04:19 . 2010-06-22 12:24 789504 ----a-w- c:\windows\Internet Logs\xDB27E.tmp
2010-06-22 04:19 . 2010-06-22 12:24 4219904 ----a-w- c:\windows\Internet Logs\xDB27C.tmp
2010-06-21 13:16 . 2010-06-21 14:59 4236288 ----a-w- c:\windows\Internet Logs\xDB27A.tmp
2010-06-20 04:28 . 2010-06-20 12:28 898560 ----a-w- c:\windows\Internet Logs\xDB27B.tmp
2010-06-20 04:28 . 2010-06-20 12:27 4225024 ----a-w- c:\windows\Internet Logs\xDB279.tmp
2010-06-18 20:40 . 2010-06-18 20:40 -------- d-----w- c:\program files\geniatech
2010-06-18 20:15 . 2010-06-18 20:22 4210688 ----a-w- c:\windows\Internet Logs\xDB278.tmp
2010-06-18 15:53 . 2010-06-18 16:03 4211200 ----a-w- c:\windows\Internet Logs\xDB277.tmp
2010-06-18 00:16 . 2010-06-18 12:34 4212224 ----a-w- c:\windows\Internet Logs\xDB276.tmp
2006-01-23 10:32 . 2006-01-23 10:32 131072 ------w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2006-06-07 14:40 . 2006-06-07 14:40 132848 ------w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ------w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ------w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2002-07-31 19:55 . 2010-06-24 23:05 106 --sh--w- c:\windows\WSYS049.SYS
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{f3738b89-7a4e-41df-ac24-bf192e9e5465}"= "c:\program files\Fleshlight_Free_Porn\tbFle1.dll" [2010-07-05 2515552]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_CLASSES_ROOT\clsid\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 13:02 1230080 ------w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]
2010-07-05 11:31 2515552 ----a-w- c:\program files\Fleshlight_Free_Porn\tbFle1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{f3738b89-7a4e-41df-ac24-bf192e9e5465}"= "c:\program files\Fleshlight_Free_Porn\tbFle1.dll" [2010-07-05 2515552]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{F3738B89-7A4E-41DF-AC24-BF192E9E5465}"= "c:\program files\Fleshlight_Free_Porn\tbFle1.dll" [2010-07-05 2515552]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-02-22 217544]
"Active Desktop Calendar"="c:\program files\XemiComputers\Active Desktop Calendar\ADC.exe" [2008-11-05 4478464]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2009-12-21 818288]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-07-02 2347216]
"FreeCall"="c:\program files\FreeCall.com\FreeCall\FreeCall.exe" [2010-07-15 10788656]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-30 761946]
"SMSERIAL"="c:\windows\sm56hlpr.exe" [2006-06-30 565248]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]
"Zone Labs Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2004-11-28 902432]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-04-14 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-04-14 602182]
"EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2006-04-14 569413]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-01-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-01-19 458752]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-13 16239616]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-15 2065760]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bitmeter2.lnk - c:\program files\Codebox\BitMeter\BitMeter2.exe [2008-11-1 1462272]
Dataviz Messenger.lnk - c:\windows\DvzCommon\DvzMsgr.exe [2003-7-1 24576]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2010-05-26 10:47 335136 ----a-w- c:\program files\GbPlugin\gbieh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-15 16:32 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Palm\\HOTSYNC.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1128:TCP"= 1128:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [29.5.2010 12:17 45472]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [11.8.2008 15:05 216400]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [11.8.2008 15:05 243024]
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [13.1.2006 13:00 15872]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [8.1.2010 0:51 380928]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [15.7.2010 16:28 921952]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [15.7.2010 16:32 308136]
R2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [29.5.2010 12:17 55072]
R2 HRD RemoteSvr;Ham Radio Deluxe Remote Server;c:\program files\Amateur Radio\Ham Radio Deluxe\HRDRemoteSvr.exe [28.9.2008 15:26 192512]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [16.12.2009 10:09 188736]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [16.12.2009 10:11 65856]
R3 U6652SRV;U6652 USB;c:\windows\system32\drivers\U6652.sys [9.3.2009 17:34 199040]
R3 xpvcom;XPVCOM Port;c:\windows\system32\drivers\XPVCOM.sys [23.3.2007 2:00 30032]
S2 Ca533av;Icatch(IV) Video Camera Device;c:\windows\system32\drivers\Ca533av.sys [19.1.2009 12:13 515803]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 fxyia;Installer Boot;c:\windows\system32\svchost.exe -k netsvcs [11.8.2008 12:57 14336]
S2 gupdate1ca977fe6707190;Služba Google Update (gupdate1ca977fe6707190);c:\program files\Google\Update\GoogleUpdate.exe [17.1.2010 14:18 133104]
S3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM);c:\windows\system32\drivers\averhbtv.sys [6.1.2009 0:46 283648]
S3 usb2vcom;Nokia CA-42 USB;c:\windows\system32\drivers\usb2vcom.sys [14.1.2009 16:54 29152]
S3 Usblink;Usblink Driver;c:\windows\system32\drivers\ulink.sys [13.8.2008 18:58 37708]
S3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [8.12.2009 21:24 48128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S3 ZSMC302;VIMICRO USB PC Camera;c:\windows\system32\drivers\usbVM31b.sys [13.8.2008 18:31 90568]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [11.7.2008 0:28 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10.7.2008 2:49 242712]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [22.8.2008 13:40 716272]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [11.7.2008 0:28 369688]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
fxyia
.
Obsah adresáře 'Naplánované úlohy'

2010-07-31 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]

2010-07-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2010-07-31 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-05-24 14:11]

2010-07-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-17 14:17]

2010-07-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-17 14:17]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = hxxp://www.avg.com/ww.special-old-os-app
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: S&end to OneNote - /105
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: {E3431AEF-A15D-43E1-A1F5-5583C46D2840} = 201.75.168.15,201.75.168.16
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-31 18:08
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-484763869-261478967-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{97CE299A-01CD-48DB-72EE-9E7DA7C9A386}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"pakoifjbkjcjmgiemegkggiacihdogmm"=hex:61,62,64,66,67,6e,61,6c,68,61,6f,66,63,
65,68,63,6f,62,64,6d,69,66,64,67,6c,67,6a,68,6c,63,64,69,67,64,00,00

[HKEY_USERS\S-1-5-21-484763869-261478967-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9ACD965D-15C8-92A4-83C8-68F88D8A73E1}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"paciolbkapdoonhcbkekmaopdfmmahdm"=hex:61,61,00,00
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(168)
c:\program files\GbPlugin\gbieh.dll

- - - - - - - > 'explorer.exe'(4764)
c:\program files\XemiComputers\Active Desktop Calendar\MouseHook.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-07-31 18:15:48
ComboFix-quarantined-files.txt 2010-07-31 18:15

Před spuštěním: Volných bajtů: 40 086 831 104
Po spuštění: Volných bajtů: 40 074 694 656

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - EE8BC5CD6C71F02957ADDB7684C18E8C

xxxxxxxxxxxxxxxxxxxx
MOC DIKY ZA POMOC
xxxxxxxxxxxxxxxxxxxx

#17 Příspěvek od **Rudy** » 31 črc 2010 20:04

Otevřte poznámkový blok a zkopírujte do něj:

Collect::
c:\windows\WSYS049.SYS

Regnull::
[HKEY_USERS\S-1-5-21-484763869-261478967-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{97CE299A-01CD-48DB-72EE-9E7DA7C9A386}*]
[HKEY_USERS\S-1-5-21-484763869-261478967-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9ACD965D-15C8-92A4-83C8-68F88D8A73E1}*]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

libor_berka · #18 Příspěvek od **libor_berka** » 02 srp 2010 15:24

V predesle odpovedi jsem totrochu prehnal zeje vse v poradku ale nebylo coz jste asi zjistil
z posledniho skriptu a doporucil dalsi CFScript korekci. Takze jsem ji implikoval a nize je
dalsi CF log ktery se vytvoril. BTW tentokrat combofix jel pres hodinu nez skoncil.
Rdeji ted mlcim prooze mozna porad jeste to neni vsechno OK

Log naseduje nize:

ComboFix 10-07-31.01 - Libor 02.08.2010 11:38:03.4.2 - x86
Spuštěný z: c:\documents and settings\Libor\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Libor\Plocha\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

file zipped: c:\windows\WSYS049.SYS
.
ADS - drivers: deleted 204 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\WSYS049.SYS

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-02 do 2010-08-02 )))))))))))))))))))))))))))))))
.

2010-07-23 18:56 . 2010-07-23 19:03 -------- d-----w- c:\program files\Common Files\Ahead
2010-07-23 15:29 . 2010-07-23 15:29 3208 ----a-w- c:\windows\im32st.dat
2010-07-23 13:51 . 2010-07-23 13:51 -------- d-----w- c:\program files\PJsoft
2010-07-23 13:35 . 2010-07-23 13:35 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-07-23 11:48 . 2010-07-27 22:39 -------- d-----w- c:\program files\trend micro
2010-07-23 11:47 . 2010-07-27 22:42 -------- d-----w- C:\rsit
2010-07-19 21:36 . 2010-07-19 21:36 -------- d-----w- c:\program files\Photo!
2010-07-19 20:50 . 2010-07-29 19:36 -------- d-----w- C:\Microsoft Photo Editor
2010-07-19 12:19 . 2010-07-19 15:23 -------- d-----w- c:\program files\KillSoft
2010-07-17 19:25 . 2010-07-17 19:25 -------- d-----w- c:\program files\GiPo@Utilities
2010-07-17 19:25 . 2010-07-17 19:25 -------- d-----w- c:\program files\Common Files\Gibinsoft Shared
2010-07-15 16:32 . 2010-07-15 16:32 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-15 16:32 . 2010-07-15 16:32 420192 ----a-w- c:\temp\fixcfg.exe
2010-07-14 19:58 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-12 19:25 . 2010-07-30 11:26 -------- d-----w- c:\program files\Security Task Manager
2010-07-10 16:51 . 2010-07-10 16:51 -------- d-----w- c:\program files\4Easysoft Studio

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-02 11:12 . 2001-10-25 14:00 601192 ----a-w- c:\windows\system32\perfh005.dat
2010-08-02 11:12 . 2001-10-25 14:00 143322 ----a-w- c:\windows\system32\perfc005.dat
2010-08-02 11:09 . 2001-10-13 13:11 78 ----a-w- c:\windows\battery.dat
2010-08-02 10:59 . 2010-05-29 12:17 -------- d-----w- c:\program files\GbPlugin
2010-08-01 13:59 . 2009-04-16 23:33 221 ---ha-w- c:\windows\sysreg.dat
2010-07-31 23:57 . 2010-08-01 03:12 4824064 ----a-w- c:\windows\Internet Logs\xDB2BA.tmp
2010-07-31 21:01 . 2010-07-31 21:36 4823552 ----a-w- c:\windows\Internet Logs\xDB2B8.tmp
2010-07-31 16:20 . 2010-07-31 16:20 -------- d-----r- c:\program files\Skype
2010-07-31 16:20 . 2010-07-31 16:20 -------- d-----w- c:\program files\Common Files\Skype
2010-07-31 13:25 . 2010-07-31 13:23 -------- d-----w- c:\program files\Unlocker
2010-07-30 13:34 . 2010-07-30 11:59 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-07-30 12:59 . 2010-07-30 13:06 4804096 ----a-w- c:\windows\Internet Logs\xDB2B7.tmp
2010-07-30 11:26 . 2010-04-15 15:12 -------- d-----w- c:\program files\PHPRunner4.2
2010-07-30 01:18 . 2010-07-30 10:58 4813824 ----a-w- c:\windows\Internet Logs\xDB2B6.tmp
2010-07-29 21:01 . 2008-09-17 13:18 -------- d-----w- c:\program files\ShowIP
2010-07-29 19:49 . 2010-07-29 19:06 -------- d-----w- c:\program files\All in one Cleaner
2010-07-29 19:37 . 2009-03-06 02:09 -------- d-----w- c:\program files\TC UP
2010-07-29 19:37 . 2008-08-11 17:58 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-07-29 19:37 . 2010-03-17 14:12 -------- d-----w- c:\program files\ImageConverter Plus
2010-07-29 15:51 . 2010-07-29 16:50 54272 ----a-w- c:\windows\Internet Logs\xDB2B9.tmp
2010-07-29 15:50 . 2010-07-29 16:50 4795904 ----a-w- c:\windows\Internet Logs\xDB2B5.tmp
2010-07-29 11:27 . 2010-07-29 11:34 4794368 ----a-w- c:\windows\Internet Logs\xDB2B2.tmp
2010-07-29 11:27 . 2010-07-29 11:34 118784 ----a-w- c:\windows\Internet Logs\xDB2B4.tmp
2010-07-29 04:15 . 2010-07-29 11:16 4800512 ----a-w- c:\windows\Internet Logs\xDB2B1.tmp
2010-07-28 21:47 . 2010-07-28 21:55 4807168 ----a-w- c:\windows\Internet Logs\xDB2B0.tmp
2010-07-28 14:05 . 2010-07-28 14:17 2664448 ----a-w- c:\windows\Internet Logs\xDB2B3.tmp
2010-07-28 14:05 . 2010-07-28 14:16 4794880 ----a-w- c:\windows\Internet Logs\xDB2AF.tmp
2010-07-28 11:03 . 2010-07-28 11:11 4795392 ----a-w- c:\windows\Internet Logs\xDB2AE.tmp
2010-07-27 22:45 . 2010-07-27 23:00 4797440 ----a-w- c:\windows\Internet Logs\xDB2AD.tmp
2010-07-27 13:45 . 2010-07-27 14:54 4794368 ----a-w- c:\windows\Internet Logs\xDB2AC.tmp
2010-07-27 08:20 . 2010-05-29 12:17 45472 ----a-w- c:\windows\system32\drivers\gbpkm.sys
2010-07-26 23:09 . 2010-07-27 12:04 4809728 ----a-w- c:\windows\Internet Logs\xDB2AB.tmp
2010-07-26 00:00 . 2010-07-26 11:15 4795904 ----a-w- c:\windows\Internet Logs\xDB2AA.tmp
2010-07-24 23:45 . 2010-07-24 23:56 4795904 ----a-w- c:\windows\Internet Logs\xDB2A9.tmp
2010-07-24 21:53 . 2008-08-13 14:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-21 18:49 . 2010-07-21 19:52 4780544 ----a-w- c:\windows\Internet Logs\xDB2A8.tmp
2010-07-20 18:07 . 2010-07-20 19:55 4778496 ----a-w- c:\windows\Internet Logs\xDB2A7.tmp
2010-07-19 23:37 . 2010-07-20 11:21 4780544 ----a-w- c:\windows\Internet Logs\xDB2A6.tmp
2010-07-19 16:45 . 2010-07-19 19:40 4771840 ----a-w- c:\windows\Internet Logs\xDB2A5.tmp
2010-07-19 15:19 . 2010-07-19 15:29 4813824 ----a-w- c:\windows\Internet Logs\xDB2A4.tmp
2010-07-19 01:05 . 2010-07-19 11:02 4774400 ----a-w- c:\windows\Internet Logs\xDB2A3.tmp
2010-07-18 17:06 . 2010-07-18 20:46 4771840 ----a-w- c:\windows\Internet Logs\xDB2A2.tmp
2010-07-18 01:34 . 2010-07-18 12:10 4773376 ----a-w- c:\windows\Internet Logs\xDB2A1.tmp
2010-07-17 18:16 . 2010-07-17 18:28 4775936 ----a-w- c:\windows\Internet Logs\xDB2A0.tmp
2010-07-15 16:33 . 2008-08-11 15:05 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-15 16:27 . 2008-08-11 15:05 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-15 15:45 . 2010-07-15 16:01 4759552 ----a-w- c:\windows\Internet Logs\xDB29F.tmp
2010-07-15 02:48 . 2010-07-15 12:21 4754432 ----a-w- c:\windows\Internet Logs\xDB29E.tmp
2010-07-14 20:39 . 2010-07-14 20:52 4755968 ----a-w- c:\windows\Internet Logs\xDB29D.tmp
2010-07-13 23:25 . 2010-07-13 23:38 4762112 ----a-w- c:\windows\Internet Logs\xDB29C.tmp
2010-07-13 20:45 . 2010-07-13 21:01 4756992 ----a-w- c:\windows\Internet Logs\xDB29B.tmp
2010-07-13 15:28 . 2010-07-13 15:42 4756992 ----a-w- c:\windows\Internet Logs\xDB29A.tmp
2010-07-13 12:52 . 2010-04-19 16:48 -------- d-----w- c:\program files\FreeCall.com
2010-07-12 20:12 . 2010-07-12 20:29 4731392 ----a-w- c:\windows\Internet Logs\xDB299.tmp
2010-07-12 20:03 . 2010-04-19 19:16 -------- d-----w- c:\program files\TV IR
2010-07-12 16:08 . 2010-07-12 18:38 4670976 ----a-w- c:\windows\Internet Logs\xDB298.tmp
2010-07-11 21:08 . 2010-07-11 21:42 4732928 ----a-w- c:\windows\Internet Logs\xDB297.tmp
2010-07-10 23:47 . 2010-07-11 11:55 4726784 ----a-w- c:\windows\Internet Logs\xDB296.tmp
2010-07-09 23:40 . 2010-07-10 11:49 4730880 ----a-w- c:\windows\Internet Logs\xDB295.tmp
2010-07-09 20:54 . 2008-08-13 12:23 -------- d-----w- c:\program files\Pidgin
2010-07-09 12:32 . 2010-07-09 12:49 4657664 ----a-w- c:\windows\Internet Logs\xDB294.tmp
2010-07-08 12:01 . 2010-07-08 15:02 4650496 ----a-w- c:\windows\Internet Logs\xDB293.tmp
2010-07-07 22:28 . 2010-07-07 22:40 4659712 ----a-w- c:\windows\Internet Logs\xDB291.tmp
2010-07-06 16:57 . 2010-07-06 21:43 2962432 ----a-w- c:\windows\Internet Logs\xDB292.tmp
2010-07-06 16:55 . 2010-07-06 21:42 4644352 ----a-w- c:\windows\Internet Logs\xDB290.tmp
2010-07-05 17:13 . 2010-07-05 17:30 4643840 ----a-w- c:\windows\Internet Logs\xDB28F.tmp
2010-07-05 00:55 . 2010-07-05 11:24 4653056 ----a-w- c:\windows\Internet Logs\xDB28E.tmp
2010-07-04 17:08 . 2010-07-04 17:18 4682752 ----a-w- c:\windows\Internet Logs\xDB28D.tmp
2010-07-03 23:39 . 2010-07-04 12:10 4642816 ----a-w- c:\windows\Internet Logs\xDB28C.tmp
2010-07-02 23:56 . 2010-07-03 12:31 4680704 ----a-w- c:\windows\Internet Logs\xDB28B.tmp
2010-07-02 20:55 . 2008-09-12 18:54 -------- d-----w- c:\program files\Common Files\Merge Modules
2010-07-01 12:09 . 2010-07-02 11:57 4407808 ----a-w- c:\windows\Internet Logs\xDB28A.tmp
2010-07-01 05:55 . 2010-07-01 06:04 5166080 ----a-w- c:\windows\Internet Logs\xDB289.tmp
2010-06-30 22:10 . 2010-06-30 22:10 -------- d-----w- c:\program files\Microsoft Device Emulator
2010-06-30 22:10 . 2010-06-30 21:55 -------- d-----w- c:\program files\Windows Mobile 6 SDK
2010-06-30 20:58 . 2010-06-30 21:08 4463104 ----a-w- c:\windows\Internet Logs\xDB288.tmp
2010-06-30 20:04 . 2008-11-25 12:12 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2010-06-30 15:10 . 2010-06-30 15:10 -------- d-----w- c:\program files\CE Remote Tools
2010-06-30 15:06 . 2008-11-25 12:26 -------- d-----w- c:\program files\Microsoft Web Designer Tools
2010-06-29 13:36 . 2010-06-29 15:12 4258816 ----a-w- c:\windows\Internet Logs\xDB287.tmp
2010-06-28 23:48 . 2010-06-29 12:27 4762112 ----a-w- c:\windows\Internet Logs\xDB286.tmp
2010-06-28 22:10 . 2010-06-28 20:56 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2010-06-28 22:04 . 2008-10-18 22:19 -------- d-----w- c:\program files\MSBuild
2010-06-28 22:01 . 2008-08-27 17:51 -------- d-----w- c:\program files\Microsoft SDKs
2010-06-28 21:55 . 2010-06-28 21:55 -------- d-----w- c:\program files\Microsoft ASP.NET
2010-06-28 21:54 . 2010-06-28 21:54 -------- d-----w- c:\program files\IIS
2010-06-28 21:33 . 2010-06-28 20:56 -------- d-----w- c:\program files\Microsoft F#
2010-06-28 21:12 . 2010-06-28 20:56 -------- d-----w- c:\program files\HTML Help Workshop
2010-06-28 20:56 . 2010-06-28 20:56 -------- d-----w- c:\program files\Microsoft Help Viewer
2010-06-28 05:34 . 2010-06-28 11:50 1699840 ----a-w- c:\windows\Internet Logs\xDB285.tmp
2010-06-28 05:32 . 2010-06-28 11:50 4527104 ----a-w- c:\windows\Internet Logs\xDB284.tmp
2010-06-26 17:52 . 2010-06-26 19:32 4248064 ----a-w- c:\windows\Internet Logs\xDB282.tmp
2010-06-25 22:40 . 2010-06-25 23:17 1841152 ----a-w- c:\windows\Internet Logs\xDB283.tmp
2010-06-25 22:39 . 2010-06-25 23:17 4249088 ----a-w- c:\windows\Internet Logs\xDB281.tmp
2010-06-24 23:01 . 2010-06-24 23:01 -------- d-----w- c:\program files\CoffeeCup Software
2010-06-24 22:21 . 2010-06-24 22:21 -------- d-----w- c:\program files\Microangelo Toolset 6
2010-06-24 21:44 . 2008-08-11 14:07 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-23 17:55 . 2010-06-23 21:17 4230144 ----a-w- c:\windows\Internet Logs\xDB280.tmp
2010-06-22 23:56 . 2010-06-23 11:33 716800 ----a-w- c:\windows\Internet Logs\xDB27F.tmp
2010-06-22 23:55 . 2010-06-23 11:33 4217344 ----a-w- c:\windows\Internet Logs\xDB27D.tmp
2006-01-23 10:32 . 2006-01-23 10:32 131072 ------w- c:\program files\internet explorer\plugins\LV80ActiveXControl.dll
2006-06-07 14:40 . 2006-06-07 14:40 132848 ------w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ------w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ------w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{f3738b89-7a4e-41df-ac24-bf192e9e5465}"= "c:\program files\Fleshlight_Free_Porn\tbFle1.dll" [2010-07-05 2515552]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_CLASSES_ROOT\clsid\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 13:02 1230080 ------w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]
2010-07-05 11:31 2515552 ----a-w- c:\program files\Fleshlight_Free_Porn\tbFle1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{f3738b89-7a4e-41df-ac24-bf192e9e5465}"= "c:\program files\Fleshlight_Free_Porn\tbFle1.dll" [2010-07-05 2515552]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]
"{F3738B89-7A4E-41DF-AC24-BF192E9E5465}"= "c:\program files\Fleshlight_Free_Porn\tbFle1.dll" [2010-07-05 2515552]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CLASSES_ROOT\clsid\{f3738b89-7a4e-41df-ac24-bf192e9e5465}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-02-22 217544]
"Active Desktop Calendar"="c:\program files\XemiComputers\Active Desktop Calendar\ADC.exe" [2008-11-05 4478464]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2009-12-21 818288]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-07-02 2347216]
"FreeCall"="c:\program files\FreeCall.com\FreeCall\FreeCall.exe" [2010-07-15 10788656]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-30 761946]
"SMSERIAL"="c:\windows\sm56hlpr.exe" [2006-06-30 565248]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]
"Zone Labs Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2004-11-28 902432]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2006-04-14 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2006-04-14 602182]
"EOUApp"="c:\program files\Intel\Wireless\Bin\EOUWiz.exe" [2006-04-14 569413]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-01-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-01-19 458752]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-13 16239616]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-15 2065760]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-17 421888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bitmeter2.lnk - c:\program files\Codebox\BitMeter\BitMeter2.exe [2008-11-1 1462272]
Dataviz Messenger.lnk - c:\windows\DvzCommon\DvzMsgr.exe [2003-7-1 24576]

c:\documents and settings\Libor\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Battery Doubler.lnk - c:\program files\Dachshund Software\Battery Doubler\Battery Doubler.exe [2002-9-21 1534267]
Calendar 2000.lnk - c:\program files\Software by Design\Calendar.exe [2008-8-13 286720]
HotSync Manager.lnk - c:\program files\Palm\HOTSYNC.EXE [2003-9-25 299008]
MYFILE.lnk - c:\org2\ORGFILES\MYFILE.OR2 [2008-8-17 458752]
Printkey2000.exe [1999-9-30 869376]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]
2010-07-27 08:18 335136 ----a-w- c:\program files\GbPlugin\gbieh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-15 16:32 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Palm\\HOTSYNC.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1128:TCP"= 1128:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [29.5.2010 12:17 45472]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [11.8.2008 15:05 216400]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [11.8.2008 15:05 243024]
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [13.1.2006 13:00 15872]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [8.1.2010 0:51 380928]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [15.7.2010 16:28 921952]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [15.7.2010 16:32 308136]
R2 GbpSv;Gbp Service;c:\progra~1\GbPlugin\GbpSv.exe [29.5.2010 12:17 55072]
R2 HRD RemoteSvr;Ham Radio Deluxe Remote Server;c:\program files\Amateur Radio\Ham Radio Deluxe\HRDRemoteSvr.exe [28.9.2008 15:26 192512]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [16.12.2009 10:09 188736]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [16.12.2009 10:11 65856]
R3 U6652SRV;U6652 USB;c:\windows\system32\drivers\U6652.sys [9.3.2009 17:34 199040]
R3 xpvcom;XPVCOM Port;c:\windows\system32\drivers\XPVCOM.sys [23.3.2007 2:00 30032]
S2 Ca533av;Icatch(IV) Video Camera Device;c:\windows\system32\drivers\Ca533av.sys [19.1.2009 12:13 515803]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 fxyia;Installer Boot;c:\windows\system32\svchost.exe -k netsvcs [11.8.2008 12:57 14336]
S2 gupdate1ca977fe6707190;Služba Google Update (gupdate1ca977fe6707190);c:\program files\Google\Update\GoogleUpdate.exe [17.1.2010 14:18 133104]
S3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM);c:\windows\system32\drivers\averhbtv.sys [6.1.2009 0:46 283648]
S3 usb2vcom;Nokia CA-42 USB;c:\windows\system32\drivers\usb2vcom.sys [14.1.2009 16:54 29152]
S3 Usblink;Usblink Driver;c:\windows\system32\drivers\ulink.sys [13.8.2008 18:58 37708]
S3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [8.12.2009 21:24 48128]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S3 ZSMC302;VIMICRO USB PC Camera;c:\windows\system32\drivers\usbVM31b.sys [13.8.2008 18:31 90568]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [11.7.2008 0:28 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10.7.2008 2:49 242712]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [22.8.2008 13:40 716272]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [11.7.2008 0:28 369688]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
fxyia
.
Obsah adresáře 'Naplánované úlohy'

2010-08-02 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]

2010-07-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2010-08-02 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-05-24 14:11]

2010-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-17 14:17]

2010-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-17 14:17]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = hxxp://www.avg.com/ww.special-old-os-app
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
IE: S&end to OneNote - /105
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
TCP: {E3431AEF-A15D-43E1-A1F5-5583C46D2840} = 201.75.168.15,201.75.168.16
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-02 13:12
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(340)
c:\program files\GbPlugin\gbieh.dll
.
Celkový čas: 2010-08-02 13:19:30
ComboFix-quarantined-files.txt 2010-08-02 13:19

Před spuštěním: Volných bajtů: 39 938 813 952
Po spuštění: Volných bajtů: 39 911 346 176

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 71698A827FF9DCB39D366643C1700272

#19 Příspěvek od **Rudy** » 02 srp 2010 17:48

Smazáno, zbytek logu vypadá čistý. Nastala nějaká změna?

libor_berka · #20 Příspěvek od **libor_berka** » 03 srp 2010 15:12

Stav je zda se klidny. Nakonfiguroval jsem Skype ale jako "Spusteni po startu". Takhle kdyz nastartuju windows po jejich
celkovem spusteni je explorer.exe v klidu. Pokud delam nejake operace s HD nebo jinymi programy zatezujicimi
explorer, tak sice tento zatizi procesor ale odber po ustaleni daneho programu rychle spadne, coz je normalni.
Budu to jste testovat a jestli bude jeste nejaky problem dam vedet.
P.S. Ten CF log bych se chtel naucit podrobne analyzovat ale nenasel jsem stranku jak. Taky jsem studoval tu obrovskou bifli o WinXP ale tam o exploreru a hlavne o registrech toho moc podrobne neni. Asi je potreba skoleni u Microsoftu

#21 Příspěvek od **Rudy** » 03 srp 2010 18:24

P.S. Ten CF log bych se chtel naucit podrobne analyzovat ale nenasel jsem stranku jak. Taky jsem studoval tu obrovskou bifli o WinXP ale tam o exploreru a hlavne o registrech toho moc podrobne neni. Asi je potreba skoleni u Microsoftu

Ani nenajdete, neboť autor si své tajemství střeží a i my jsme vázáni určitými regulemi. CF nemá nic společného s Microsoftem. Lehce vám napovím: jde o to zanalyzovat jednotlivé položky logu a určit, zda jedna každá je legitimní, či nikoli. Podstatný problém ale je hlavně v tom, že se důrazně nedoporučuje laikům s ComboFixem experimentovat.
Systém sledujte a případně dejte vědět.

libor_berka · #22 Příspěvek od **libor_berka** » 04 srp 2010 00:12

Rozumim a dik za odpoved. Ozvu se tedy pokud by zase byly problemy. Combofix odlozim do bezpeci

#23 Příspěvek od **Rudy** » 04 srp 2010 19:34

ComboFix odinstalujte Start>spustit>(napsat) comobfix /uninstall>OK. Nemáte zač!

VIRY.CZ

Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe

Re: Problem s explorer.exe