Prosím o RADU

Zpráva

holvyy · #61 Příspěvek od **holvyy** » 06 srp 2010 22:52

ComboFix 10-08-03.04 - Bohuslav 06.08.2010 16:37:01.9.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.767.171 [GMT 2:00]
Spuštěný z: c:\documents and settings\Bohuslav\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Bohuslav\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Kerio Personal Firewall *disabled* {CB8DE467-2367-41d1-87BA-D0AE12284F9A}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-07-06 do 2010-08-06 )))))))))))))))))))))))))))))))
.

2010-08-06 08:51 . 2010-08-06 14:42 -------- d-----w- c:\windows\LastGood.Tmp
2010-08-06 02:53 . 2010-08-06 08:16 -------- d-----w- C:\aec.sys
2010-08-05 22:36 . 2010-08-05 22:37 -------- d-----w- C:\Nová složka
2010-08-05 10:20 . 2010-08-06 14:43 585472 ----a-w- c:\windows\system32\drivers\aec.sys
2010-08-04 20:23 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-04 20:23 . 2010-08-04 20:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-04 20:23 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-03 13:29 . 2010-08-03 13:31 -------- d-----w- c:\program files\trend micro
2010-08-03 13:29 . 2010-08-03 13:33 -------- d-----w- C:\rsit
2010-08-03 01:50 . 2008-04-13 22:10 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-08-03 01:50 . 2008-04-13 22:10 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-08-03 01:50 . 2008-04-13 22:11 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-08-03 01:50 . 2008-04-13 22:11 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-08-03 01:50 . 2008-04-13 22:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-08-03 01:50 . 2008-04-13 22:11 8192 ----a-w- c:\windows\system32\drivers\Changer.sys
2010-07-15 14:14 . 2010-07-15 14:14 -------- d-----w- c:\program files\Common Files\Skype
2010-07-13 16:21 . 2010-07-13 16:21 -------- d-----w- c:\program files\Common Files\PCSuite
2010-07-13 16:21 . 2010-07-13 16:21 -------- d-----w- c:\program files\Common Files\Nokia
2010-07-13 16:18 . 2010-07-13 16:18 -------- d-----w- c:\program files\DIFX
2010-07-13 16:18 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-07-13 16:18 . 2010-07-13 16:18 -------- d-----w- c:\program files\PC Connectivity Solution
2010-07-13 16:18 . 2010-02-26 12:32 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-07-13 16:18 . 2010-02-26 12:32 22528 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-07-13 16:18 . 2010-02-26 12:32 662016 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-07-13 16:18 . 2010-02-26 12:32 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-07-13 16:18 . 2010-02-26 12:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-06 14:44 . 2006-10-17 15:52 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-08-05 10:21 . 2010-06-07 14:29 -------- d-----w- c:\program files\DScaler
2010-08-05 09:49 . 2010-06-07 13:21 -------- d-----w- c:\program files\Driver Genius
2010-08-04 14:54 . 2006-01-24 17:45 -------- d-----w- c:\program files\CCleaner
2010-08-02 17:45 . 2001-10-25 12:00 47410 ----a-w- c:\windows\system32\perfc005.dat
2010-08-02 17:45 . 2001-10-25 12:00 312606 ----a-w- c:\windows\system32\perfh005.dat
2010-07-27 10:33 . 2010-03-29 22:08 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-07-15 14:13 . 2005-09-15 19:28 -------- d-----w- c:\program files\Skype
2010-07-13 16:30 . 2010-07-13 16:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-07-13 16:30 . 2010-07-13 16:30 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-07-13 16:29 . 2010-07-13 16:29 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-07-13 16:29 . 2010-07-13 16:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-13 16:21 . 2008-02-12 00:01 -------- d-----w- c:\program files\Nokia
2010-07-13 03:03 . 2010-03-20 03:45 -------- d-----w- c:\program files\Burn4Free
2010-07-12 03:19 . 2010-07-12 03:19 113322 ----a-w- c:\program files\_JPOD, 6. dub 1931.sav
2010-07-07 15:35 . 2010-03-25 09:14 -------- d-----w- c:\program files\ICQ7.1
2010-07-01 14:05 . 2007-12-09 15:24 -------- d-----w- c:\program files\GRETECH
2010-06-28 20:57 . 2010-06-29 06:07 38848 ----a-w- c:\windows\avastSS.scr
2010-06-28 20:57 . 2010-04-28 13:25 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2010-04-28 13:25 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2010-04-28 13:25 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2010-04-28 13:25 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2010-04-28 13:25 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 20:32 . 2010-04-28 13:25 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 20:32 . 2010-04-28 13:25 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 20:32 . 2010-04-28 13:25 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-24 15:25 . 2004-04-01 20:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-23 14:48 . 2010-06-23 14:48 -------- d-----w- c:\program files\Common Files\ArcSoft
2010-06-23 14:48 . 2010-06-23 14:48 -------- d-----w- c:\program files\Common Files\Ulead Systems
2010-06-23 14:48 . 2010-06-23 14:47 -------- d-----w- c:\program files\WinFast
2010-06-23 14:48 . 2010-06-23 14:48 -------- d-----w- c:\program files\Windows Sidebar
2010-06-23 14:41 . 2010-06-23 14:41 -------- d-----w- c:\program files\Leadtek Research Inc
2010-06-23 13:50 . 2010-06-23 13:50 -------- d-----w- c:\program files\win fst
2010-06-23 13:36 . 2010-06-07 13:58 -------- d-----w- c:\program files\ChrisTV PVR
2010-06-14 15:47 . 2010-06-13 20:29 -------- d-----w- c:\program files\LifeView MVP
2010-06-12 19:55 . 2010-03-01 17:20 -------- d-----w- c:\program files\Ashampoo
2010-06-08 10:08 . 2010-06-08 10:08 -------- d-----w- c:\program files\Common Files\NacreWare
2010-06-08 10:08 . 2010-06-08 10:08 -------- d-----w- c:\program files\AMC2000
2010-06-07 14:02 . 2010-05-05 10:16 4456 ----a-w- c:\windows\system32\d3d9caps.dat
2008-08-18 08:55 . 2008-08-18 08:55 148766 ----a-w- c:\program files\PC Tools Firewall Plus_40045_cz.exe
2008-08-18 08:37 . 2008-08-18 08:37 2405 ----a-w- c:\program files\Přečti si!.txt
.

(((((((((((((((((((((((((((((((((((((((((( SR_Search ))))))))))))))))))))))))))))))))))))))))))))))))))))))))

c:\aec.sys\aec.sys [x]
[7] 8BED39E3C35D6A489438B8141717A557 142592 \RP2\A0004593.sys

[-] !HASH: COULD NOT OPEN FILE !!!!! 142592 c:\windows\system32\dllcache\aec.sys
[7] 8BED39E3C35D6A489438B8141717A557 142592 \RP1\A0000228.sys

[-] !HASH: COULD NOT OPEN FILE !!!!! 585472 c:\windows\system32\drivers\aec.sys
[7] 8BED39E3C35D6A489438B8141717A557 142592 \RP1\A0000224.sys
[7] 8BED39E3C35D6A489438B8141717A557 142592 \RP1\A0003347.sys
.
------- Sigcheck -------

[-] 2010-08-06 14:43 . 83AF81FEA495E4EDFC31C890D4BFA4BC . 585472 . . [------] . . c:\windows\system32\drivers\aec.sys
[7] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[7] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ERDNT\cache\aec.sys
[7] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$NtServicePackUninstall$\aec.sys
[7] 2004-08-03 20:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys
[7] 2002-08-28 21:16 . FF773FEDA15E8BD97FD54FE87A0ACDBE . 142208 . . [5.1.2601.1095 built by: xpsp1] . . c:\windows\SoftwareDistribution\Download\S-1-5-18\2bc6990d5261226b377910d10bc586ad\backup\aec.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2010-06-07 14:00 2515552 ----a-w- c:\program files\BS_Player\tbBS_1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_1.dll" [2010-06-07 2515552]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_1.dll" [2010-06-07 2515552]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-03-01 451224]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2010-03-25 2924544]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-31 185872]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2010-04-07 79360]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ7.1\ICQ.exe" silent loginmode=4
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"SoundMan"=SOUNDMAN.EXE
"WinampAgent"=c:\program files\Winamp\winampa.exe
"DTVRemote"="c:\program files\LifeView MVP\RemoteControl.exe"
"ChrisTV Agent"="c:\program files\ChrisTV PVR\ChrisTV_Agent.exe" /SILENT

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\DVBTAP.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\LiveUpdate\\LiveUpdate.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\Bohuslav\\Plocha\\Skype.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [28.4.2010 15:25 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28.4.2010 15:25 17744]
R2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [23.6.2010 16:41 59776]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [25.3.2010 11:28 246520]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [25.2.2010 10:59 1047880]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [23.6.2010 16:41 19456]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [23.6.2010 16:41 9600]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [25.2.2010 10:18 10064]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.8.2007 22:37 685816]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
utvmhdnl
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.inbox.com/homepage.aspx?tbid=80096&lng=cs
uInternet Settings,ProxyServer = 192.168.200.221:3128
IE: &ICQ Toolbar Search - c:\progra~1\ICQTOO~1\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://portal.mpsv.cz/sz/obcane/vmjedno
FF - component: c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-06 16:46
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\ASFWHide]
"ImagePath"="\??\c:\docume~1\Bohuslav\LOCALS~1\Temp\ASFWHide"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG06.00.00.01WORKSTATION"="BEDF0E162D592E52B7BAEC663700D6CC162A0B998B7A3A05471626057DE6BF7A1F7FCC5C48F133D3934FD843F437292DC3433D6109AAB1FD52E1A112079E5E888C014FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D140700F9F580EE9F7A3F509BB07F5125FBB180A42937C0B26B9F8A1A02A1A309A0A413872200E3F2285D9B7BB1595FEEC2CCB7D8A957E9A7011FD7F8F360E03868AFA89B16944ECBA769F4A7718F997FDE75A9B815FB4C2178315904157763308C00590683492FBED5686E05E1E7CB913E7A035D3BC71E9FEF9372A8BB06E8577D64E629E15AEE3597D1420ABB5BA532D5A394743892F6768CF7AE6A7FE29464B018337CEABAD8EED113CAC4F99A3CC69DA7543E65E8D54EF6843BDEBE15EB642250458A9C8E1CFB708A08D45A0787048FB5DB90E3881AA2DCD26A301A59DA39CCB24773B9AF4C42608C9DEEE0B66575ABEBE55618E58BC16D72311DF5A0AE96355C09EA472B617C96E1545BD4F514F9F663D389AAA9D2515EE3AAF6FB0E98865E59FDB7904435B688C418F541C138C3F8212BBD062C7C48671E14A5997CB164522FBAB5A3EE0855B068F7AE74CD5BDABBA49498DB017AF2460BCFA18076F26220D4FB5251D47E0C8E6DA90A037E6A9850DDDD519F6821703B87E37AA4BDBA84D8332193B0541EE4236E82A0C270B3ACCA3276B60ADBABB48A66F8524046CB23912CAA8E1C7E53BEF6F57F1F5072ED9941FA74A91706B7887CEEDDDF4FB94C6C641042EE32186CCA130440C50A8430364F848F9F8647C4855FD8846B1471465FEE27B0F3D49C9E8D870E8AE613DFF5AC1690A522DBB0399D02D383D59382A8D1D2ACE67228B78063657AC3ECD26DA17CB8D3B74D600D5E92B981920F16ADC66B3550F5CF194B0C7745267853734DF6785E7769D4A0D6617EDF77121F296D552BC0B2150854ED234DC0615A2B65509D47339705FAEBBCD44BD040029F1E6DEEDF236D202A4C6887B976EFBB18DB7DA2E36646779A5622ACBA6C5A0ABD8A0E932F8C0A15DA37376166890993524D10761D2C885020389F435E9736F23EC6652391B38897CF8F0DBBD29FD900A5F3F4EC143BD6C58E2E80D41EBB3BA975F03AE6D4D25BEDD3135006CEE402BF735051BEC1509F307998C384B74543424EE90A8798A5E883C7449893010715B62F26F888EFAB428C0B1A9CD6B8241C7147D50592D0F00DE61F68359C63381CEC61FAF7CABD8E147B001C73B387CD8791719E107CC77717CBDE8AA5BAC2AF118E261B8C691E435EC1AA4AE36B59B93B207571C29A1A834987A479A1EE422867EAAE15A82ED6135E4A6F153D2DBB66E23F0BBFE9A7B863DA951F45129C56E07FF53E3CF343"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(648)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(4064)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\oodag.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\system32\wscntfy.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\windows\System32\wbem\wmiapsrv.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\windows\System32\logon.scr
.
**************************************************************************
.
Celkový čas: 2010-08-06 16:53:09 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-08-06 14:53
ComboFix2.txt 2010-08-06 08:59
ComboFix3.txt 2010-08-06 03:39
ComboFix4.txt 2010-08-05 22:04
ComboFix5.txt 2010-08-06 14:35

Před spuštěním: Volných bajtů: 29 690 523 648
Po spuštění: Volných bajtů: 29 678 739 456

- - End Of File - - BD24D9965A892D61FAA4ACA87CB7E0AC

holvyy · #62 Příspěvek od **holvyy** » 06 srp 2010 22:59

Obávám se že jsem to nadal dobře asi toto je ten log podle času
ComboFix 10-08-06.01 - Bohuslav 06.08.2010 23:04:21.11.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.767.289 [GMT 2:00]
Spuštěný z: c:\documents and settings\Bohuslav\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Bohuslav\Plocha\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\program files\PC Tools Firewall Plus_40045_cz.exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\aec.sys
c:\aec.sys\aec.sys
c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy\ProcCache.sbc
c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\MeMediaAdVantage.zip
c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\MeMediaAdVantage1.zip
c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterdisabled.zip
c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityInternetExplorer.zip
c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityInternetExplorer1.zip
c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\Overview.ini
c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\Stration.zip
c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinBifrostla.zip
c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy\Recovery\WinBifrostla1.zip
C:\Nová složka
c:\nová složka\aec.rar
c:\program files\PC Tools Firewall Plus_40045_cz.exe
c:\program files\Spybot - Search & Destroy
c:\program files\Spybot - Search & Destroy\advcheck.dll
c:\program files\Spybot - Search & Destroy\borlndmm.dll
c:\program files\Spybot - Search & Destroy\delphimm.dll
c:\program files\Spybot - Search & Destroy\Dummies\dummy.cd_clint.dll
c:\program files\Spybot - Search & Destroy\Help\Cesky.Resident.chm
c:\program files\Spybot - Search & Destroy\Help\English.Resident.chm
c:\program files\Spybot - Search & Destroy\Languages\Greek.sbl
c:\program files\Spybot - Search & Destroy\unins000.dat
c:\program files\Spybot - Search & Destroy\unins000.exe
c:\program files\Spybot - Search & Destroy\UnzDll.dll
c:\program files\Spybot - Search & Destroy\ZipDll.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-06 do 2010-08-06 )))))))))))))))))))))))))))))))
.

2010-08-05 10:20 . 2008-04-13 20:09 142592 ----a-w- c:\windows\system32\drivers\aec.sys
2010-08-04 20:23 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-04 20:23 . 2010-08-04 20:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-04 20:23 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-03 13:29 . 2010-08-06 20:22 -------- d-----w- c:\program files\trend micro
2010-08-03 13:29 . 2010-08-03 13:33 -------- d-----w- C:\rsit
2010-08-03 01:50 . 2008-04-13 22:10 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-08-03 01:50 . 2008-04-13 22:10 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-08-03 01:50 . 2008-04-13 22:11 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-08-03 01:50 . 2008-04-13 22:11 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-08-03 01:50 . 2008-04-13 22:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-08-03 01:50 . 2008-04-13 22:11 8192 ----a-w- c:\windows\system32\drivers\Changer.sys
2010-07-15 14:14 . 2010-07-15 14:14 -------- d-----w- c:\program files\Common Files\Skype
2010-07-13 16:21 . 2010-07-13 16:21 -------- d-----w- c:\program files\Common Files\PCSuite
2010-07-13 16:21 . 2010-07-13 16:21 -------- d-----w- c:\program files\Common Files\Nokia
2010-07-13 16:18 . 2010-07-13 16:18 -------- d-----w- c:\program files\DIFX
2010-07-13 16:18 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-07-13 16:18 . 2010-07-13 16:18 -------- d-----w- c:\program files\PC Connectivity Solution
2010-07-13 16:18 . 2010-02-26 12:32 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-07-13 16:18 . 2010-02-26 12:32 22528 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-07-13 16:18 . 2010-02-26 12:32 662016 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-07-13 16:18 . 2010-02-26 12:32 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-07-13 16:18 . 2010-02-26 12:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-05 10:21 . 2010-06-07 14:29 -------- d-----w- c:\program files\DScaler
2010-08-05 09:49 . 2010-06-07 13:21 -------- d-----w- c:\program files\Driver Genius
2010-08-04 14:54 . 2006-01-24 17:45 -------- d-----w- c:\program files\CCleaner
2010-08-02 17:45 . 2001-10-25 12:00 47410 ----a-w- c:\windows\system32\perfc005.dat
2010-08-02 17:45 . 2001-10-25 12:00 312606 ----a-w- c:\windows\system32\perfh005.dat
2010-07-27 10:33 . 2010-03-29 22:08 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-07-15 14:13 . 2005-09-15 19:28 -------- d-----w- c:\program files\Skype
2010-07-13 16:30 . 2010-07-13 16:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-07-13 16:30 . 2010-07-13 16:30 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-07-13 16:29 . 2010-07-13 16:29 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-07-13 16:29 . 2010-07-13 16:29 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-13 16:21 . 2008-02-12 00:01 -------- d-----w- c:\program files\Nokia
2010-07-13 03:03 . 2010-03-20 03:45 -------- d-----w- c:\program files\Burn4Free
2010-07-12 03:19 . 2010-07-12 03:19 113322 ----a-w- c:\program files\_JPOD, 6. dub 1931.sav
2010-07-07 15:35 . 2010-03-25 09:14 -------- d-----w- c:\program files\ICQ7.1
2010-07-01 14:05 . 2007-12-09 15:24 -------- d-----w- c:\program files\GRETECH
2010-06-28 20:57 . 2010-06-29 06:07 38848 ----a-w- c:\windows\avastSS.scr
2010-06-28 20:57 . 2010-04-28 13:25 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 20:37 . 2010-04-28 13:25 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 20:37 . 2010-04-28 13:25 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 20:33 . 2010-04-28 13:25 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 20:32 . 2010-04-28 13:25 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 20:32 . 2010-04-28 13:25 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 20:32 . 2010-04-28 13:25 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 20:32 . 2010-04-28 13:25 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-24 15:25 . 2004-04-01 20:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-23 14:48 . 2010-06-23 14:48 -------- d-----w- c:\program files\Common Files\ArcSoft
2010-06-23 14:48 . 2010-06-23 14:48 -------- d-----w- c:\program files\Common Files\Ulead Systems
2010-06-23 14:48 . 2010-06-23 14:47 -------- d-----w- c:\program files\WinFast
2010-06-23 14:48 . 2010-06-23 14:48 -------- d-----w- c:\program files\Windows Sidebar
2010-06-23 14:41 . 2010-06-23 14:41 -------- d-----w- c:\program files\Leadtek Research Inc
2010-06-23 13:50 . 2010-06-23 13:50 -------- d-----w- c:\program files\win fst
2010-06-23 13:36 . 2010-06-07 13:58 -------- d-----w- c:\program files\ChrisTV PVR
2010-06-14 15:47 . 2010-06-13 20:29 -------- d-----w- c:\program files\LifeView MVP
2010-06-12 19:55 . 2010-03-01 17:20 -------- d-----w- c:\program files\Ashampoo
2010-06-08 10:08 . 2010-06-08 10:08 -------- d-----w- c:\program files\Common Files\NacreWare
2010-06-08 10:08 . 2010-06-08 10:08 -------- d-----w- c:\program files\AMC2000
2010-06-07 14:02 . 2010-05-05 10:16 4456 ----a-w- c:\windows\system32\d3d9caps.dat
2008-08-18 08:37 . 2008-08-18 08:37 2405 ----a-w- c:\program files\Přečti si!.txt
.

((((((((((((((((((((((((((((( SnapShot@2010-08-04_14.46.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-08-11 15:57 . 2008-04-13 23:09 4992 c:\windows\system32\dllcache\mspqm.sys
+ 2010-03-19 20:37 . 2008-04-13 20:09 142592 c:\windows\$NtServicePackUninstall$\aec.sys
+ 2006-02-15 00:30 . 2008-04-13 20:09 142592 c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="c:\program files\Seznam.cz\postak.exe" [2010-03-01 451224]
"WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2010-03-25 2924544]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-10-31 185872]
"WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2010-04-07 79360]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ7.1\ICQ.exe" silent loginmode=4
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"SoundMan"=SOUNDMAN.EXE
"WinampAgent"=c:\program files\Winamp\winampa.exe
"DTVRemote"="c:\program files\LifeView MVP\RemoteControl.exe"
"ChrisTV Agent"="c:\program files\ChrisTV PVR\ChrisTV_Agent.exe" /SILENT

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\DVBTAP.exe"=
"c:\\Program Files\\WinFast\\WFDTV\\LiveUpdate\\LiveUpdate.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\Bohuslav\\Plocha\\Skype.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [28.4.2010 15:25 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [28.4.2010 15:25 17744]
R2 BT848;WinFast TV2000 XP WDM Video Capture;c:\windows\system32\drivers\wf2kvcap.sys [23.6.2010 16:41 59776]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [25.3.2010 11:28 246520]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [25.2.2010 10:59 1047880]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;c:\windows\system32\drivers\wf2ktunr.sys [23.6.2010 16:41 19456]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;c:\windows\system32\drivers\wf2kXbar.sys [23.6.2010 16:41 9600]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [25.2.2010 10:18 10064]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.8.2007 22:37 685816]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.inbox.com/homepage.aspx?tbid=80096&lng=cs
uInternet Settings,ProxyServer = 192.168.200.221:3128
IE: &ICQ Toolbar Search - c:\progra~1\ICQTOO~1\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\translat\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\translat\WEBIE.DLL
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://portal.mpsv.cz/sz/obcane/vmjedno
FF - component: c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Bohuslav\Data aplikací\Mozilla\Firefox\Profiles\qnbnrney.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\RadioWMPCore.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-06 23:12
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\ASFWHide]
"ImagePath"="\??\c:\docume~1\Bohuslav\LOCALS~1\Temp\ASFWHide"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG06.00.00.01WORKSTATION"="BEDF0E162D592E52B7BAEC663700D6CC162A0B998B7A3A05471626057DE6BF7A1F7FCC5C48F133D3934FD843F437292DC3433D6109AAB1FD52E1A112079E5E888C014FFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808FEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D140700F9F580EE9F7A3F509BB07F5125FBB180A42937C0B26B9F8A1A02A1A309A0A413872200E3F2285D9B7BB1595FEEC2CCB7D8A957E9A7011FD7F8F360E03868AFA89B16944ECBA769F4A7718F997FDE75A9B815FB4C2178315904157763308C00590683492FBED5686E05E1E7CB913E7A035D3BC71E9FEF9372A8BB06E8577D64E629E15AEE3597D1420ABB5BA532D5A394743892F6768CF7AE6A7FE29464B018337CEABAD8EED113CAC4F99A3CC69DA7543E65E8D54EF6843BDEBE15EB642250458A9C8E1CFB708A08D45A0787048FB5DB90E3881AA2DCD26A301A59DA39CCB24773B9AF4C42608C9DEEE0B66575ABEBE55618E58BC16D72311DF5A0AE96355C09EA472B617C96E1545BD4F514F9F663D389AAA9D2515EE3AAF6FB0E98865E59FDB7904435B688C418F541C138C3F8212BBD062C7C48671E14A5997CB164522FBAB5A3EE0855B068F7AE74CD5BDABBA49498DB017AF2460BCFA18076F26220D4FB5251D47E0C8E6DA90A037E6A9850DDDD519F6821703B87E37AA4BDBA84D8332193B0541EE4236E82A0C270B3ACCA3276B60ADBABB48A66F8524046CB23912CAA8E1C7E53BEF6F57F1F5072ED9941FA74A91706B7887CEEDDDF4FB94C6C641042EE32186CCA130440C50A8430364F848F9F8647C4855FD8846B1471465FEE27B0F3D49C9E8D870E8AE613DFF5AC1690A522DBB0399D02D383D59382A8D1D2ACE67228B78063657AC3ECD26DA17CB8D3B74D600D5E92B981920F16ADC66B3550F5CF194B0C7745267853734DF6785E7769D4A0D6617EDF77121F296D552BC0B2150854ED234DC0615A2B65509D47339705FAEBBCD44BD040029F1E6DEEDF236D202A4C6887B976EFBB18DB7DA2E36646779A5622ACBA6C5A0ABD8A0E932F8C0A15DA37376166890993524D10761D2C885020389F435E9736F23EC6652391B38897CF8F0DBBD29FD900A5F3F4EC143BD6C58E2E80D41EBB3BA975F03AE6D4D25BEDD3135006CEE402BF735051BEC1509F307998C384B74543424EE90A8798A5E883C7449893010715B62F26F888EFAB428C0B1A9CD6B8241C7147D50592D0F00DE61F68359C63381CEC61FAF7CABD8E147B001C73B387CD8791719E107CC77717CBDE8AA5BAC2AF118E261B8C691E435EC1AA4AE36B59B93B207571C29A1A834987A479A1EE422867EAAE15A82ED6135E4A6F153D2DBB66E23F0BBFE9A7B863DA951F45129C56E07FF53E3CF343"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(660)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-08-06 23:16:29
ComboFix-quarantined-files.txt 2010-08-06 21:16
ComboFix2.txt 2010-08-06 19:41
ComboFix3.txt 2010-08-06 14:53
ComboFix4.txt 2010-08-06 08:59
ComboFix5.txt 2010-08-06 20:59

Před spuštěním: Volných bajtů: 29 608 181 760
Po spuštění: Volných bajtů: 29 587 701 760

- - End Of File - - A4EBFE913EDCC255155EECCCF662990A

#63 Příspěvek od **motji** » 06 srp 2010 23:07

Vy máte v počítači asi šotka

, ten skript se prostě neprovedl

.
Takže znovu

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše


Folder::
C:\Program Files\Spybot - Search & Destroy
C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
C:\aec.sys
C:\Nová složka

File::
c:\program files\PC Tools Firewall Plus_40045_cz.exe

SecCenter::
FW: Kerio Personal Firewall *disabled* {CB8DE467-2367-41d1-87BA-D0AE12284F9A}

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

#64 Příspěvek od **motji** » 06 srp 2010 23:27

Tak to se omlouvám, tento log jsem neviděla

.
Je to v pořádku

. uklidíme, doladíme

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

holvyy · #65 Příspěvek od **holvyy** » 07 srp 2010 10:02

Logfile of random's system information tool 1.08 (written by random/random)
Run by Bohuslav at 2010-08-07 11:00:55
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 29 GB (38%) free of 76 GB
Total RAM: 767 MB (41% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WEBIE.DLL [2004-11-17 360448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-21 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - C:\Program Files\Seznam.cz\core.2.dll [2010-03-01 1107608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLAT\WEBIE.DLL [2004-11-17 360448]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-10-31 185872]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2010-04-07 79360]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-08-07 2176512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"=C:\Program Files\Seznam.cz\postak.exe [2010-03-01 451224]
"WinFast Schedule"=C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2010-03-25 2924544]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-08-07 3037696]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\WinFast\WFDTV\DVBTAP.exe"="C:\Program Files\WinFast\WFDTV\DVBTAP.exe:*:Enabled:WinFast DTV Application"
"C:\Program Files\WinFast\WFDTV\LiveUpdate\LiveUpdate.exe"="C:\Program Files\WinFast\WFDTV\LiveUpdate\LiveUpdate.exe:*:Enabled:WF LiveUpdate Application"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Documents and Settings\Bohuslav\Plocha\Skype.exe"="C:\Documents and Settings\Bohuslav\Plocha\Skype.exe:*:Enabled:Skype. Take a deep breath "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-08-07 11:00:55 ----D---- C:\rsit
2010-08-07 00:02:58 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2010-08-07 00:02:56 ----D---- C:\Documents and Settings\Bohuslav\Data aplikací\Spyware Terminator
2010-08-07 00:02:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-08-07 00:02:47 ----D---- C:\Program Files\Spyware Terminator
2010-08-06 23:18:40 ----SHD---- C:\RECYCLER
2010-08-06 23:16:33 ----D---- C:\WINDOWS\temp
2010-08-05 23:11:43 ----SHD---- C:\WINDOWS\CSC
2010-08-05 12:20:57 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2010-08-04 22:23:24 ----D---- C:\Documents and Settings\Bohuslav\Data aplikací\Malwarebytes
2010-08-04 22:23:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-08-04 22:23:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-04 00:00:47 ----A---- C:\Boot.bak
2010-08-04 00:00:40 ----RASHD---- C:\cmdcons
2010-08-03 23:52:41 ----D---- C:\WINDOWS\ERDNT
2010-08-03 15:29:10 ----D---- C:\Program Files\trend micro
2010-08-03 03:50:28 ----A---- C:\WINDOWS\system32\drivers\lbrtfdc.sys
2010-08-03 03:50:18 ----A---- C:\WINDOWS\system32\drivers\i2omgmt.sys
2010-08-03 03:50:10 ----A---- C:\WINDOWS\system32\drivers\Changer.sys
2010-07-15 16:14:16 ----D---- C:\Program Files\Common Files\Skype
2010-07-13 18:30:14 ----HDC---- C:\WINDOWS\$NtUninstallWudf01009$
2010-07-13 18:29:16 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2010-07-13 18:21:17 ----D---- C:\Program Files\Common Files\PCSuite
2010-07-13 18:21:03 ----D---- C:\Program Files\Common Files\Nokia
2010-07-13 18:18:59 ----D---- C:\Program Files\DIFX
2010-07-13 18:18:57 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-07-13 18:18:41 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-13 18:18:27 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2010-07-13 18:18:24 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2010-07-13 18:18:23 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-07-13 18:18:23 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-07-13 18:18:23 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys

======List of files/folders modified in the last 1 months======

2010-08-07 11:00:56 ----D---- C:\Documents and Settings\Bohuslav\Data aplikací\Skype
2010-08-07 11:00:48 ----D---- C:\WINDOWS\system32
2010-08-07 11:00:43 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-07 10:27:47 ----D---- C:\WINDOWS
2010-08-07 10:27:47 ----A---- C:\WINDOWS\TRNCOM.INI
2010-08-07 10:20:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-07 00:52:23 ----RD---- C:\Program Files
2010-08-07 00:46:47 ----D---- C:\WINDOWS\system32\drivers
2010-08-07 00:45:00 ----SHD---- C:\System Volume Information
2010-08-07 00:45:00 ----D---- C:\WINDOWS\system32\Restore
2010-08-06 23:12:51 ----A---- C:\WINDOWS\system.ini
2010-08-06 23:12:34 ----D---- C:\WINDOWS\system32\drivers\etc
2010-08-06 23:09:00 ----D---- C:\WINDOWS\AppPatch
2010-08-06 23:08:53 ----D---- C:\Program Files\Common Files
2010-08-06 22:44:40 ----SHD---- C:\WINDOWS\Installer
2010-08-06 22:44:36 ----D---- C:\WINDOWS\Help
2010-08-06 21:29:05 ----D---- C:\WINDOWS\system32\config
2010-08-06 21:20:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-06 21:20:51 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-08-06 21:17:35 ----D---- C:\WINDOWS\Prefetch
2010-08-05 12:24:11 ----D---- C:\Documents and Settings\Bohuslav\Data aplikací\Vso
2010-08-05 12:21:46 ----D---- C:\Program Files\DScaler
2010-08-05 11:49:23 ----D---- C:\Program Files\Driver Genius
2010-08-04 16:54:55 ----D---- C:\Program Files\CCleaner
2010-08-04 00:00:47 ----RASH---- C:\boot.ini
2010-08-02 19:45:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-01 22:32:51 ----D---- C:\WinFast WorkArea
2010-07-28 13:31:17 ----SD---- C:\WINDOWS\Tasks
2010-07-27 22:10:00 ----SD---- C:\Documents and Settings\Bohuslav\Data aplikací\Microsoft
2010-07-27 13:11:16 ----A---- C:\WINDOWS\cdplayer.ini
2010-07-27 12:33:19 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-07-25 08:13:24 ----D---- C:\Program Files\Mozilla Firefox
2010-07-19 18:32:22 ----D---- C:\Documents and Settings\Bohuslav\Data aplikací\ICQ
2010-07-15 16:13:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-07-15 16:13:26 ----D---- C:\Program Files\Skype
2010-07-13 18:30:44 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-07-13 18:30:29 ----HD---- C:\WINDOWS\inf
2010-07-13 18:30:07 ----D---- C:\Documents and Settings\Bohuslav\Data aplikací\Nokia
2010-07-13 18:29:58 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-07-13 18:29:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2010-07-13 18:21:49 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-13 18:21:06 ----D---- C:\Program Files\Nokia
2010-07-13 18:18:57 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-13 18:16:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-07-13 05:03:15 ----D---- C:\Program Files\Burn4Free

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\System32\DRIVERS\agp440.sys [2008-04-14 42368]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [2006-08-25 36528]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-06-28 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-04-14 225664]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-06-28 100176]
R2 BT848;WinFast TV2000 XP WDM Video Capture; C:\WINDOWS\system32\drivers\wf2kvcap.sys [2006-04-20 59776]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner; C:\WINDOWS\system32\drivers\wf2ktunr.sys [2006-04-20 19456]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar; C:\WINDOWS\system32\drivers\wf2kxbar.sys [2006-04-20 9600]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-14 404736]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-21 462940]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-06-28 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 EL90X;3Com EtherLink XL 90X Adapter Driver; C:\WINDOWS\System32\DRIVERS\el90xnd5.sys [2001-10-24 153631]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-03-01 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 ASFWHide;ASFWHide; \??\C:\DOCUME~1\Bohuslav\LOCALS~1\Temp\ASFWHide []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 DSDrv4;DSDrv4; \??\C:\PROGRA~1\DScaler\DSDrv4.sys []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 hcwPVRP2;Hauppauge WinTV-PVR PCI II (Encoder-16); C:\WINDOWS\system32\DRIVERS\hcwPVRP2.sys [2005-09-15 824512]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\System32\DRIVERS\sermouse.sys [2001-10-25 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20050610.011\symidsco.sys []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\System32\DRIVERS\usbser.sys [2008-04-14 26112]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmHidLo;Logitech WingMan USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2004-04-14 14432]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-08-27 685816]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2006-11-10 99936]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-08-07 488960]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-21 153376]
S2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-03-30 435016]

-----------------EOF-----------------

#66 Příspěvek od **motji** » 07 srp 2010 10:05

Log je v pořádku.

Ještě popřemýšlejte nad firewallem.
Jestli nejsou problémy, je to vše

holvyy · #67 Příspěvek od **holvyy** » 07 srp 2010 10:14

Vřele děkuji,jsem rád že jsem zaregistrovaný na Vašem fóru,vždy když jsem měl problém jsem ho s Vaší pomocí odstranili a jako samouk na PC jsem se taky od Vas dostal mnohé cenné rady.Když jsem prišel na fórum s popsl.problémam podivil jsem se
ejhle radkyně.Jsem však rád že se tak stalo bylo to pro mě nejpříjemnější řešení problemu na tomto fóru.
Mockrát děkuji

#68 Příspěvek od **motji** » 07 srp 2010 10:20

Není zač

.
Kdyby byli problémy, zase se ozěvte.
Hezký víkend

VIRY.CZ

Prosím o RADU

Re: Prosím o RADU

Re: Prosím o RADU

Re: Prosím o RADU

Re: Prosím o RADU

Re: Prosím o RADU

Re: Prosím o RADU

Re: Prosím o RADU

Re: Prosím o RADU