Zdravim.
Řeším u známé PC, kde se po spuštění zobrzuje tabulka s tím, že činnost systemu Windows byla obnovena po závažné chybě. (pravděpodobně virus...)
Logy:
RSIT
Logfile of random's system information tool 1.06 (written by random/random)
Run by Romca at 2009-08-02 15:18:39
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (6%) free of 26 GB
Total RAM: 1024 MB (64% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL [2009-07-10 65536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2009-07-10 434271]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-13 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-13 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-13 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2009-07-10 434271]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TWCU"=C:\Program Files\TP-LINK\TWCU\TWCU.exe [2006-03-29 364544]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-13 136600]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-07-01 1447168]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2009-01-13 111928]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"MyWebSearch Plugin"=rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF []
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe [2009-07-10 24688]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [2009-07-10 32838]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"nodenable"=C:\Program Files\eset\nodenable.exe [2008-09-22 326829]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [2009-07-10 32838]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2009-08-02 15:18:40 ----D---- C:\Program Files\trend micro
2009-08-02 15:18:39 ----D---- C:\rsit
2009-07-10 19:00:37 ----D---- C:\Program Files\FunWebProducts
2009-07-10 19:00:34 ----D---- C:\Program Files\MyWebSearch
======List of files/folders modified in the last 1 months======
2009-08-02 15:18:40 ----RD---- C:\Program Files
2009-08-02 15:18:36 ----A---- C:\WINDOWS\wincmd.ini
2009-08-02 15:18:24 ----D---- C:\WINDOWS\Prefetch
2009-08-02 15:16:54 ----D---- C:\WINDOWS\system32\CatRoot2
2009-08-02 15:10:47 ----D---- C:\WINDOWS\Temp
2009-08-02 15:08:59 ----D---- C:\WINDOWS\system32\config
2009-08-02 15:08:45 ----D---- C:\WINDOWS\system32\wbem
2009-08-02 15:08:44 ----D---- C:\WINDOWS\Registration
2009-08-02 15:08:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-08-02 15:08:06 ----D---- C:\WINDOWS\system32\Restore
2009-08-02 15:02:27 ----A---- C:\WINDOWS\ntbtlog.txt
2009-08-02 15:00:19 ----D---- C:\Program Files\Mozilla Firefox
2009-08-02 14:55:40 ----D---- C:\Documents and Settings
2009-08-02 14:51:43 ----D---- C:\WINDOWS
2009-08-02 14:48:41 ----D---- C:\WINDOWS\Minidump
2009-07-24 18:40:55 ----A---- C:\WINDOWS\DUMP5321.tmp
2009-07-24 18:39:13 ----A---- C:\WINDOWS\DUMP51ac.tmp
2009-07-24 18:38:23 ----A---- C:\WINDOWS\DUMP5515.tmp
2009-07-24 18:32:32 ----A---- C:\WINDOWS\DUMP5063.tmp
2009-07-24 18:28:46 ----A---- C:\WINDOWS\DUMP5073.tmp
2009-07-24 16:37:20 ----A---- C:\WINDOWS\DUMP5b5e.tmp
2009-07-17 21:39:10 ----A---- C:\WINDOWS\DUMP610b.tmp
2009-07-17 21:37:16 ----A---- C:\WINDOWS\DUMP5d92.tmp
2009-07-17 21:36:22 ----A---- C:\WINDOWS\DUMP6273.tmp
2009-07-17 21:00:35 ----A---- C:\WINDOWS\DUMP6282.tmp
2009-07-17 20:58:17 ----A---- C:\WINDOWS\DUMP6f25.tmp
2009-07-17 20:30:47 ----A---- C:\WINDOWS\DUMP608f.tmp
2009-07-17 20:23:06 ----A---- C:\WINDOWS\DUMP61b7.tmp
2009-07-17 20:22:11 ----A---- C:\WINDOWS\DUMP61d7.tmp
2009-07-17 20:20:12 ----A---- C:\WINDOWS\DUMP608e.tmp
2009-07-17 20:19:17 ----A---- C:\WINDOWS\DUMP5ef9.tmp
2009-07-17 20:17:12 ----A---- C:\WINDOWS\DUMP5f18.tmp
2009-07-17 20:16:17 ----A---- C:\WINDOWS\DUMP6179.tmp
2009-07-17 20:14:24 ----A---- C:\WINDOWS\DUMP60ed.tmp
2009-07-17 20:13:30 ----A---- C:\WINDOWS\DUMP5ff3.tmp
2009-07-17 20:12:34 ----A---- C:\WINDOWS\DUMP5fc3.tmp
2009-07-17 19:41:15 ----A---- C:\WINDOWS\DUMP5c6a.tmp
2009-07-17 19:39:54 ----A---- C:\WINDOWS\DUMP60bd.tmp
2009-07-17 19:38:57 ----A---- C:\WINDOWS\DUMP5c98.tmp
2009-07-17 19:37:36 ----A---- C:\WINDOWS\DUMP60ae.tmp
2009-07-17 19:35:19 ----A---- C:\WINDOWS\DUMP5db1.tmp
2009-07-17 19:32:36 ----A---- C:\WINDOWS\DUMP5d16.tmp
2009-07-17 19:31:15 ----A---- C:\WINDOWS\DUMP5d15.tmp
2009-07-17 19:29:52 ----A---- C:\WINDOWS\DUMP5da1.tmp
2009-07-17 19:28:58 ----A---- C:\WINDOWS\DUMP5f85.tmp
2009-07-17 19:20:48 ----A---- C:\WINDOWS\DUMP5c69.tmp
2009-07-17 19:19:27 ----A---- C:\WINDOWS\DUMP5ca6.tmp
2009-07-17 19:18:33 ----A---- C:\WINDOWS\DUMP5e0f.tmp
2009-07-17 19:16:42 ----A---- C:\WINDOWS\DUMP5e00.tmp
2009-07-17 19:14:04 ----A---- C:\WINDOWS\DUMP5ebd.tmp
2009-07-17 19:11:48 ----A---- C:\WINDOWS\DUMP5ce5.tmp
2009-07-17 19:10:54 ----A---- C:\WINDOWS\DUMP5dff.tmp
2009-07-17 19:10:00 ----A---- C:\WINDOWS\DUMP5d44.tmp
2009-07-17 19:09:06 ----A---- C:\WINDOWS\DUMP5d65.tmp
2009-07-17 19:06:22 ----A---- C:\WINDOWS\DUMP5d91.tmp
2009-07-17 19:05:28 ----A---- C:\WINDOWS\DUMP5e6b.tmp
2009-07-17 19:04:33 ----A---- C:\WINDOWS\DUMP5e3f.tmp
2009-07-17 18:35:32 ----A---- C:\WINDOWS\DUMP6011.tmp
2009-07-17 18:30:31 ----A---- C:\WINDOWS\DUMP5fd3.tmp
2009-07-17 18:28:38 ----A---- C:\WINDOWS\DUMP6040.tmp
2009-07-17 18:27:16 ----A---- C:\WINDOWS\DUMP5e2f.tmp
2009-07-17 18:26:22 ----A---- C:\WINDOWS\DUMP5ebc.tmp
2009-07-17 18:25:29 ----A---- C:\WINDOWS\DUMP5ff2.tmp
2009-07-17 18:21:37 ----A---- C:\WINDOWS\DUMP5d23.tmp
2009-07-17 18:20:16 ----A---- C:\WINDOWS\DUMP5c87.tmp
2009-07-17 18:18:55 ----A---- C:\WINDOWS\DUMP5bec.tmp
2009-07-17 18:16:41 ----A---- C:\WINDOWS\DUMP5d33.tmp
2009-07-17 18:15:21 ----A---- C:\WINDOWS\DUMP5c29.tmp
2009-07-17 18:10:55 ----A---- C:\WINDOWS\DUMP5e9a.tmp
2009-07-17 18:10:02 ----A---- C:\WINDOWS\DUMP5de0.tmp
2009-07-17 18:09:08 ----A---- C:\WINDOWS\DUMP5c49.tmp
2009-07-17 18:06:54 ----A---- C:\WINDOWS\DUMP5e2e.tmp
2009-07-17 18:06:00 ----A---- C:\WINDOWS\DUMP5eda.tmp
2009-07-17 18:03:41 ----A---- C:\WINDOWS\DUMP5dfe.tmp
2009-07-17 18:02:47 ----A---- C:\WINDOWS\DUMP5ddf.tmp
2009-07-17 18:01:53 ----A---- C:\WINDOWS\DUMP5ed9.tmp
2009-07-17 18:00:59 ----A---- C:\WINDOWS\DUMP5ead.tmp
2009-07-17 18:00:04 ----A---- C:\WINDOWS\DUMP5da0.tmp
2009-07-17 17:58:41 ----A---- C:\WINDOWS\DUMP5eac.tmp
2009-07-17 17:57:45 ----A---- C:\WINDOWS\DUMP5ee8.tmp
2009-07-17 17:56:49 ----A---- C:\WINDOWS\DUMP5d64.tmp
2009-07-17 17:55:28 ----A---- C:\WINDOWS\DUMP5e0e.tmp
2009-07-17 17:54:33 ----A---- C:\WINDOWS\DUMP5ebb.tmp
2009-07-17 17:52:38 ----A---- C:\WINDOWS\DUMP5d14.tmp
2009-07-17 17:51:17 ----A---- C:\WINDOWS\DUMP5d53.tmp
2009-07-17 17:49:56 ----A---- C:\WINDOWS\DUMP5d04.tmp
2009-07-17 17:48:35 ----A---- C:\WINDOWS\DUMP5cf4.tmp
2009-07-17 17:47:12 ----A---- C:\WINDOWS\DUMP5ef8.tmp
2009-07-17 17:44:54 ----A---- C:\WINDOWS\DUMP5eab.tmp
2009-07-17 17:43:59 ----A---- C:\WINDOWS\DUMP5e8b.tmp
2009-07-17 17:43:05 ----A---- C:\WINDOWS\DUMP5e2d.tmp
2009-07-17 17:42:11 ----A---- C:\WINDOWS\DUMP5eca.tmp
2009-07-17 17:41:16 ----A---- C:\WINDOWS\DUMP5eaa.tmp
2009-07-17 16:49:04 ----A---- C:\WINDOWS\DUMP639c.tmp
2009-07-17 16:27:27 ----A---- C:\WINDOWS\DUMP57a7.tmp
2009-07-17 16:26:06 ----A---- C:\WINDOWS\DUMP5798.tmp
2009-07-17 16:23:56 ----A---- C:\WINDOWS\DUMP5788.tmp
2009-07-17 16:22:37 ----A---- C:\WINDOWS\DUMP5797.tmp
2009-07-17 16:18:41 ----A---- C:\WINDOWS\DUMP56fd.tmp
2009-07-17 16:10:49 ----A---- C:\WINDOWS\DUMP572a.tmp
2009-07-17 16:09:31 ----A---- C:\WINDOWS\DUMP58ce.tmp
2009-07-17 16:08:38 ----A---- C:\WINDOWS\DUMP56fc.tmp
2009-07-17 16:06:01 ----A---- C:\WINDOWS\DUMP59f7.tmp
2009-07-17 16:05:08 ----A---- C:\WINDOWS\DUMP58b2.tmp
2009-07-17 16:03:23 ----A---- C:\WINDOWS\DUMP57e6.tmp
2009-07-17 15:58:07 ----A---- C:\WINDOWS\DUMP58ef.tmp
2009-07-17 15:57:15 ----A---- C:\WINDOWS\DUMP57a6.tmp
2009-07-17 15:55:56 ----A---- C:\WINDOWS\DUMP5d52.tmp
2009-07-17 15:50:19 ----A---- C:\WINDOWS\DUMP5815.tmp
2009-07-17 15:48:59 ----A---- C:\WINDOWS\DUMP57c6.tmp
2009-07-17 15:47:40 ----A---- C:\WINDOWS\DUMP5796.tmp
2009-07-17 15:46:22 ----A---- C:\WINDOWS\DUMP5832.tmp
2009-07-17 15:45:02 ----A---- C:\WINDOWS\DUMP56dc.tmp
2009-07-17 15:43:43 ----A---- C:\WINDOWS\DUMP57e5.tmp
2009-07-17 15:42:24 ----A---- C:\WINDOWS\DUMP57b9.tmp
2009-07-17 15:40:14 ----A---- C:\WINDOWS\DUMP5768.tmp
2009-07-17 15:38:56 ----A---- C:\WINDOWS\DUMP5841.tmp
2009-07-17 15:38:03 ----A---- C:\WINDOWS\DUMP590f.tmp
2009-07-17 15:35:53 ----A---- C:\WINDOWS\DUMP5866.tmp
2009-07-17 15:33:41 ----A---- C:\WINDOWS\DUMP596c.tmp
2009-07-17 15:32:49 ----A---- C:\WINDOWS\DUMP58be.tmp
2009-07-17 15:30:38 ----A---- C:\WINDOWS\DUMP59ca.tmp
2009-07-17 15:27:36 ----A---- C:\WINDOWS\DUMP588f.tmp
2009-07-17 15:26:43 ----A---- C:\WINDOWS\DUMP57f5.tmp
2009-07-17 15:25:23 ----A---- C:\WINDOWS\DUMP5851.tmp
2009-07-17 15:24:30 ----A---- C:\WINDOWS\DUMP59b9.tmp
2009-07-17 15:23:38 ----A---- C:\WINDOWS\DUMP595b.tmp
2009-07-17 15:22:45 ----A---- C:\WINDOWS\DUMP58b1.tmp
2009-07-17 15:18:23 ----A---- C:\WINDOWS\DUMP58b0.tmp
2009-07-17 15:17:31 ----A---- C:\WINDOWS\DUMP590e.tmp
2009-07-17 15:16:39 ----A---- C:\WINDOWS\DUMP590d.tmp
2009-07-17 15:15:46 ----A---- C:\WINDOWS\DUMP5f94.tmp
2009-07-17 15:14:49 ----A---- C:\WINDOWS\DUMP590c.tmp
2009-07-17 15:11:41 ----A---- C:\WINDOWS\DUMP5814.tmp
2009-07-17 15:10:49 ----A---- C:\WINDOWS\DUMP58ee.tmp
2009-07-17 15:09:57 ----A---- C:\WINDOWS\DUMP5eba.tmp
2009-07-17 15:08:59 ----A---- C:\WINDOWS\DUMP596b.tmp
2009-07-17 15:08:05 ----A---- C:\WINDOWS\DUMP5813.tmp
2009-07-17 15:07:12 ----A---- C:\WINDOWS\DUMP596a.tmp
2009-07-17 15:03:58 ----A---- C:\WINDOWS\DUMP5ec9.tmp
2009-07-17 12:40:21 ----A---- C:\WINDOWS\DUMP5803.tmp
2009-07-17 12:39:18 ----A---- C:\WINDOWS\DUMP58fd.tmp
2009-07-17 11:48:21 ----A---- C:\WINDOWS\DUMP571a.tmp
2009-07-17 11:47:30 ----A---- C:\WINDOWS\DUMP56db.tmp
2009-07-17 11:46:23 ----A---- C:\WINDOWS\DUMP5b7d.tmp
2009-07-17 11:45:31 ----A---- C:\WINDOWS\DUMP560f.tmp
2009-07-17 11:42:53 ----A---- C:\WINDOWS\DUMP5564.tmp
2009-07-17 11:40:15 ----A---- C:\WINDOWS\DUMP5600.tmp
2009-07-17 11:37:38 ----A---- C:\WINDOWS\DUMP56fb.tmp
2009-07-17 11:36:47 ----A---- C:\WINDOWS\DUMP55d1.tmp
2009-07-17 11:35:28 ----A---- C:\WINDOWS\DUMP5719.tmp
2009-07-17 11:34:35 ----A---- C:\WINDOWS\DUMP5739.tmp
2009-07-17 11:32:10 ----A---- C:\WINDOWS\DUMP56ca.tmp
2009-07-17 11:31:19 ----A---- C:\WINDOWS\DUMP5729.tmp
2009-07-17 11:28:41 ----A---- C:\WINDOWS\DUMP56fa.tmp
2009-07-17 11:27:49 ----A---- C:\WINDOWS\DUMP5718.tmp
2009-07-17 11:26:29 ----A---- C:\WINDOWS\DUMP565e.tmp
2009-07-17 11:25:36 ----A---- C:\WINDOWS\DUMP5757.tmp
2009-07-17 11:14:41 ----A---- C:\WINDOWS\DUMP5748.tmp
2009-07-17 11:13:49 ----A---- C:\WINDOWS\DUMP5865.tmp
2009-07-17 11:12:56 ----A---- C:\WINDOWS\DUMP56ea.tmp
2009-07-17 11:11:37 ----A---- C:\WINDOWS\DUMP57c5.tmp
2009-07-17 11:09:00 ----A---- C:\WINDOWS\DUMP5582.tmp
2009-07-17 11:07:41 ----A---- C:\WINDOWS\DUMP56f9.tmp
2009-07-17 11:06:22 ----A---- C:\WINDOWS\DUMP5767.tmp
2009-07-16 21:45:50 ----A---- C:\WINDOWS\DUMP5c97.tmp
2009-07-16 21:44:55 ----A---- C:\WINDOWS\DUMP5cb6.tmp
2009-07-16 21:41:03 ----A---- C:\WINDOWS\DUMP5a56.tmp
2009-07-16 21:38:35 ----A---- C:\WINDOWS\DUMP5c68.tmp
2009-07-16 21:37:41 ----A---- C:\WINDOWS\DUMP5af2.tmp
2009-07-15 13:13:08 ----A---- C:\WINDOWS\DUMP592c.tmp
2009-07-15 13:08:59 ----A---- C:\WINDOWS\DUMP5864.tmp
2009-07-15 13:07:10 ----A---- C:\WINDOWS\DUMP57e4.tmp
2009-07-14 19:33:02 ----A---- C:\WINDOWS\DUMP5091.tmp
2009-07-14 18:35:43 ----A---- C:\WINDOWS\DUMP51ab.tmp
2009-07-14 18:30:10 ----A---- C:\WINDOWS\DUMP51f8.tmp
2009-07-14 18:29:18 ----A---- C:\WINDOWS\DUMP52c3.tmp
2009-07-14 18:26:18 ----A---- C:\WINDOWS\DUMP5218.tmp
2009-07-14 18:25:27 ----A---- C:\WINDOWS\DUMP5311.tmp
2009-07-14 18:22:46 ----A---- C:\WINDOWS\DUMP5228.tmp
2009-07-14 18:21:55 ----A---- C:\WINDOWS\DUMP5023.tmp
2009-07-14 18:19:21 ----A---- C:\WINDOWS\DUMP5227.tmp
2009-07-14 18:18:31 ----A---- C:\WINDOWS\DUMP5217.tmp
2009-07-14 18:17:40 ----A---- C:\WINDOWS\DUMP5237.tmp
2009-07-14 18:15:33 ----A---- C:\WINDOWS\DUMP5042.tmp
2009-07-14 18:12:17 ----A---- C:\WINDOWS\DUMP5294.tmp
2009-07-14 18:09:10 ----A---- C:\WINDOWS\DUMP5246.tmp
2009-07-14 18:06:10 ----A---- C:\WINDOWS\DUMP52b4.tmp
2009-07-14 18:04:00 ----A---- C:\WINDOWS\DUMP52b3.tmp
2009-07-10 19:00:37 ----D---- C:\WINDOWS\system32
2009-07-06 19:35:35 ----A---- C:\WINDOWS\DUMP5236.tmp
2009-07-05 19:44:51 ----A---- C:\WINDOWS\DUMP5302.tmp
2009-07-05 19:43:59 ----A---- C:\WINDOWS\DUMP4f0a.tmp
2009-07-05 19:42:43 ----A---- C:\WINDOWS\DUMP5072.tmp
2009-07-05 19:41:25 ----A---- C:\WINDOWS\DUMP51aa.tmp
2009-07-05 19:39:18 ----A---- C:\WINDOWS\DUMP50a1.tmp
2009-07-05 19:38:00 ----A---- C:\WINDOWS\DUMP512e.tmp
2009-07-05 19:37:10 ----A---- C:\WINDOWS\DUMP5071.tmp
2009-07-05 19:35:50 ----A---- C:\WINDOWS\DUMP4f48.tmp
2009-07-05 19:34:34 ----A---- C:\WINDOWS\DUMP516c.tmp
2009-07-05 19:33:44 ----A---- C:\WINDOWS\DUMP50a0.tmp
2009-07-05 19:32:26 ----A---- C:\WINDOWS\DUMP4fe5.tmp
2009-07-05 19:30:19 ----A---- C:\WINDOWS\DUMP512d.tmp
2009-07-05 19:29:28 ----A---- C:\WINDOWS\DUMP517b.tmp
2009-07-05 19:27:20 ----A---- C:\WINDOWS\DUMP5062.tmp
2009-07-05 19:25:13 ----A---- C:\WINDOWS\DUMP4f39.tmp
2009-07-05 19:22:39 ----A---- C:\WINDOWS\DUMP4f68.tmp
2009-07-05 19:21:22 ----A---- C:\WINDOWS\DUMP5005.tmp
2009-07-05 19:20:06 ----A---- C:\WINDOWS\DUMP50cf.tmp
2009-07-05 19:17:59 ----A---- C:\WINDOWS\DUMP5052.tmp
2009-07-05 19:17:03 ----A---- C:\WINDOWS\DUMP516b.tmp
2009-07-05 19:14:55 ----A---- C:\WINDOWS\DUMP4efa.tmp
2009-07-05 19:11:05 ----A---- C:\WINDOWS\DUMP4f29.tmp
2009-07-05 19:08:29 ----A---- C:\WINDOWS\DUMP518c.tmp
2009-07-05 19:05:30 ----A---- C:\WINDOWS\DUMP50df.tmp
2009-07-05 19:03:23 ----A---- C:\WINDOWS\DUMP51e8.tmp
2009-07-05 19:00:21 ----A---- C:\WINDOWS\DUMP518b.tmp
2009-07-05 18:59:31 ----A---- C:\WINDOWS\DUMP5004.tmp
2009-07-05 18:56:09 ----A---- C:\WINDOWS\DUMP4e6e.tmp
2009-07-05 16:25:21 ----A---- C:\WINDOWS\DUMP5a36.tmp
2009-07-04 15:53:06 ----A---- C:\WINDOWS\DUMP5777.tmp
2009-07-04 13:22:43 ----A---- C:\WINDOWS\DUMP5534.tmp
2009-07-04 13:21:25 ----A---- C:\WINDOWS\DUMP55e0.tmp
2009-07-04 13:10:44 ----A---- C:\WINDOWS\DUMP56ab.tmp
2009-07-04 13:05:37 ----A---- C:\WINDOWS\DUMP55d0.tmp
2009-07-03 22:11:44 ----A---- C:\WINDOWS\DUMP5709.tmp
2009-07-03 21:57:32 ----A---- C:\WINDOWS\DUMP5728.tmp
2009-07-03 21:49:22 ----A---- C:\WINDOWS\DUMP569b.tmp
2009-07-03 21:48:30 ----A---- C:\WINDOWS\DUMP5812.tmp
2009-07-03 21:44:19 ----A---- C:\WINDOWS\DUMP59c9.tmp
2009-07-03 21:43:26 ----A---- C:\WINDOWS\DUMP59c8.tmp
2009-07-03 21:42:32 ----A---- C:\WINDOWS\DUMP594b.tmp
2009-07-03 21:41:38 ----A---- C:\WINDOWS\DUMP5a16.tmp
2009-07-03 21:40:44 ----A---- C:\WINDOWS\DUMP5ae2.tmp
2009-07-03 21:27:39 ----A---- C:\WINDOWS\DUMP5a35.tmp
2009-07-03 21:24:44 ----A---- C:\WINDOWS\DUMP5863.tmp
2009-07-03 21:23:50 ----A---- C:\WINDOWS\DUMP57d4.tmp
2009-07-03 21:21:57 ----A---- C:\WINDOWS\DUMP58a1.tmp
2009-07-03 21:18:46 ----A---- C:\WINDOWS\DUMP59b8.tmp
2009-07-03 20:06:05 ----A---- C:\WINDOWS\DUMP58ed.tmp
2009-07-03 20:04:13 ----A---- C:\WINDOWS\DUMP5880.tmp
2009-07-03 19:29:51 ----A---- C:\WINDOWS\DUMP54c7.tmp
2009-07-03 13:46:37 ----SHD---- C:\WINDOWS\Installer
2009-07-03 13:42:35 ----D---- C:\Program Files\rajce
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-07-01 53256]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-07-01 54280]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-01-12 21275]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-07-01 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-07-01 71688]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 atinrvxx;ATI WDM Rage Theater Video; C:\WINDOWS\system32\DRIVERS\atinrvxx.sys [2004-08-04 105984]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-07-01 30728]
R3 MVDCODEC;ATI WDM Specialized MVD Codec; C:\WINDOWS\system32\DRIVERS\atinmdxx.sys [2004-08-04 13824]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2003-08-04 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2003-08-04 11392]
S3 AR5211;TP-LINK Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2005-12-21 470048]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2003-09-04 41984]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 USBCM;Scientific-Atlanta USB Cable Modem Driver; C:\WINDOWS\system32\DRIVERS\Sacm2A.sys [2004-06-10 15429]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACS;TP-LINK Configuration Service; C:\WINDOWS\system32\acs.exe [2005-12-30 36864]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2008-07-14 468224]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-10-19 222456]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-13 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2005-05-11 225280]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [2009-07-10 28762]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-07-01 19200]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
-----------------EOF-----------------
A jeste z Combofixu:
ComboFix 09-08-01.06 - Romca 02.08.2009 15:22.1.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1024.664 [GMT 2:00]
Spuštěný z: c:\documents and settings\Romca\Plocha\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\FunWebProducts
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn-new.html
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\program files\FunWebProducts\Shared\Cache\WebfettiBtn-new.html
c:\program files\FunWebProducts\Shared\Cache\WebfettiBtn.html
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\1.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\1.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MSG.DLL
c:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Cache\000537FF
c:\program files\MyWebSearch\bar\Cache\000A2AD8.bin
c:\program files\MyWebSearch\bar\Cache\000A2E91.bin
c:\program files\MyWebSearch\bar\Cache\0021AE31
c:\program files\MyWebSearch\bar\Cache\0021AF89.bin
c:\program files\MyWebSearch\bar\Cache\0021B0E0.bin
c:\program files\MyWebSearch\bar\Cache\0021B219.bin
c:\program files\MyWebSearch\bar\Cache\0021B4D8.bin
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search3
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Message\COMMON\ask_logo.gif
c:\program files\MyWebSearch\bar\Message\COMMON\autoup.gif
c:\program files\MyWebSearch\bar\Message\COMMON\autoup.htm
c:\program files\MyWebSearch\bar\Message\COMMON\center.htm
c:\program files\MyWebSearch\bar\Message\COMMON\index.htm
c:\program files\MyWebSearch\bar\Message\COMMON\mid_dots.gif
c:\program files\MyWebSearch\bar\Message\COMMON\mws_logo.gif
c:\program files\MyWebSearch\bar\Message\COMMON\protect.htm
c:\program files\MyWebSearch\bar\Message\COMMON\shocked.gif
c:\program files\MyWebSearch\bar\Message\COMMON\stop.gif
c:\program files\MyWebSearch\bar\Message\COMMON\systray.htm
c:\program files\MyWebSearch\bar\Message\COMMON\systrayp.htm
c:\program files\MyWebSearch\bar\Message\COMMON\tp_grad.gif
c:\program files\MyWebSearch\bar\Message\COMMON\warn.gif
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\system32\AutoRun.inf
c:\windows\system32\f3PSSavr.scr
D:\AUTORUN.INF
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_MYWEBSEARCHSERVICE
-------\Service_MyWebSearchService
((((((((((((((((((((((((( Soubory vytvořené od 2009-07-02 do 2009-08-02 )))))))))))))))))))))))))))))))
.
2009-08-02 13:18 . 2009-08-02 13:18 -------- d-----w- c:\program files\trend micro
2009-08-02 13:18 . 2009-08-02 13:18 -------- d-----w- C:\rsit
2009-08-02 13:08 . 2009-08-02 13:08 -------- d-----w- c:\windows\system32\wbem\Repository
2009-08-02 12:55 . 2009-08-02 13:08 -------- d-s---w- c:\documents and settings\Administrator
2009-08-02 12:55 . 2009-08-02 13:08 -------- d-----w- c:\documents and settings\Administrator\Šablony
2009-08-02 12:55 . 2009-08-02 13:08 -------- d-----w- c:\documents and settings\Administrator\Data aplikací
2009-08-02 12:55 . 2009-04-13 13:36 -------- d-----w- c:\documents and settings\Administrator\Oblíbené položky
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-24 16:40 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5321.tmp
2009-07-24 16:39 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP51ac.tmp
2009-07-24 16:38 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5515.tmp
2009-07-24 16:32 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5063.tmp
2009-07-24 16:28 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5073.tmp
2009-07-24 14:37 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5b5e.tmp
2009-07-17 19:39 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP610b.tmp
2009-07-17 19:37 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5d92.tmp
2009-07-17 19:36 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP6273.tmp
2009-07-17 19:00 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP6282.tmp
2009-07-17 18:58 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP6f25.tmp
2009-07-17 18:30 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP608f.tmp
2009-07-17 18:23 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP61b7.tmp
2009-07-17 18:22 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP61d7.tmp
2009-07-17 18:20 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP608e.tmp
2009-07-17 18:19 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5ef9.tmp
2009-07-17 18:17 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5f18.tmp
2009-07-17 18:16 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP6179.tmp
2009-07-17 18:14 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP60ed.tmp
2009-07-17 18:13 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5ff3.tmp
2009-07-17 18:12 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5fc3.tmp
2009-07-17 17:41 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5c6a.tmp
2009-07-17 17:39 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP60bd.tmp
2009-07-17 17:38 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5c98.tmp
2009-07-17 17:37 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP60ae.tmp
2009-07-17 17:35 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5db1.tmp
2009-07-17 17:32 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5d16.tmp
2009-07-17 17:31 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5d15.tmp
2009-07-17 17:29 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5da1.tmp
2009-07-17 17:28 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5f85.tmp
2009-07-17 17:20 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5c69.tmp
2009-07-17 17:19 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5ca6.tmp
2009-07-17 17:18 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5e0f.tmp
2009-07-17 17:16 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5e00.tmp
2009-07-17 17:14 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5ebd.tmp
2009-07-17 17:11 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5ce5.tmp
2009-07-17 17:10 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5dff.tmp
2009-07-17 17:10 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5d44.tmp
2009-07-17 17:09 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5d65.tmp
2009-07-17 17:06 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5d91.tmp
2009-07-17 17:05 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5e6b.tmp
2009-07-17 17:04 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5e3f.tmp
2009-07-17 16:35 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP6011.tmp
2009-07-17 16:30 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5fd3.tmp
2009-07-17 16:28 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP6040.tmp
2009-07-17 16:27 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5e2f.tmp
2009-07-17 16:26 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5ebc.tmp
2009-07-17 16:25 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5ff2.tmp
2009-07-17 16:21 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5d23.tmp
2009-07-17 16:20 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5c87.tmp
2009-07-17 16:18 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5bec.tmp
2009-07-17 16:16 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5d33.tmp
2009-07-17 16:15 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5c29.tmp
2009-07-17 16:10 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5e9a.tmp
2009-07-17 16:10 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5de0.tmp
2009-07-17 16:09 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5c49.tmp
2009-07-17 16:06 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5e2e.tmp
2009-07-17 16:06 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5eda.tmp
2009-07-17 16:03 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5dfe.tmp
2009-07-17 16:02 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5ddf.tmp
2009-07-17 16:01 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5ed9.tmp
2009-07-17 16:00 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5ead.tmp
2009-07-17 16:00 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5da0.tmp
2009-07-17 15:58 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5eac.tmp
2009-07-17 15:57 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5ee8.tmp
2009-07-17 15:56 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5d64.tmp
2009-07-17 15:55 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5e0e.tmp
2009-07-17 15:54 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5ebb.tmp
2009-07-17 15:52 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5d14.tmp
2009-07-17 15:51 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5d53.tmp
2009-07-17 15:49 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5d04.tmp
2009-07-17 15:48 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5cf4.tmp
2009-07-17 15:47 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5ef8.tmp
2009-07-17 15:44 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5eab.tmp
2009-07-17 15:43 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5e8b.tmp
2009-07-17 15:43 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5e2d.tmp
2009-07-17 15:42 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5eca.tmp
2009-07-17 15:41 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5eaa.tmp
2009-07-17 14:49 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP639c.tmp
2009-07-17 14:27 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP57a7.tmp
2009-07-17 14:26 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5798.tmp
2009-07-17 14:23 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5788.tmp
2009-07-17 14:22 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5797.tmp
2009-07-17 14:18 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP56fd.tmp
2009-07-17 14:10 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP572a.tmp
2009-07-17 14:09 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP58ce.tmp
2009-07-17 14:08 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP56fc.tmp
2009-07-17 14:06 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP59f7.tmp
2009-07-17 14:05 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP58b2.tmp
2009-07-17 14:03 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP57e6.tmp
2009-07-17 13:58 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP58ef.tmp
2009-07-17 13:57 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP57a6.tmp
2009-07-17 13:55 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5d52.tmp
2009-07-17 13:50 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5815.tmp
2009-07-17 13:48 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP57c6.tmp
2009-07-17 13:47 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5796.tmp
2009-07-17 13:46 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP5832.tmp
2009-07-17 13:45 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP56dc.tmp
2009-07-17 13:43 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP57e5.tmp
2009-07-17 13:42 . 2009-04-27 17:52 90112 ----a-w- c:\windows\DUMP57b9.tmp
2009-07-23 18:09 . 2009-01-12 22:20 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-10-08 173368]
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 11:22 1172792 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"nodenable"="c:\program files\eset\nodenable.exe" [2008-09-22 326829]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TWCU"="c:\program files\TP-LINK\TWCU\TWCU.exe" [2006-03-29 364544]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-12 136600]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-07-01 1447168]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-01-13 111928]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-1-13 113664]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [12.12.2003 17:49 77312]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.7.2008 10:53 468224]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [13.1.2009 0:29 222456]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL
HKLM-Run-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.mywebsearch.com/mywebsearch/default.jhtml?ptnrS=ZQfox000&ptb=WJnOgKZAuzwUoBKSsdSD1w
mStart Page = hxxp://home.sweetim.com
uInternet Connection Wizard,ShellNext = iexplore
IE: &Search - http://edits.mywebsearch.com/toolbaredi ... p=ZQfox000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {99966FFA-5229-4D47-A9E3-87B5C985DEBB} = 212.96.161.6
FF - ProfilePath - c:\documents and settings\Romca\Data aplikací\Mozilla\Firefox\Profiles\prtyaqc3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - prefs.js: browser.search.selectedEngine - MyWebSearch
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/skinit/icq/
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp? ... searchfor=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMyWebS.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-02 15:28
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG08.00.00.01WORKSTATION"="725C8AF9D6C3180DD2DA270F460BA47F162E1640FBBD73232D602A55E06B0DC1FEEAED3F6BC3A18DCC834D17B0EC946170EC1726C45CE5115EE2C37FED48E7D1040E172B21A3C2256A87095FD4AE45E4B57704D12196FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC7933A9C6AECB7A5D1407FEBC9E127BECC74C1F6D70F8D2BC6394EEC99508282E42D441209341337B664257D7418F691395690FCC98BA3E3B998BB759377D60DB68BCB8639F28C2DA11920281D55D7B847DE2532CC55471850413CF817E2ED67845F5E415B7E076FD5CB77A57AAAB4FE764E27902BB9B82F2C3E5229F75A390934DBB2F9BC845614C3511C66630C3A51DCA87C5A411EB81FB8D064F75F46A89DC0E1132C215B20CCF1B3FA0242E7533A84436ADD1AFA66E3DAB35A8A8AE142DAAA23940B62E0BEF369F2AF366BC939EB0F8935BA9D7AEBC76F9FC38412633DFF83F3FDD0B00B4FBD4EBF9E4694AF30582268D2DB01BEA570F6AA9372D32E276622970C235C61893213B9EC64B98F0760E1C5037CE60481C0E82CA173E7FBEBA2CBBDBDB1291A20F365B4AA4113DEAF5E63ED1BE4FE135D821DB35F9AA8E66EB396458C8DCC6C6B8D1AF71BAA1A2C1FBC305C7BFE4B0A6D4982300380AB17FB995A4FDDFBA9E7ACD59B1CFFBC7855F7582FDACE6232D92C8E919885DDB10B2CDEE142BA7AF26B683D26A620DB3F72BC122474217830FF562AD156E280028ACBE16DC7FDD283DF900E87A6C4779601734C61708E6DF61D040A0FD950D3B471E1D023D6172719A44DEE994F2388E789316B7B44822F903A57AA3522732B8933BE8CB077A0BBEC41DADC87F41224FCD17A1E17B8B467626FC983C238D750582BC1A31A03600241A8DF01D96E3F9FA419E0AD35E24065E51619714157A6512E0DF191505C6DB1FCAA220A1CA2FE8368AA5EFC25FA2471CDF63E8756361C3344DE4C4FC41A0610DDAED24B51D384D063132EC85975E250280167053D87A0AA53E10ED12787E04AF2507DDDAA658B85894470D1933F36FC23612094258C16383F8ABDC23DF5BECAD5484A0B991AF6FF965F2CF1CF1C1A5F8D7F2FD7AD6F7AF4F1A02C9A2C3F97791E987B01B9D1EEC212BC1AAD4A96A011E0FD6915ADC21806E91E5E225805E35CA3BAD4C709D4B5D63BD4604284156EA95DCE1786189059F2AA32A4B6489536BA9F0A021CAF9A022BCCB983824352F82A2913E5A348B30883166A8184064E41165868751E1ACCCD18B57D218F616E4996D5593D71D2AF16992483D53382CE35399CE90750FC54234153613E67607AAB602A2157D883EDF26C406C9FB740F6692C2EC6D97D3E736497F917C5C98C2779551C774D30735D05622B532033DCDC463C55AD4B751CA244056"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(588)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3504)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\WinRAR\rarext.dll
c:\program files\WinRAR\rarlng.dll
c:\program files\ESET\ESET Smart Security\shellExt.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\acs.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\oodag.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
.
**************************************************************************
.
Celkový čas: 2009-08-02 15:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-08-02 13:31
Před spuštěním: 1 495 502 848
Po spuštění: 4 631 048 192
352 --- E O F --- 2009-01-17 18:19
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu, Windows hází chybové hlášení
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
CZDaywalker
- Návštěvník
- Příspěvky: 191
- Registrován: 25 úno 2008 07:58
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu, Windows hází chybové hlášení
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.Collect::
c:\windows\DUMP5321.tmp
c:\windows\DUMP51ac.tmp
c:\windows\DUMP5515.tmp
c:\windows\DUMP5063.tmp
c:\windows\DUMP5073.tmp
c:\windows\DUMP5b5e.tmp
c:\windows\DUMP610b.tmp
c:\windows\DUMP5d92.tmp
c:\windows\DUMP6273.tmp
c:\windows\DUMP6282.tmp
c:\windows\DUMP6f25.tmp
c:\windows\DUMP608f.tmp
c:\windows\DUMP61b7.tmp
c:\windows\DUMP61d7.tmp
c:\windows\DUMP608e.tmp
c:\windows\DUMP5ef9.tmp
c:\windows\DUMP5f18.tmp
c:\windows\DUMP6179.tmp
c:\windows\DUMP60ed.tmp
c:\windows\DUMP5ff3.tmp
c:\windows\DUMP5fc3.tmp
c:\windows\DUMP5c6a.tmp
c:\windows\DUMP60bd.tmp
c:\windows\DUMP5c98.tmp
c:\windows\DUMP60ae.tmp
c:\windows\DUMP5db1.tmp
c:\windows\DUMP5d16.tmp
c:\windows\DUMP5d15.tmp
c:\windows\DUMP5da1.tmp
c:\windows\DUMP5f85.tmp
c:\windows\DUMP5c69.tmp
c:\windows\DUMP5ca6.tmp
c:\windows\DUMP5e0f.tmp
c:\windows\DUMP5e00.tmp
c:\windows\DUMP5ebd.tmp
c:\windows\DUMP5ce5.tmp
c:\windows\DUMP5dff.tmp
c:\windows\DUMP5d44.tmp
c:\windows\DUMP5d65.tmp
c:\windows\DUMP5d91.tmp
c:\windows\DUMP5e6b.tmp
c:\windows\DUMP5e3f.tmp
c:\windows\DUMP6011.tmp
c:\windows\DUMP5fd3.tmp
c:\windows\DUMP6040.tmp
c:\windows\DUMP5e2f.tmp
c:\windows\DUMP5ebc.tmp
c:\windows\DUMP5ff2.tmp
c:\windows\DUMP5d23.tmp
c:\windows\DUMP5c87.tmp
c:\windows\DUMP5bec.tmp
c:\windows\DUMP5d33.tmp
c:\windows\DUMP5c29.tmp
c:\windows\DUMP5e9a.tmp
c:\windows\DUMP5de0.tmp
c:\windows\DUMP5c49.tmp
c:\windows\DUMP5e2e.tmp
c:\windows\DUMP5eda.tmp
c:\windows\DUMP5dfe.tmp
c:\windows\DUMP5ddf.tmp
c:\windows\DUMP5ed9.tmp
c:\windows\DUMP5ead.tmp
c:\windows\DUMP5da0.tmp
c:\windows\DUMP5eac.tmp
c:\windows\DUMP5ee8.tmp
c:\windows\DUMP5d64.tmp
c:\windows\DUMP5e0e.tmp
c:\windows\DUMP5ebb.tmp
c:\windows\DUMP5d14.tmp
c:\windows\DUMP5d53.tmp
c:\windows\DUMP5d04.tmp
c:\windows\DUMP5cf4.tmp
c:\windows\DUMP5ef8.tmp
c:\windows\DUMP5eab.tmp
c:\windows\DUMP5e8b.tmp
c:\windows\DUMP5e2d.tmp
c:\windows\DUMP5eca.tmp
c:\windows\DUMP5eaa.tmp
c:\windows\DUMP639c.tmp
c:\windows\DUMP57a7.tmp
c:\windows\DUMP5798.tmp
c:\windows\DUMP5788.tmp
c:\windows\DUMP5797.tmp
c:\windows\DUMP56fd.tmp
c:\windows\DUMP572a.tmp
c:\windows\DUMP58ce.tmp
c:\windows\DUMP56fc.tmp
c:\windows\DUMP59f7.tmp
c:\windows\DUMP58b2.tmp
c:\windows\DUMP57e6.tmp
c:\windows\DUMP58ef.tmp
c:\windows\DUMP57a6.tmp
c:\windows\DUMP5d52.tmp
c:\windows\DUMP5815.tmp
c:\windows\DUMP57c6.tmp
c:\windows\DUMP5796.tmp
c:\windows\DUMP5832.tmp
c:\windows\DUMP56dc.tmp
c:\windows\DUMP57e5.tmp
c:\windows\DUMP57b9.tmp
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
CZDaywalker
- Návštěvník
- Příspěvky: 191
- Registrován: 25 úno 2008 07:58
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu, Windows hází chybové hlášení
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?