Dobrý den,
mám takový menší problém. Když se pokouším nainstalovat jeden program (konkrétně nejnovější verzi PhysX), vyskočí na mě hláška: "Systém Windows nemá přístup k určenému zařízení...". Na internetu jsem našel poměrně hodně témat o této problematice, ale nenašel jsem nic co by mi pomohlo. Abych předešel otázce, kterou jsem často viděl - administrátorská, tedy správcovská práva mám. Nevíte čím by to mohlo být?
Dalé bych Vás chtěl poprosit o kontrolu logu z HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:31:25, on 17.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
F:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
F:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\cidaemon.exe
F:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\DOCUME~1\Martin\LOCALS~1\Temp\tempalbert\MSASCul.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
F:\Program files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
F:\Program files\RocketDock\RocketDock.exe
F:\Program files\Secunia\PSI\psi.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
F:\Program files\RocketDock\Pořadače\Systém\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://search13.net/search.php?clid=486&q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search13.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search13.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Documents and Settings\Martin\Data aplikací\FlashGetBHO\FlashGetBHO3.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ARC] C:\DOCUME~1\Martin\LOCALS~1\Temp\tempalbert\MSASCul.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [EvtMgr6] F:\Program files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKCU\..\Run: [RocketDock] "F:\Program files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Secunia PSI.lnk = F:\Program files\Secunia\PSI\psi.exe
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Download all by FlashGet3 - C:\Documents and Settings\Martin\Data aplikací\FlashGetBHO\GetAllUrl.htm
O8 - Extra context menu item: Download by FlashGet3 - C:\Documents and Settings\Martin\Data aplikací\FlashGetBHO\GetUrl.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://software.kuaiche.com
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - F:\Program Files\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe (file missing)
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe (file missing)
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - F:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - F:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 8274 bytes
Děkuji za pomoc,
Martin Petráň.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Windows nemají přístup + kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Windows nemají přístup + kontrola logu
Zdravim,
CTETE POZORNE NAVOD,TENTO SOFT NETOLERUJE CHYBY V POSTUPU APLIKOVANI!
Klidne si nasledujici radky vytisknete,at vite,co se bude na obrazovce odehravat.
Budte prihlasen na pc s administratorskymi pravy.
V operacnich systemech Windows Vista a Windows 7 je nutno spoustet aplikaci jako spravce (kliknutim pravym tlacitkem mysi na ikonu ComboFixu a klepnutim levym na volbu "Spustit jako spravce")
stahnete a ulozte nejlepe na plochu ComboFix
v pripade,ze nepujde stranka nacist-stahnete odtud download , popr. nepujde ComboFix spustit - prejmenujte jej na grinder.com a postupujte dale dle instrukci.
hned po startu se zobrazi Zreknuti se prava zaruky na funkcnost software, pokracujte kliknutim na tlacitko Ano:
pote muze nasledovat upozorneni na nainstalovane emulatory CD mechanik,typicky Daemon Tools nebo Alcohol 120
odklepnout OK
Souhlasit s instalaci Recovery console(Konzola pro zotaveni)-nutno funkcni internet
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: upozorneni: Vypnete rezidentni stit u antiviru a antispywaru a zakazte docasne firewall-ComboFix by nemusel fungovat korektne-pokud budete mit stity vypnute a Combofix zahlasi,ze nejsou,pokracujte dal a potvrdte.
po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem
poprosim o doplneni cele hlasky."Systém Windows nemá přístup k určenému zařízení...".
CTETE POZORNE NAVOD,TENTO SOFT NETOLERUJE CHYBY V POSTUPU APLIKOVANI!Klidne si nasledujici radky vytisknete,at vite,co se bude na obrazovce odehravat.
Budte prihlasen na pc s administratorskymi pravy.
V operacnich systemech Windows Vista a Windows 7 je nutno spoustet aplikaci jako spravce (kliknutim pravym tlacitkem mysi na ikonu ComboFixu a klepnutim levym na volbu "Spustit jako spravce")
stahnete a ulozte nejlepe na plochu ComboFix
v pripade,ze nepujde stranka nacist-stahnete odtud download , popr. nepujde ComboFix spustit - prejmenujte jej na grinder.com a postupujte dale dle instrukci.
hned po startu se zobrazi Zreknuti se prava zaruky na funkcnost software, pokracujte kliknutim na tlacitko Ano:
pote muze nasledovat upozorneni na nainstalovane emulatory CD mechanik,typicky Daemon Tools nebo Alcohol 120
odklepnout OK
Souhlasit s instalaci Recovery console(Konzola pro zotaveni)-nutno funkcni internet
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: upozorneni: Vypnete rezidentni stit u antiviru a antispywaru a zakazte docasne firewall-ComboFix by nemusel fungovat korektne-pokud budete mit stity vypnute a Combofix zahlasi,ze nejsou,pokracujte dal a potvrdte.
po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Re: Windows nemají přístup + kontrola logu
Dobré ráno,
tak jsem udělal tu kontrolu a zde je log:
ComboFix 10-09-17.04 - Martin 19.09.2010 0:09.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2773 [GMT 2:00]
Spuštěný z: c:\documents and settings\Martin\Plocha\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Martin\Data aplikací\BITS
c:\documents and settings\Martin\Data aplikací\BITS\BITS.ini
c:\documents and settings\Martin\Data aplikací\BITS\DHTTable.dat
c:\documents and settings\Martin\Data aplikací\BITS\ProxyList.ini
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090723193346.torrent
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090723193346.torrent.filelist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804154809.torrent
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804154809.torrent.bits
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804154809.torrent.filelist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804154809.torrent.hybridlist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804173309.torrent
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804173309.torrent.bits
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804173309.torrent.filelist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804173309.torrent.hybridlist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20091207164830.torrent
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20091207164830.torrent.bits
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20091207164830.torrent.filelist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20091207164830.torrent.hybridlist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20091207164830.torrent.seeds
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20100131220732.torrent
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20100131220732.torrent.bits
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20100131220732.torrent.filelist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20100131220732.torrent.hybridlist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20100131220732.torrent.seeds
c:\documents and settings\Martin\Data aplikací\BITS\UPnP.ini
c:\documents and settings\Martin\Data aplikací\FlashGetBHO
c:\documents and settings\Martin\Data aplikací\FlashGetBHO\FlashGetBHO3.dll
c:\documents and settings\Martin\Data aplikací\FlashGetBHO\FlashGetHook.dll
c:\documents and settings\Martin\Data aplikací\FlashGetBHO\GetAllUrl.htm
c:\documents and settings\Martin\Data aplikací\FlashGetBHO\GetUrl.htm
c:\windows\system32\secushr.dat
c:\windows\system32\secustat.dat
G:\install.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-19 do 2010-09-19 )))))))))))))))))))))))))))))))
.
2010-09-18 16:05 . 2010-09-18 16:05 -------- d-----w- c:\program files\Common Files\Java
2010-09-18 16:05 . 2010-09-18 16:03 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-18 16:02 . 2010-09-18 16:02 -------- d-----w- c:\program files\Java
2010-09-16 17:43 . 2010-09-16 17:47 -------- d-----w- c:\program files\Bonjour
2010-09-16 06:54 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-09-16 06:54 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-09-16 06:54 . 2010-06-02 02:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-09-16 06:54 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-09-16 06:54 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-09-16 06:54 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-09-16 06:54 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-09-16 06:54 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-09-14 04:18 . 2010-09-14 04:18 -------- d-----w- c:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 22:17 . 2008-12-22 13:40 16608 ----a-w- c:\windows\gdrv.sys
2010-09-18 21:03 . 2008-12-22 14:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-09-18 10:48 . 2008-12-22 14:27 -------- d-----w- c:\program files\OpenOffice.org 3
2010-09-16 09:55 . 2010-07-11 13:40 -------- d-----w- c:\program files\Kaspersky Lab
2010-09-16 07:01 . 2009-01-19 18:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-09-14 04:18 . 2009-01-20 20:39 -------- d-----w- c:\program files\DIFX
2010-09-03 17:55 . 2009-10-10 10:25 -------- d-----w- c:\program files\Common Files\BioWare
2010-08-26 15:51 . 2008-12-22 13:41 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-24 10:17 . 2009-01-03 16:38 -------- d-----w- c:\program files\Canon
2010-08-17 13:17 . 2004-08-18 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-14 14:45 . 2010-08-14 14:35 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-08-14 14:39 . 2010-08-14 14:39 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-08-14 13:25 . 2010-01-09 13:04 -------- d-----w- c:\program files\Common Files\Logitech
2010-08-12 15:06 . 2004-08-18 12:00 429078 ----a-w- c:\windows\system32\perfh005.dat
2010-08-12 15:06 . 2004-08-18 12:00 77984 ----a-w- c:\windows\system32\perfc005.dat
2010-08-10 14:16 . 2009-12-24 09:41 -------- d-----w- c:\program files\ATI
2010-08-02 05:12 . 2010-08-02 05:10 -------- d-----w- c:\program files\AGEIA Technologies
2010-07-31 10:50 . 2010-07-11 13:52 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-07-31 10:50 . 2010-07-11 13:52 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-07-22 15:46 . 2004-08-18 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 06:19 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-07 14:05 . 2010-07-07 14:05 14904 ----a-w- c:\windows\system32\drivers\psi_mf.sys
2010-06-30 15:10 . 2008-12-29 17:13 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-06-30 12:33 . 2004-08-18 12:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:12 . 2004-08-18 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:12 . 2004-08-18 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 09:02 . 2004-08-18 12:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-08-18 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2009-05-26 16:58 . 2009-05-26 16:58 8 --sh--r- c:\windows\system32\83A8D53D81.dll
2010-04-10 18:14 . 2009-04-19 14:44 9802272 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-04-10 18:14 . 2009-04-19 14:44 1310752 --sha-w- c:\windows\system32\drivers\fidbox2.dat
.
------- Sigcheck -------
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 4AFB3B0919649F95C1964AA1FAD27D73 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="f:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-02-22 18791456]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2010-08-22 340520]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"EvtMgr6"="f:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Guest\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
c:\documents and settings\Martin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI.lnk - f:\program files\Secunia\PSI\psi.exe [2010-7-21 965176]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 10 (0xa)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-12-29 10:40 687560 ----a-w- f:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPlayer2_FixUp]
2008-04-14 03:22 208896 ----a-w- c:\windows\inf\unregmp2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 09:17 421888 ----a-w- f:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 14:07 2260480 --sha-r- f:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"QuickTime Task"="f:\program files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"f:\\Program files\\Utorrent\\uTorrent.exe"=
"f:\\Program files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"f:\\Program files\\TuneUp Utilities 2010\\UpdateWizard.exe"=
"f:\\Program Files\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"=
"f:\\Program files\\GAMES\\Dragon Age\\bin_ship\\daorigins.exe"=
"f:\\Program files\\GAMES\\Dragon Age\\DAOriginsLauncher.exe"=
"f:\\Program files\\GAMES\\2K Games\\Gearbox Software\\Borderlands\\Binaries\\Borderlands.exe"=
"f:\\Program files\\GAMES\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29.1.2008 18:29 36880]
R2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [22.12.2008 15:41 80392]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [14.8.2010 16:38 10448]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;f:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18.12.2009 1:12 1044808]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14.9.2009 13:42 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2.10.2009 18:39 19472]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [7.7.2010 16:05 14904]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;f:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 8:24 10064]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [25.2.2010 22:41 1691480]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;f:\program files\GAMES\Dragon Age\bin_ship\daupdatersvc.service.exe [15.12.2009 22:07 25832]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [10.5.2010 22:56 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [10.5.2010 22:56 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [10.5.2010 22:56 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [10.5.2010 22:56 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [10.5.2010 22:56 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [10.5.2010 22:56 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [10.5.2010 22:56 109736]
S3 XDva276;XDva276;\??\c:\windows\system32\XDva276.sys --> c:\windows\system32\XDva276.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24.12.2008 22:32 717296]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-09-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-09-19 c:\windows\Tasks\Automatic troubleshooting.job
- f:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 23:18]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://search13.net/
mStart Page = about:blank
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local
uSearchAssistant = hxxp://search13.net/
uCustomizeSearch = hxxp://search13.net/
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: Download all by FlashGet3 - c:\documents and settings\Martin\Data aplikací\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\documents and settings\Martin\Data aplikací\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - f:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Save YouTube Video as MP3
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
LSP: c:\windows\system32\avgfwafu.dll
Trusted Zone: kuaiche.com\software
FF - ProfilePath - c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\v3dzxc7d.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search13.net/search.php?clid=486&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.games.tiscali.cz
FF - component: c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\v3dzxc7d.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashgetXpi.dll
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections-per-server - 6
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
MSConfigStartUp-Adobe ARM - c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-AdobeCS4ServiceManager - c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
MSConfigStartUp-CanonMyPrinter - c:\program files\Canon\MyPrinter\BJMyPrt.exe
MSConfigStartUp-CanonSolutionMenu - c:\program files\Canon\SolutionMenu\CNSLMAIN.exe
MSConfigStartUp-FlashGet - f:\program files\FlashGet Network\FlashGet\FlashGet.exe
MSConfigStartUp-Start WingMan Profiler - c:\program files\Logitech\Gaming Software\LWEMon.exe
MSConfigStartUp-Steam - f:\program files\Steam\Steam.exe
MSConfigStartUp-Total CMA Pack - f:\program files\Dodatki\Total CMA Pack\Total CMA Pack.exe
MSConfigStartUp-WMUAgent - (no file)
MSConfigStartUp-WMUTray - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-19 05:51
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1060284298-1965331169-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:8b,c3,b3,5d,ab,e2,c7,3c,8a,31,d8,13,de,52,e8,f4,7d,fc,6c,e0,f5,
e7,92,01,95,5b,5e,40,d9,f2,47,76,8a,99,ba,59,29,ca,e9,e3,60,a2,6c,5d,78,7c,\
"rkeysecu"=hex:5c,dc,07,33,97,e4,fa,72,d2,8c,39,53,95,49,34,15
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1376)
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
- - - - - - - > 'lsass.exe'(1468)
c:\windows\system32\avgfwafu.dll
- - - - - - - > 'explorer.exe'(3268)
f:\program files\RocketDock\RocketDock.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
f:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
.
**************************************************************************
.
Celkový čas: 2010-09-19 05:59:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-19 03:59
Před spuštěním: Volných bajtů: 17 166 426 112
Po spuštění: Volných bajtů: 17 197 613 056
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /TUTag=9XA496 /usepmtimer
Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 462C950DCE911568454D913A3B2B56DE
A co se týče té hlášky, celá zní takto: "Systém Windows nemá přístup k určenému zařízení, cestě nebo souboru. K přístupu k položce pravděpodobně nemáte patříčná oprávnění."
Děkuji za pomoc, Martin Petráň.
tak jsem udělal tu kontrolu a zde je log:
ComboFix 10-09-17.04 - Martin 19.09.2010 0:09.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2773 [GMT 2:00]
Spuštěný z: c:\documents and settings\Martin\Plocha\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Martin\Data aplikací\BITS
c:\documents and settings\Martin\Data aplikací\BITS\BITS.ini
c:\documents and settings\Martin\Data aplikací\BITS\DHTTable.dat
c:\documents and settings\Martin\Data aplikací\BITS\ProxyList.ini
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090723193346.torrent
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090723193346.torrent.filelist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804154809.torrent
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804154809.torrent.bits
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804154809.torrent.filelist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804154809.torrent.hybridlist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804173309.torrent
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804173309.torrent.bits
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804173309.torrent.filelist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20090804173309.torrent.hybridlist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20091207164830.torrent
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20091207164830.torrent.bits
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20091207164830.torrent.filelist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20091207164830.torrent.hybridlist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20091207164830.torrent.seeds
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20100131220732.torrent
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20100131220732.torrent.bits
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20100131220732.torrent.filelist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20100131220732.torrent.hybridlist
c:\documents and settings\Martin\Data aplikací\BITS\Torrent\20100131220732.torrent.seeds
c:\documents and settings\Martin\Data aplikací\BITS\UPnP.ini
c:\documents and settings\Martin\Data aplikací\FlashGetBHO
c:\documents and settings\Martin\Data aplikací\FlashGetBHO\FlashGetBHO3.dll
c:\documents and settings\Martin\Data aplikací\FlashGetBHO\FlashGetHook.dll
c:\documents and settings\Martin\Data aplikací\FlashGetBHO\GetAllUrl.htm
c:\documents and settings\Martin\Data aplikací\FlashGetBHO\GetUrl.htm
c:\windows\system32\secushr.dat
c:\windows\system32\secustat.dat
G:\install.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-19 do 2010-09-19 )))))))))))))))))))))))))))))))
.
2010-09-18 16:05 . 2010-09-18 16:05 -------- d-----w- c:\program files\Common Files\Java
2010-09-18 16:05 . 2010-09-18 16:03 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-18 16:02 . 2010-09-18 16:02 -------- d-----w- c:\program files\Java
2010-09-16 17:43 . 2010-09-16 17:47 -------- d-----w- c:\program files\Bonjour
2010-09-16 06:54 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-09-16 06:54 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-09-16 06:54 . 2010-06-02 02:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-09-16 06:54 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-09-16 06:54 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-09-16 06:54 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-09-16 06:54 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-09-16 06:54 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-09-14 04:18 . 2010-09-14 04:18 -------- d-----w- c:\windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 22:17 . 2008-12-22 13:40 16608 ----a-w- c:\windows\gdrv.sys
2010-09-18 21:03 . 2008-12-22 14:03 -------- d-----w- c:\program files\Common Files\Adobe
2010-09-18 10:48 . 2008-12-22 14:27 -------- d-----w- c:\program files\OpenOffice.org 3
2010-09-16 09:55 . 2010-07-11 13:40 -------- d-----w- c:\program files\Kaspersky Lab
2010-09-16 07:01 . 2009-01-19 18:24 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-09-14 04:18 . 2009-01-20 20:39 -------- d-----w- c:\program files\DIFX
2010-09-03 17:55 . 2009-10-10 10:25 -------- d-----w- c:\program files\Common Files\BioWare
2010-08-26 15:51 . 2008-12-22 13:41 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-24 10:17 . 2009-01-03 16:38 -------- d-----w- c:\program files\Canon
2010-08-17 13:17 . 2004-08-18 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-14 14:45 . 2010-08-14 14:35 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-08-14 14:39 . 2010-08-14 14:39 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-08-14 13:25 . 2010-01-09 13:04 -------- d-----w- c:\program files\Common Files\Logitech
2010-08-12 15:06 . 2004-08-18 12:00 429078 ----a-w- c:\windows\system32\perfh005.dat
2010-08-12 15:06 . 2004-08-18 12:00 77984 ----a-w- c:\windows\system32\perfc005.dat
2010-08-10 14:16 . 2009-12-24 09:41 -------- d-----w- c:\program files\ATI
2010-08-02 05:12 . 2010-08-02 05:10 -------- d-----w- c:\program files\AGEIA Technologies
2010-07-31 10:50 . 2010-07-11 13:52 97549 ----a-w- c:\windows\system32\drivers\klick.dat
2010-07-31 10:50 . 2010-07-11 13:52 113933 ----a-w- c:\windows\system32\drivers\klin.dat
2010-07-22 15:46 . 2004-08-18 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 06:19 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-07 14:05 . 2010-07-07 14:05 14904 ----a-w- c:\windows\system32\drivers\psi_mf.sys
2010-06-30 15:10 . 2008-12-29 17:13 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-06-30 12:33 . 2004-08-18 12:00 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:12 . 2004-08-18 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:12 . 2004-08-18 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 09:02 . 2004-08-18 12:00 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-08-18 12:00 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2009-05-26 16:58 . 2009-05-26 16:58 8 --sh--r- c:\windows\system32\83A8D53D81.dll
2010-04-10 18:14 . 2009-04-19 14:44 9802272 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-04-10 18:14 . 2009-04-19 14:44 1310752 --sha-w- c:\windows\system32\drivers\fidbox2.dat
.
------- Sigcheck -------
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 4AFB3B0919649F95C1964AA1FAD27D73 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="f:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-02-22 18791456]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2010-08-22 340520]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"EvtMgr6"="f:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\Guest\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]
c:\documents and settings\Martin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI.lnk - f:\program files\Secunia\PSI\psi.exe [2010-7-21 965176]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 10 (0xa)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Logitech SetPoint.lnk]
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-12-29 10:40 687560 ----a-w- f:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPlayer2_FixUp]
2008-04-14 03:22 208896 ----a-w- c:\windows\inf\unregmp2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 09:17 421888 ----a-w- f:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 14:07 2260480 --sha-r- f:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 08:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"QuickTime Task"="f:\program files\QuickTime\QTTask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"f:\\Program files\\Utorrent\\uTorrent.exe"=
"f:\\Program files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"f:\\Program files\\TuneUp Utilities 2010\\UpdateWizard.exe"=
"f:\\Program Files\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"=
"f:\\Program files\\GAMES\\Dragon Age\\bin_ship\\daorigins.exe"=
"f:\\Program files\\GAMES\\Dragon Age\\DAOriginsLauncher.exe"=
"f:\\Program files\\GAMES\\2K Games\\Gearbox Software\\Borderlands\\Binaries\\Borderlands.exe"=
"f:\\Program files\\GAMES\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [29.1.2008 18:29 36880]
R2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [22.12.2008 15:41 80392]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [14.8.2010 16:38 10448]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;f:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [18.12.2009 1:12 1044808]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14.9.2009 13:42 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2.10.2009 18:39 19472]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [7.7.2010 16:05 14904]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;f:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 8:24 10064]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [25.2.2010 22:41 1691480]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;f:\program files\GAMES\Dragon Age\bin_ship\daupdatersvc.service.exe [15.12.2009 22:07 25832]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [10.5.2010 22:56 86824]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [10.5.2010 22:56 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [10.5.2010 22:56 114600]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [10.5.2010 22:56 108328]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [10.5.2010 22:56 26024]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [10.5.2010 22:56 104616]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [10.5.2010 22:56 109736]
S3 XDva276;XDva276;\??\c:\windows\system32\XDva276.sys --> c:\windows\system32\XDva276.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24.12.2008 22:32 717296]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-09-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-09-19 c:\windows\Tasks\Automatic troubleshooting.job
- f:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-12-17 23:18]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://search13.net/
mStart Page = about:blank
uInternet Settings,ProxyServer = socks=
uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,;*.local
uSearchAssistant = hxxp://search13.net/
uCustomizeSearch = hxxp://search13.net/
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: Download all by FlashGet3 - c:\documents and settings\Martin\Data aplikací\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\documents and settings\Martin\Data aplikací\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - f:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Save YouTube Video as MP3
IE: {{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
LSP: c:\windows\system32\avgfwafu.dll
Trusted Zone: kuaiche.com\software
FF - ProfilePath - c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\v3dzxc7d.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search13.net/search.php?clid=486&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.games.tiscali.cz
FF - component: c:\documents and settings\Martin\Data aplikací\Mozilla\Firefox\Profiles\v3dzxc7d.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashgetXpi.dll
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: f:\program files\QuickTime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections-per-server - 6
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
MSConfigStartUp-Adobe ARM - c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-AdobeCS4ServiceManager - c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
MSConfigStartUp-CanonMyPrinter - c:\program files\Canon\MyPrinter\BJMyPrt.exe
MSConfigStartUp-CanonSolutionMenu - c:\program files\Canon\SolutionMenu\CNSLMAIN.exe
MSConfigStartUp-FlashGet - f:\program files\FlashGet Network\FlashGet\FlashGet.exe
MSConfigStartUp-Start WingMan Profiler - c:\program files\Logitech\Gaming Software\LWEMon.exe
MSConfigStartUp-Steam - f:\program files\Steam\Steam.exe
MSConfigStartUp-Total CMA Pack - f:\program files\Dodatki\Total CMA Pack\Total CMA Pack.exe
MSConfigStartUp-WMUAgent - (no file)
MSConfigStartUp-WMUTray - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-19 05:51
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1060284298-1965331169-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:8b,c3,b3,5d,ab,e2,c7,3c,8a,31,d8,13,de,52,e8,f4,7d,fc,6c,e0,f5,
e7,92,01,95,5b,5e,40,d9,f2,47,76,8a,99,ba,59,29,ca,e9,e3,60,a2,6c,5d,78,7c,\
"rkeysecu"=hex:5c,dc,07,33,97,e4,fa,72,d2,8c,39,53,95,49,34,15
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1376)
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
- - - - - - - > 'lsass.exe'(1468)
c:\windows\system32\avgfwafu.dll
- - - - - - - > 'explorer.exe'(3268)
f:\program files\RocketDock\RocketDock.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
f:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
.
**************************************************************************
.
Celkový čas: 2010-09-19 05:59:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-19 03:59
Před spuštěním: Volných bajtů: 17 166 426 112
Po spuštění: Volných bajtů: 17 197 613 056
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /TUTag=9XA496 /usepmtimer
Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 462C950DCE911568454D913A3B2B56DE
A co se týče té hlášky, celá zní takto: "Systém Windows nemá přístup k určenému zařízení, cestě nebo souboru. K přístupu k položce pravděpodobně nemáte patříčná oprávnění."
Děkuji za pomoc, Martin Petráň.
Re: Windows nemají přístup + kontrola logu
Odinstalujte Spybot - je zastaraly a navic mate KIS. Klepnete na Tento pocitac-Nastroje-Moznosti slozky-Zobrazeni-a odfajfkujte Skryt chranene soubory operacniho systemu a oznacte Zobrazovat skryte soubory a slozky.Po ukonceni vsech procedur stejnou cestou vratte nastaveni zpet. otestujte na VIRUSTOTALuc:\windows\system32\drivers\LNonPnP.sys
c:\windows\system32\83A8D53D81.dll
c:\windows\system32\drivers\tcpip.sys
(navod prosty: po nacteni stranky kliknete na tlacitko Prochazet , najdete cestu k vyse zminenemu souboru a kliknete na tlacitko Odeslat soubor; dejte skenerum nejakych deset minut; vysledek sem vlozte)
Pokud skener napíše, že soubor již byl testován, dejte otestovat znovu.
Odkud mate stazen instalator PhysXu?
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Re: Windows nemají přístup + kontrola logu
Dobrý den,
PhysX mám z originálního instalačního DVD hry Mafia II...
zde uvádím výsledky testů:
1)
File name:LNonPnP.sys
Submission date:2010-09-20 14:46:09 (UTC)
Current status:queued queued analysing finished
Result:0/ 43 (0.0%)
2)
File name:83A8D53D81.dll
Submission date:2010-09-20 14:42:36 (UTC)
Current status:queued queued (#1) analysing finished
Result:0/ 43 (0.0%)
3)
File name:tcpip.sys
Submission date:2010-09-20 14:48:47 (UTC)
Current status:queued (#8) queued analysing finished
Result:0/ 43 (0.0%)
PhysX mám z originálního instalačního DVD hry Mafia II...
zde uvádím výsledky testů:
1)
File name:LNonPnP.sys
Submission date:2010-09-20 14:46:09 (UTC)
Current status:queued queued analysing finished
Result:0/ 43 (0.0%)
2)
File name:83A8D53D81.dll
Submission date:2010-09-20 14:42:36 (UTC)
Current status:queued queued (#1) analysing finished
Result:0/ 43 (0.0%)
3)
File name:tcpip.sys
Submission date:2010-09-20 14:48:47 (UTC)
Current status:queued (#8) queued analysing finished
Result:0/ 43 (0.0%)
Re: Windows nemají přístup + kontrola logu
Pc je ciste.
http://www.nvidia.com/object/physx_gpus.html
zde je prehled podporovanych grafickych karet pro PhysX.
http://www.nvidia.com/object/physx-9.10 ... river.html
zkuste PhysX stahnout odtud a nainstalovat.
http://www.nvidia.com/object/physx_gpus.html
zde je prehled podporovanych grafickych karet pro PhysX.
http://www.nvidia.com/object/physx-9.10 ... river.html
zkuste PhysX stahnout odtud a nainstalovat.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Přispějete na provoz fóra?