Dobrý den,
dnes jsme si přinesli domu nové PC od známého, který počítačům vůbec nerozumí a nějakou dobu ho používal. Nepoužíval pravděpodobně žádný antivir a nic podobného. My také pc moc nerozumíme a máme pocit, že není vše úplně v pořádku.
Prý je něco s grafickou kartou, ale to nevíme jistě. Často nám počítač spadne a objeví se modrá obrazovka, kde je napsáno něco jako kernel stack debugger error a potom at odinstalujeme nějaký software apod. Oba počítačům příliš nerozumíjme, a proto se obracíme na odborníky.
Přikládáme log z RSITU.
Moc děkujeme za pomoc, Bubeníkovi
Logfile of random's system information tool 1.08 (written by random/random)
Run by Vašek at 2010-09-29 19:05:29
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 140 GB (92%) free of 152 GB
Total RAM: 1023 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:05:36, on 29.9.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ANIWConnService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\DWL-G122_DWA-110\AirGCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Vašek\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Vašek.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Program Files\D-Link\DWL-G122_DWA-110\AirGCFG.exe
O4 - HKLM\..\Run: [WZCSLDR2] C:\Program Files\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Vašek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\WINDOWS\system32\ANIWConnService.exe
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
--
End of file - 5319 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1957994488-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-1957994488-839522115-1003UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-09-23 1619296]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-05-27 16208384]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"GBB36X Configure"=C:\WINDOWS\system32\JMRaidTool.exe [2006-06-02 385024]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-08-07 2065760]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"ANIWZCS2Service"=C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2009-08-21 98304]
"D-Link D-Link Wireless G DWL-G122_DWA-110"=C:\Program Files\D-Link\DWL-G122_DWA-110\AirGCFG.exe [2009-09-18 1708032]
"WZCSLDR2"=C:\Program Files\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"Google Update"=C:\Documents and Settings\Vašek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-08-07 136176]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-08-07 12536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Documents and Settings\Vašek\Dokumenty\Stažené soubory\VideoConverter_Setup.exe"="C:\Documents and Settings\Vašek\Dokumenty\Stažené soubory\VideoConverter_Setup.exe:*:Enabled:Video Converter"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-09-29 19:05:30 ----D---- C:\Program Files\trend micro
2010-09-29 19:05:29 ----D---- C:\rsit
2010-09-28 19:03:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-09-27 20:04:23 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-09-27 20:04:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-09-27 00:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-09-27 00:59:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-09-27 00:59:34 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-09-27 00:59:30 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-09-27 00:59:26 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-09-27 00:59:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-09-27 00:59:18 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-09-27 00:59:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-09-27 00:59:06 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-09-27 00:59:01 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$
2010-09-27 00:58:58 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-09-27 00:58:54 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-09-27 00:58:52 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-09-27 00:58:48 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-09-27 00:58:44 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$
2010-09-27 00:58:40 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-09-27 00:58:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-09-27 00:58:20 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-09-27 00:58:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-09-27 00:58:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-09-27 00:58:09 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-09-27 00:58:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-09-27 00:58:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-09-27 00:57:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-09-27 00:57:53 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-09-27 00:57:49 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-09-27 00:57:45 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-09-27 00:57:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-09-27 00:57:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-09-27 00:57:25 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-09-27 00:57:20 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-09-27 00:57:16 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-09-27 00:57:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-09-27 00:57:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-09-27 00:57:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-09-27 00:57:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-09-27 00:56:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-09-27 00:56:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-09-27 00:56:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-09-27 00:56:44 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-09-27 00:56:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-09-27 00:56:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-09-27 00:56:31 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-09-27 00:56:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-09-27 00:56:25 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-09-27 00:56:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-09-27 00:56:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-09-27 00:56:10 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-09-27 00:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-09-27 00:56:03 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-09-27 00:55:56 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-09-27 00:55:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-09-27 00:55:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-09-27 00:55:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-09-27 00:55:38 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-09-27 00:55:34 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-09-27 00:55:30 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-09-27 00:55:28 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-09-27 00:55:24 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-09-27 00:55:20 ----D---- C:\WINDOWS\ServicePackFiles
2010-09-27 00:55:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-09-27 00:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-09-27 00:55:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-09-27 00:55:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-09-27 00:55:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2010-09-27 00:54:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-09-27 00:54:52 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-09-27 00:54:48 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$
2010-09-27 00:54:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-09-27 00:54:35 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2010-09-27 00:54:30 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-09-27 00:54:25 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-09-27 00:54:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-09-27 00:54:13 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-09-26 18:02:02 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-09-26 17:59:47 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2010-09-26 17:54:42 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-09-26 17:54:22 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-09-26 17:49:21 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-09-26 17:49:07 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-09-26 17:49:07 ----D---- C:\WINDOWS\system32\PreInstall
2010-09-26 17:49:06 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-09-26 17:49:05 ----HD---- C:\WINDOWS\$hf_mig$
2010-09-26 17:38:35 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-09-26 11:28:19 ----D---- C:\Program Files\VideoConverter
2010-09-26 10:46:05 ----D---- C:\Program Files\DsNET Corp
2010-09-22 20:40:36 ----A---- C:\WINDOWS\NeroDigital.ini
2010-09-12 19:14:30 ----A---- C:\Documents and Settings\Vašek\Data aplikací\ANICONFIG_{B4196C4B-4DCC-4D7B-8B8E-D5599FE6A47C}.ini
2010-09-12 19:12:39 ----A---- C:\WINDOWS\system32\ANIWConnService.exe
2010-09-12 19:12:30 ----A---- C:\WINDOWS\system32\wnicapi.dll
2010-09-12 19:12:30 ----A---- C:\WINDOWS\system32\wlanapp.dll
2010-09-12 19:12:30 ----A---- C:\WINDOWS\system32\odSupp_M.dll
2010-09-12 19:12:30 ----A---- C:\WINDOWS\system32\AQCKGen.dll
2010-09-12 19:12:30 ----A---- C:\WINDOWS\system32\ANIWZCS2.dll
2010-09-12 19:12:30 ----A---- C:\WINDOWS\system32\ANICtl.dll
2010-09-12 19:12:30 ----A---- C:\WINDOWS\system32\aIPH.dll
2010-09-12 19:12:17 ----D---- C:\Program Files\ANI
2010-09-12 19:12:17 ----A---- C:\WINDOWS\system32\ANIOApi.dll
2010-09-12 19:12:17 ----A---- C:\WINDOWS\system32\ANIO64.sys
2010-09-12 19:12:17 ----A---- C:\WINDOWS\system32\anio4.sys
2010-09-12 19:12:17 ----A---- C:\WINDOWS\system32\ANIO.sys
2010-09-12 19:11:58 ----A---- C:\WINDOWS\system32\ssleay32.dll
2010-09-12 19:11:58 ----A---- C:\WINDOWS\system32\libeay32.dll
2010-09-12 19:11:58 ----A---- C:\WINDOWS\system32\ANIWPS.exe
2010-09-12 19:11:57 ----A---- C:\WINDOWS\system32\ANIOWPS.dll
2010-09-12 19:11:04 ----A---- C:\WINDOWS\system32\RaCoInst.dll
2010-09-12 19:11:04 ----A---- C:\WINDOWS\system32\drivers\Drt2870.sys
2010-09-12 19:11:03 ----A---- C:\WINDOWS\system32\rt25u98.sys
2010-09-12 19:11:03 ----A---- C:\WINDOWS\system32\Dr71WU98.sys
2010-09-12 19:10:58 ----D---- C:\Program Files\D-Link
2010-09-12 19:10:37 ----D---- C:\Documents and Settings\Vašek\Data aplikací\InstallShield
2010-09-06 20:53:37 ----D---- C:\Program Files\Creative
2010-09-06 20:53:37 ----A---- C:\WINDOWS\system32\eax.dll
2010-09-06 20:50:18 ----D---- C:\Program Files\Mafia
2010-09-06 20:50:13 ----RA---- C:\WINDOWS\system32\MafiaSetup.exe
2010-09-06 20:47:47 ----D---- C:\Program Files\DAEMON Tools Lite
2010-09-06 20:40:58 ----A---- C:\WINDOWS\system32\drivers\sptd.sys
2010-09-06 20:40:53 ----D---- C:\Documents and Settings\Vašek\Data aplikací\DAEMON Tools
2010-09-06 20:36:59 ----D---- C:\Program Files\WinRAR
2010-09-06 20:31:31 ----ASH---- C:\pagefile.sys
2010-09-06 20:01:03 ----D---- C:\WINDOWS\Minidump
2010-09-06 19:57:03 ----D---- C:\WINDOWS\nview
2010-09-06 19:55:51 ----RA---- C:\WINDOWS\system32\drivers\GVCplDrv.sys
2010-09-06 19:13:46 ----D---- C:\Documents and Settings\Vašek\Data aplikací\Ahead
2010-09-06 19:12:33 ----D---- C:\Program Files\Nero
2010-09-06 19:12:33 ----D---- C:\Program Files\Common Files\Ahead
2010-09-06 19:12:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2010-09-06 19:12:17 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-09-06 19:12:17 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-09-06 18:45:57 ----HD---- C:\$AVG
2010-09-06 18:38:20 ----D---- C:\WINDOWS\system32\appmgmt
2010-09-05 17:58:00 ----HD---- C:\WINDOWS\msdownld.tmp
2010-09-05 17:57:31 ----D---- C:\WINDOWS\Logs
======List of files/folders modified in the last 1 months======
2010-09-29 19:05:36 ----D---- C:\WINDOWS\Prefetch
2010-09-29 19:05:30 ----RD---- C:\Program Files
2010-09-29 18:59:37 ----D---- C:\WINDOWS\system32
2010-09-29 18:48:33 ----D---- C:\WINDOWS
2010-09-29 18:48:32 ----D---- C:\WINDOWS\Temp
2010-09-29 18:37:50 ----D---- C:\Program Files\Mozilla Firefox
2010-09-29 18:13:45 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-09-28 21:10:43 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-09-28 19:03:21 ----SD---- C:\WINDOWS\Tasks
2010-09-28 19:03:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-09-28 19:02:47 ----HD---- C:\WINDOWS\inf
2010-09-28 19:02:46 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-28 18:44:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-28 18:42:50 ----D---- C:\WINDOWS\system32\drivers
2010-09-27 18:21:37 ----D---- C:\WINDOWS\system32\wbem
2010-09-27 18:21:37 ----D---- C:\WINDOWS\AppPatch
2010-09-27 18:21:36 ----D---- C:\WINDOWS\system32\Setup
2010-09-27 00:59:27 ----D---- C:\Program Files\Messenger
2010-09-27 00:58:58 ----D---- C:\WINDOWS\WinSxS
2010-09-27 00:57:22 ----D---- C:\Program Files\Movie Maker
2010-09-27 00:55:43 ----D---- C:\Program Files\Outlook Express
2010-09-27 00:54:39 ----D---- C:\Program Files\Internet Explorer
2010-09-26 18:16:46 ----D---- C:\WINDOWS\system32\CatRoot
2010-09-26 18:02:02 ----D---- C:\WINDOWS\Debug
2010-09-26 17:38:43 ----D---- C:\WINDOWS\SoftwareDistribution
2010-09-26 17:38:41 ----D---- C:\WINDOWS\Help
2010-09-12 19:12:30 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-12 19:12:16 ----D---- C:\Program Files\Common Files\InstallShield
2010-09-12 19:11:49 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-09-09 18:37:01 ----D---- C:\WINDOWS\system32\oodag
2010-09-06 20:31:46 ----D---- C:\Documents and Settings
2010-09-06 19:13:28 ----SHD---- C:\WINDOWS\Installer
2010-09-06 19:12:33 ----D---- C:\Program Files\Common Files
2010-09-06 19:12:18 ----D---- C:\WINDOWS\system32\DirectX
2010-09-06 18:42:56 ----D---- C:\- Foto
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 JGOGO;JMicron Hot-Plug Driver; C:\WINDOWS\system32\DRIVERS\JGOGO.sys [2006-02-07 6912]
R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2006-06-02 43264]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-09-06 717296]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-08-07 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-08-07 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-08-07 243024]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-05-26 4279296]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 rt2870;D-Link dnetr28u USB Extensible Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\Drt2870.sys [2009-08-03 724736]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-03-15 244608]
S3 a25mos70;a25mos70; C:\WINDOWS\system32\drivers\a25mos70.sys []
S3 atirage3;atirage3; C:\WINDOWS\system32\DRIVERS\atimpae.sys [2001-10-24 75136]
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-18 26496]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ANIWConnService;ANIWConn Service; C:\WINDOWS\system32\ANIWConnService.exe [2009-07-07 151552]
R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-08-07 921952]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-08-07 308136]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2005-03-21 225280]
S2 ANIWZCSdService;ANIWZCSd Service; C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe [2009-08-21 102400]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kernel stack debugger error
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
bubeníkovi
- Návštěvník
- Příspěvky: 2
- Registrován: 29 zář 2010 18:03
Re: kernel stack debugger error
Zdravim,
CTETE POZORNE NAVOD,TENTO SOFT NETOLERUJE CHYBY V POSTUPU APLIKOVANI!
Klidne si nasledujici radky vytisknete,at vite,co se bude na obrazovce odehravat.
Budte prihlasen na pc s administratorskymi pravy.
stahnete a ulozte nejlepe na plochu ComboFix
v pripade,ze nepujde stranka nacist-stahnete odtud download , popr. nepujde ComboFix spustit - prejmenujte jej na grinder.com a postupujte dale dle instrukci.
hned po startu se zobrazi Zreknuti se prava zaruky na funkcnost software, pokracujte kliknutim na tlacitko Ano:
pote muze nasledovat upozorneni na nainstalovane emulatory CD mechanik,typicky Daemon Tools nebo Alcohol 120
odklepnout OK
Souhlasit s instalaci Recovery console(Konzola pro zotaveni)-nutno funkcni internet
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: upozorneni: Vypnete rezidentni stit u antiviru a antispywaru a zakazte docasne firewall-ComboFix by nemusel fungovat korektne-pokud budete mit stity vypnute a Combofix zahlasi,ze nejsou,pokracujte dal a potvrdte.
po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem
CTETE POZORNE NAVOD,TENTO SOFT NETOLERUJE CHYBY V POSTUPU APLIKOVANI!Klidne si nasledujici radky vytisknete,at vite,co se bude na obrazovce odehravat.
Budte prihlasen na pc s administratorskymi pravy.
stahnete a ulozte nejlepe na plochu ComboFix
v pripade,ze nepujde stranka nacist-stahnete odtud download , popr. nepujde ComboFix spustit - prejmenujte jej na grinder.com a postupujte dale dle instrukci.
hned po startu se zobrazi Zreknuti se prava zaruky na funkcnost software, pokracujte kliknutim na tlacitko Ano:
pote muze nasledovat upozorneni na nainstalovane emulatory CD mechanik,typicky Daemon Tools nebo Alcohol 120
odklepnout OK
Souhlasit s instalaci Recovery console(Konzola pro zotaveni)-nutno funkcni internet
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: upozorneni: Vypnete rezidentni stit u antiviru a antispywaru a zakazte docasne firewall-ComboFix by nemusel fungovat korektne-pokud budete mit stity vypnute a Combofix zahlasi,ze nejsou,pokracujte dal a potvrdte.
po restartu aplikace vytvori log, ulozeny na C:/Combofix.txt (pri opakovanem pouziti jsou logy oznaceny Combofix2.txt atd.), jeho obsah vlozte sem
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
-
bubeníkovi
- Návštěvník
- Příspěvky: 2
- Registrován: 29 zář 2010 18:03
Re: kernel stack debugger error
Dobrý den, tak výpis z combofixu .....
ComboFix 10-10-01.07 - Mirek 03.10.2010 11:47:13.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.562 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\vbzlib1.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-03 do 2010-10-03 )))))))))))))))))))))))))))))))
.
2010-09-29 17:05 . 2010-09-29 17:05 -------- d-----w- c:\program files\trend micro
2010-09-29 17:05 . 2010-09-29 17:05 -------- d-----w- C:\rsit
2010-09-26 16:02 . 2010-09-26 16:14 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-09-26 15:59 . 2008-06-14 18:00 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-09-26 15:59 . 2008-06-14 18:00 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-09-26 15:59 . 2010-02-24 12:31 454016 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-09-26 15:58 . 2010-02-16 19:34 2183552 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-09-26 15:58 . 2010-02-16 19:34 2060544 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-09-26 15:58 . 2010-02-16 19:34 2018816 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-09-26 15:58 . 2010-02-16 19:34 2139136 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-09-26 15:54 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-09-26 15:49 . 2010-09-27 16:23 -------- d--h--w- c:\windows\$hf_mig$
2010-09-26 09:28 . 2010-09-26 09:28 -------- d-----w- c:\program files\VideoConverter
2010-09-26 08:46 . 2010-09-26 08:46 -------- d-----w- c:\program files\DsNET Corp
2010-09-23 15:53 . 2010-09-23 15:53 620896 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgnsx.exe
2010-09-23 15:53 . 2010-09-23 15:53 4093792 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgui.exe
2010-09-23 15:53 . 2010-09-23 15:53 3586912 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\setup.exe
2010-09-23 15:53 . 2010-09-23 15:53 1619296 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgssie.dll
2010-09-23 15:53 . 2010-09-23 15:53 942432 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgcfgx.dll
2010-09-23 15:53 . 2010-09-23 15:53 598368 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgsrmx.dll
2010-09-23 15:53 . 2010-09-23 15:53 300896 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgchclx.dll
2010-09-23 15:53 . 2010-09-23 15:53 4371296 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgcorex.dll
2010-09-23 15:53 . 2010-09-23 15:53 1690952 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgupd.dll
2010-09-12 17:11 . 2009-02-26 09:22 237568 ----a-w- c:\windows\system32\ANIWPS.exe
2010-09-12 17:11 . 2008-09-25 11:16 204800 ----a-w- c:\windows\system32\ssleay32.dll
2010-09-12 17:11 . 2008-09-25 11:15 1110016 ----a-w- c:\windows\system32\libeay32.dll
2010-09-12 17:11 . 2009-09-02 09:00 733184 ----a-w- c:\windows\system32\ANIOWPS.dll
2010-09-12 17:11 . 2009-08-03 08:57 724736 ----a-w- c:\windows\system32\drivers\Drt2870.sys
2010-09-12 17:11 . 2009-08-03 08:54 221184 ----a-w- c:\windows\system32\RaCoInst.dll
2010-09-12 17:11 . 2009-08-03 08:54 13931 ----a-w- c:\windows\system32\RaCoInst.dat
2010-09-12 17:11 . 2009-07-17 14:23 479360 ----a-w- c:\windows\system32\Dr71WU98.sys
2010-09-12 17:11 . 2007-05-12 12:44 247808 ----a-w- c:\windows\system32\rt25u98.sys
2010-09-12 17:11 . 2005-11-18 13:21 2048 ----a-w- c:\windows\system32\rt73.bin
2010-09-12 17:10 . 2010-09-12 17:10 -------- d-----w- c:\program files\D-Link
2010-09-06 18:53 . 2010-09-06 18:53 -------- d-----w- c:\program files\Creative
2010-09-06 18:53 . 2002-06-06 12:38 139264 ----a-w- c:\windows\system32\eax.dll
2010-09-06 18:50 . 2010-09-06 18:53 -------- d-----w- c:\program files\Mafia
2010-09-06 18:50 . 2002-08-29 15:33 319488 ----a-r- c:\windows\system32\MafiaSetup.exe
2010-09-06 18:47 . 2010-09-06 18:47 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-09-06 18:40 . 2010-09-06 18:40 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-06 17:57 . 2010-09-06 18:00 -------- d-----w- c:\windows\nview
2010-09-06 17:55 . 2004-05-02 08:47 23040 ----a-r- c:\windows\system32\drivers\GVCplDrv.sys
2010-09-06 17:12 . 2010-09-06 17:13 -------- d-----w- c:\program files\Common Files\Ahead
2010-09-06 17:12 . 2010-09-06 17:12 -------- d-----w- c:\program files\Nero
2010-09-06 16:45 . 2010-09-06 16:45 -------- d-----w- C:\$AVG
2010-09-05 15:58 . 2010-09-05 16:02 -------- d--h--w- c:\windows\msdownld.tmp
2010-09-05 15:57 . 2010-09-05 15:57 -------- d-----w- c:\windows\Logs
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-28 19:01 . 2010-08-07 20:34 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-09-28 16:44 . 2004-08-18 12:00 46196 ----a-w- c:\windows\system32\perfc005.dat
2010-09-28 16:44 . 2004-08-18 12:00 309990 ----a-w- c:\windows\system32\perfh005.dat
2010-09-12 17:12 . 2010-09-12 17:12 -------- d-----w- c:\program files\ANI
2010-09-12 17:12 . 2010-08-06 19:25 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-12 17:12 . 2010-08-06 19:25 -------- d-----w- c:\program files\Common Files\InstallShield
2010-09-06 18:53 . 2004-08-18 12:00 11376 ----a-w- c:\windows\system32\drivers\secdrv.sys
2010-08-28 13:05 . 2010-08-28 13:05 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-08-28 13:05 . 2010-08-28 13:05 737280 ----a-w- c:\windows\iun6002.exe
2010-08-07 20:34 . 2010-08-07 20:34 33892 ---ha-w- c:\windows\system32\mlfcache.dat
2010-08-07 20:34 . 2010-08-07 20:34 -------- d-----w- c:\program files\Bonjour
2010-08-07 20:34 . 2010-08-07 20:34 -------- d-----w- c:\program files\Common Files\Apple
2010-08-07 20:34 . 2010-08-07 20:34 -------- d-----w- c:\program files\Apple Software Update
2010-08-07 19:37 . 2010-08-06 19:17 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-08-07 19:37 . 2010-08-06 19:17 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-08-07 09:34 . 2010-08-07 09:34 0 ----a-w- c:\windows\nsreg.dat
2010-08-07 08:28 . 2010-08-06 20:43 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-08-07 08:28 . 2010-08-07 08:28 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-08-07 08:28 . 2010-08-06 20:43 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-08-07 08:27 . 2010-08-06 20:43 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-06 21:24 . 2010-08-06 21:24 -------- d-----w- c:\program files\VS Revo Group
2010-08-06 21:23 . 2010-08-06 21:23 -------- d-----w- c:\program files\Google
2010-08-06 21:21 . 2010-08-06 21:21 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-08-06 20:53 . 2010-08-06 20:53 -------- d-----w- c:\program files\Microsoft.NET
2010-08-06 20:43 . 2010-08-06 20:43 -------- d-----w- c:\program files\AVG
2010-08-06 20:25 . 2010-08-06 20:25 -------- d-----w- c:\program files\OO Software
2010-08-06 20:23 . 2010-08-06 20:23 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-06 20:19 . 2010-08-06 20:12 -------- d-----w- c:\program files\Yahoo!
2010-08-06 20:13 . 2010-08-06 20:12 -------- d-----w- c:\program files\CCleaner
2010-08-06 20:06 . 2010-08-06 20:06 -------- d-----w- c:\program files\Lavalys
2010-08-06 19:54 . 2010-08-06 19:54 -------- d-----w- c:\program files\Alwil Software
2010-08-06 19:40 . 2010-08-06 19:39 -------- d-----w- c:\program files\002 - install - ACDSee (cz)
2010-08-06 19:39 . 2010-08-06 19:38 -------- d-----w- c:\program files\totalcmd
2010-08-06 19:29 . 2010-08-06 19:17 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-08-06 19:26 . 2010-08-06 19:26 -------- d-----w- c:\program files\GIGABYTE
2010-08-06 19:25 . 2010-08-06 19:25 -------- d-----w- c:\program files\Realtek
2010-08-06 19:23 . 2010-08-06 19:23 -------- d-----w- c:\program files\Intel
2010-08-06 19:17 . 2010-08-06 19:17 -------- d-----w- c:\program files\microsoft frontpage
2010-08-06 19:14 . 2010-08-06 19:14 21812 ----a-w- c:\windows\system32\emptyregdb.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Vašek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-08-07 136176]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-27 16208384]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"GBB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-06-02 385024]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-07 2065760]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2009-08-21 98304]
"D-Link D-Link Wireless G DWL-G122_DWA-110"="c:\program files\D-Link\DWL-G122_DWA-110\AirGCFG.exe" [2009-09-18 1708032]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-08-07 08:28 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Vašek\\Dokumenty\\Stažené soubory\\VideoConverter_Setup.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [6.8.2010 22:43 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [6.8.2010 22:43 243024]
R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [12.9.2010 19:12 151552]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [7.8.2010 10:27 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [7.8.2010 10:28 308136]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.9.2010 20:40 717296]
.
Obsah adresáře 'Naplánované úlohy'
2010-09-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Vašek\Data aplikací\Mozilla\Firefox\Profiles\8ultj4by.default\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-WZCSLDR2 - c:\program files\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-10-03 11:48
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG08.00.00.01WORKSTATION"="D39BA84B69A6E343BC4D0C6B77A08FD71100436708B130AD5C669537366E5723372C36A9EFFDA979D825AC935BF7CD76C84ED9D9468A77C8149D02412AF17BCB99206C953AC3F711E76F921D0D8409BCA1EFDC5E4C9312B37BDFF62F74DF909347B9232529F184068D63B4BB98C5E9D737AF87E26EF1B76748AF104ED49FFE612D4FF89F84D48A4C10CBD353ED0B9967486E580AE41A24D15321AD1DE96C330F5C4C4D81F40D454B5A09F17D5EFB477EBAA013AACC5817D3195E744EBBD7FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D67948EDD5E5BE2F6E667BA7FD869164D6794D28A56A1D6D220EC4D7C49A3A5C52753CC674E4B00EC9356ABE31A7650FDEC5E9A1C803B274BB67DA5B6AB3BC918EC61C99667BECFBD9B239DE27CA9D2A27A5986E51B39AD7928857E3A561848D965C8ECC5A9BA7A256C6F8B089B1174B64D46DAB3E109C3EB69482F9D1CDCDBF9ED8F3FF923B4BB8CEB26CE66DF1893407417E5C5B3A90966D25B157078BD8694C792CC2F07B8960FE409450552BD52796210F2D0942FE1DD1FAB0DB385058BFE9981A5D2A8E2CE7E852DD060A314174F70CD557C2EC2F47D70757CDA070E72C06A60604503E66E5E60FA56E626440B63583BE4644AA02CA44B4DCACF604B8814A886145E358AC2686C2E40F9CF891E8B3A1CFB995A98B8E41719E36F9AC2DC6A279E5D687F285C0803D87C72BCB181CF9805781F708F0D842094B78B618C4466192ADD9F492E905E62607B1AAB202BF05CDF3EEC477C5F7E18CCB768085756DE997C39B71B1E77402FFBB3B17FCD54DC506B327038ED2B8112275E3E8263EF60243D9955A30F70B5ED389FEA3E447E3B24384008C302AFEF07D7263BE805312A9C682914B32B1A7A08F73AEC14A467E46A2DD6888EED71E053EA0E80F8A67D2F46CC9A01C231DB014EED0952CEA019679A03683960F9B51D37BE9BA29446FC184C0FA21EE9725EECF1248E2BE27F5B0590C76CD7A4818825D60653ABBDF39DBFBA2778E167550E9588F6D4F9E49C3C328C5E5C926B76B9ABBCC8C4169FD48C3504E05AB49C551B090E97EA3691E88F1AAFFAB78FE8DBDA9552DFFB550724413C7CDB08F78FFEFD87600AE1C9C7E4EA17032880E4F4CA43FDE97B8F4EE3ACF14D5E8A467A6B75EB05C1274F94882A27BD72C33E9E0BEE0FB2B61E15D74CD01A1346B7DC04FB6EE52BD81D4C6A7D636453CC7FF93DCA089D37529EA8C177867BED36FB9ACD34B52AD5B06AF610EE4F034FC36044B5786C11C2B826EA4CC3551A7093C8CD852B283E94356571C24E41AA61F1422EEE7D0251BFC8B5FEAA31DCBCE1A7E0CDCE18386CAC3BB56030ABA1C3E95050D0C46346094A491F8B08E5CB713EA0DD6FBE"
.
Celkový čas: 2010-10-03 11:49:48
ComboFix-quarantined-files.txt 2010-10-03 09:49
Před spuštěním: Volných bajtů: 149 201 948 672
Po spuštění: Volných bajtů: 149 165 879 296
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 439D24BADF2D1517D88F804EBCCB0F48
ComboFix 10-10-01.07 - Mirek 03.10.2010 11:47:13.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.562 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\vbzlib1.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-03 do 2010-10-03 )))))))))))))))))))))))))))))))
.
2010-09-29 17:05 . 2010-09-29 17:05 -------- d-----w- c:\program files\trend micro
2010-09-29 17:05 . 2010-09-29 17:05 -------- d-----w- C:\rsit
2010-09-26 16:02 . 2010-09-26 16:14 -------- d-----w- c:\windows\system32\CatRoot_bak
2010-09-26 15:59 . 2008-06-14 18:00 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-09-26 15:59 . 2008-06-14 18:00 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-09-26 15:59 . 2010-02-24 12:31 454016 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-09-26 15:58 . 2010-02-16 19:34 2183552 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-09-26 15:58 . 2010-02-16 19:34 2060544 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-09-26 15:58 . 2010-02-16 19:34 2018816 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-09-26 15:58 . 2010-02-16 19:34 2139136 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-09-26 15:54 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-09-26 15:49 . 2010-09-27 16:23 -------- d--h--w- c:\windows\$hf_mig$
2010-09-26 09:28 . 2010-09-26 09:28 -------- d-----w- c:\program files\VideoConverter
2010-09-26 08:46 . 2010-09-26 08:46 -------- d-----w- c:\program files\DsNET Corp
2010-09-23 15:53 . 2010-09-23 15:53 620896 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgnsx.exe
2010-09-23 15:53 . 2010-09-23 15:53 4093792 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgui.exe
2010-09-23 15:53 . 2010-09-23 15:53 3586912 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\setup.exe
2010-09-23 15:53 . 2010-09-23 15:53 1619296 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgssie.dll
2010-09-23 15:53 . 2010-09-23 15:53 942432 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgcfgx.dll
2010-09-23 15:53 . 2010-09-23 15:53 598368 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgsrmx.dll
2010-09-23 15:53 . 2010-09-23 15:53 300896 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgchclx.dll
2010-09-23 15:53 . 2010-09-23 15:53 4371296 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgcorex.dll
2010-09-23 15:53 . 2010-09-23 15:53 1690952 ----a-w- c:\documents and settings\All Users\Data aplikací\avg9\update\backup\avgupd.dll
2010-09-12 17:11 . 2009-02-26 09:22 237568 ----a-w- c:\windows\system32\ANIWPS.exe
2010-09-12 17:11 . 2008-09-25 11:16 204800 ----a-w- c:\windows\system32\ssleay32.dll
2010-09-12 17:11 . 2008-09-25 11:15 1110016 ----a-w- c:\windows\system32\libeay32.dll
2010-09-12 17:11 . 2009-09-02 09:00 733184 ----a-w- c:\windows\system32\ANIOWPS.dll
2010-09-12 17:11 . 2009-08-03 08:57 724736 ----a-w- c:\windows\system32\drivers\Drt2870.sys
2010-09-12 17:11 . 2009-08-03 08:54 221184 ----a-w- c:\windows\system32\RaCoInst.dll
2010-09-12 17:11 . 2009-08-03 08:54 13931 ----a-w- c:\windows\system32\RaCoInst.dat
2010-09-12 17:11 . 2009-07-17 14:23 479360 ----a-w- c:\windows\system32\Dr71WU98.sys
2010-09-12 17:11 . 2007-05-12 12:44 247808 ----a-w- c:\windows\system32\rt25u98.sys
2010-09-12 17:11 . 2005-11-18 13:21 2048 ----a-w- c:\windows\system32\rt73.bin
2010-09-12 17:10 . 2010-09-12 17:10 -------- d-----w- c:\program files\D-Link
2010-09-06 18:53 . 2010-09-06 18:53 -------- d-----w- c:\program files\Creative
2010-09-06 18:53 . 2002-06-06 12:38 139264 ----a-w- c:\windows\system32\eax.dll
2010-09-06 18:50 . 2010-09-06 18:53 -------- d-----w- c:\program files\Mafia
2010-09-06 18:50 . 2002-08-29 15:33 319488 ----a-r- c:\windows\system32\MafiaSetup.exe
2010-09-06 18:47 . 2010-09-06 18:47 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-09-06 18:40 . 2010-09-06 18:40 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-06 17:57 . 2010-09-06 18:00 -------- d-----w- c:\windows\nview
2010-09-06 17:55 . 2004-05-02 08:47 23040 ----a-r- c:\windows\system32\drivers\GVCplDrv.sys
2010-09-06 17:12 . 2010-09-06 17:13 -------- d-----w- c:\program files\Common Files\Ahead
2010-09-06 17:12 . 2010-09-06 17:12 -------- d-----w- c:\program files\Nero
2010-09-06 16:45 . 2010-09-06 16:45 -------- d-----w- C:\$AVG
2010-09-05 15:58 . 2010-09-05 16:02 -------- d--h--w- c:\windows\msdownld.tmp
2010-09-05 15:57 . 2010-09-05 15:57 -------- d-----w- c:\windows\Logs
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-28 19:01 . 2010-08-07 20:34 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-09-28 16:44 . 2004-08-18 12:00 46196 ----a-w- c:\windows\system32\perfc005.dat
2010-09-28 16:44 . 2004-08-18 12:00 309990 ----a-w- c:\windows\system32\perfh005.dat
2010-09-12 17:12 . 2010-09-12 17:12 -------- d-----w- c:\program files\ANI
2010-09-12 17:12 . 2010-08-06 19:25 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-12 17:12 . 2010-08-06 19:25 -------- d-----w- c:\program files\Common Files\InstallShield
2010-09-06 18:53 . 2004-08-18 12:00 11376 ----a-w- c:\windows\system32\drivers\secdrv.sys
2010-08-28 13:05 . 2010-08-28 13:05 -------- d-----w- c:\program files\Codec Pack - All In 1
2010-08-28 13:05 . 2010-08-28 13:05 737280 ----a-w- c:\windows\iun6002.exe
2010-08-07 20:34 . 2010-08-07 20:34 33892 ---ha-w- c:\windows\system32\mlfcache.dat
2010-08-07 20:34 . 2010-08-07 20:34 -------- d-----w- c:\program files\Bonjour
2010-08-07 20:34 . 2010-08-07 20:34 -------- d-----w- c:\program files\Common Files\Apple
2010-08-07 20:34 . 2010-08-07 20:34 -------- d-----w- c:\program files\Apple Software Update
2010-08-07 19:37 . 2010-08-06 19:17 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-08-07 19:37 . 2010-08-06 19:17 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-08-07 09:34 . 2010-08-07 09:34 0 ----a-w- c:\windows\nsreg.dat
2010-08-07 08:28 . 2010-08-06 20:43 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-08-07 08:28 . 2010-08-07 08:28 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-08-07 08:28 . 2010-08-06 20:43 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-08-07 08:27 . 2010-08-06 20:43 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-08-06 21:24 . 2010-08-06 21:24 -------- d-----w- c:\program files\VS Revo Group
2010-08-06 21:23 . 2010-08-06 21:23 -------- d-----w- c:\program files\Google
2010-08-06 21:21 . 2010-08-06 21:21 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-08-06 20:53 . 2010-08-06 20:53 -------- d-----w- c:\program files\Microsoft.NET
2010-08-06 20:43 . 2010-08-06 20:43 -------- d-----w- c:\program files\AVG
2010-08-06 20:25 . 2010-08-06 20:25 -------- d-----w- c:\program files\OO Software
2010-08-06 20:23 . 2010-08-06 20:23 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-06 20:19 . 2010-08-06 20:12 -------- d-----w- c:\program files\Yahoo!
2010-08-06 20:13 . 2010-08-06 20:12 -------- d-----w- c:\program files\CCleaner
2010-08-06 20:06 . 2010-08-06 20:06 -------- d-----w- c:\program files\Lavalys
2010-08-06 19:54 . 2010-08-06 19:54 -------- d-----w- c:\program files\Alwil Software
2010-08-06 19:40 . 2010-08-06 19:39 -------- d-----w- c:\program files\002 - install - ACDSee (cz)
2010-08-06 19:39 . 2010-08-06 19:38 -------- d-----w- c:\program files\totalcmd
2010-08-06 19:29 . 2010-08-06 19:17 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-08-06 19:26 . 2010-08-06 19:26 -------- d-----w- c:\program files\GIGABYTE
2010-08-06 19:25 . 2010-08-06 19:25 -------- d-----w- c:\program files\Realtek
2010-08-06 19:23 . 2010-08-06 19:23 -------- d-----w- c:\program files\Intel
2010-08-06 19:17 . 2010-08-06 19:17 -------- d-----w- c:\program files\microsoft frontpage
2010-08-06 19:14 . 2010-08-06 19:14 21812 ----a-w- c:\windows\system32\emptyregdb.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Vašek\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-08-07 136176]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-04-01 486856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-05-27 16208384]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"GBB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-06-02 385024]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-08-07 2065760]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2009-08-21 98304]
"D-Link D-Link Wireless G DWL-G122_DWA-110"="c:\program files\D-Link\DWL-G122_DWA-110\AirGCFG.exe" [2009-09-18 1708032]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-08-07 08:28 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Vašek\\Dokumenty\\Stažené soubory\\VideoConverter_Setup.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [6.8.2010 22:43 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [6.8.2010 22:43 243024]
R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [12.9.2010 19:12 151552]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [7.8.2010 10:27 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [7.8.2010 10:28 308136]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.9.2010 20:40 717296]
.
Obsah adresáře 'Naplánované úlohy'
2010-09-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Vašek\Data aplikací\Mozilla\Firefox\Profiles\8ultj4by.default\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-WZCSLDR2 - c:\program files\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-10-03 11:48
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG08.00.00.01WORKSTATION"="D39BA84B69A6E343BC4D0C6B77A08FD71100436708B130AD5C669537366E5723372C36A9EFFDA979D825AC935BF7CD76C84ED9D9468A77C8149D02412AF17BCB99206C953AC3F711E76F921D0D8409BCA1EFDC5E4C9312B37BDFF62F74DF909347B9232529F184068D63B4BB98C5E9D737AF87E26EF1B76748AF104ED49FFE612D4FF89F84D48A4C10CBD353ED0B9967486E580AE41A24D15321AD1DE96C330F5C4C4D81F40D454B5A09F17D5EFB477EBAA013AACC5817D3195E744EBBD7FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D67948EDD5E5BE2F6E667BA7FD869164D6794D28A56A1D6D220EC4D7C49A3A5C52753CC674E4B00EC9356ABE31A7650FDEC5E9A1C803B274BB67DA5B6AB3BC918EC61C99667BECFBD9B239DE27CA9D2A27A5986E51B39AD7928857E3A561848D965C8ECC5A9BA7A256C6F8B089B1174B64D46DAB3E109C3EB69482F9D1CDCDBF9ED8F3FF923B4BB8CEB26CE66DF1893407417E5C5B3A90966D25B157078BD8694C792CC2F07B8960FE409450552BD52796210F2D0942FE1DD1FAB0DB385058BFE9981A5D2A8E2CE7E852DD060A314174F70CD557C2EC2F47D70757CDA070E72C06A60604503E66E5E60FA56E626440B63583BE4644AA02CA44B4DCACF604B8814A886145E358AC2686C2E40F9CF891E8B3A1CFB995A98B8E41719E36F9AC2DC6A279E5D687F285C0803D87C72BCB181CF9805781F708F0D842094B78B618C4466192ADD9F492E905E62607B1AAB202BF05CDF3EEC477C5F7E18CCB768085756DE997C39B71B1E77402FFBB3B17FCD54DC506B327038ED2B8112275E3E8263EF60243D9955A30F70B5ED389FEA3E447E3B24384008C302AFEF07D7263BE805312A9C682914B32B1A7A08F73AEC14A467E46A2DD6888EED71E053EA0E80F8A67D2F46CC9A01C231DB014EED0952CEA019679A03683960F9B51D37BE9BA29446FC184C0FA21EE9725EECF1248E2BE27F5B0590C76CD7A4818825D60653ABBDF39DBFBA2778E167550E9588F6D4F9E49C3C328C5E5C926B76B9ABBCC8C4169FD48C3504E05AB49C551B090E97EA3691E88F1AAFFAB78FE8DBDA9552DFFB550724413C7CDB08F78FFEFD87600AE1C9C7E4EA17032880E4F4CA43FDE97B8F4EE3ACF14D5E8A467A6B75EB05C1274F94882A27BD72C33E9E0BEE0FB2B61E15D74CD01A1346B7DC04FB6EE52BD81D4C6A7D636453CC7FF93DCA089D37529EA8C177867BED36FB9ACD34B52AD5B06AF610EE4F034FC36044B5786C11C2B826EA4CC3551A7093C8CD852B283E94356571C24E41AA61F1422EEE7D0251BFC8B5FEAA31DCBCE1A7E0CDCE18386CAC3BB56030ABA1C3E95050D0C46346094A491F8B08E5CB713EA0DD6FBE"
.
Celkový čas: 2010-10-03 11:49:48
ComboFix-quarantined-files.txt 2010-10-03 09:49
Před spuštěním: Volných bajtů: 149 201 948 672
Po spuštění: Volných bajtů: 149 165 879 296
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - 439D24BADF2D1517D88F804EBCCB0F48
Re: kernel stack debugger error
Ohledne viru a zabezpeceni je to ok.
:arrow:Doinstalujte Service Pack 3
Start - spustit - napiste ComboFix /Uninstall - a klepnout na OK,
pokud to takto nepujde,tak přejmenovat ComboFix.exe na Uninstall.exe a spustit ho
Stahnete OTC
spustte a klepnete na CleanUp.
Vycistete pc Ccleanerem.
Vzdy nejprve Analyzovat a pak Spustit Cleaner.2x po sobe.
Windows-odskrtnout historii a historii automatickeho vyplnovani formularu - prisel byste o historii navstivenych stranek a o ulozena hesla ve formularich
(je to sice z pohledu zabezpeceni spatne,ale aspon pak uzivatel nenadava,kam ze mu to zmizelo
)
Aplikace-u prohlizecu internetu odskrtnout Historii internetu.
Registry-nechat vse zaskrtle,Hledej problemy,Opravit vybrane problemy
(nechat ho udelat zalohu-ta je ulozena v Dokumentech-DULEZITE).
Taktez 2x-3x po sobe.
Modrou obrazovku STOP s nejvetsi pravdepodobnosti vyvolava spatne napsany ovladac k nektere hardwarove komponente.
Priste az to udela,opiste cislo chyby a jeji popis a vlozte jej sem.
:arrow:Doinstalujte Service Pack 3
Start - spustit - napiste ComboFix /Uninstall - a klepnout na OK,pokud to takto nepujde,tak přejmenovat ComboFix.exe na Uninstall.exe a spustit ho
Stahnete OTCspustte a klepnete na CleanUp.
Vycistete pc Ccleanerem.Vzdy nejprve Analyzovat a pak Spustit Cleaner.2x po sobe.
Windows-odskrtnout historii a historii automatickeho vyplnovani formularu - prisel byste o historii navstivenych stranek a o ulozena hesla ve formularich
(je to sice z pohledu zabezpeceni spatne,ale aspon pak uzivatel nenadava,kam ze mu to zmizelo
)Aplikace-u prohlizecu internetu odskrtnout Historii internetu.
Registry-nechat vse zaskrtle,Hledej problemy,Opravit vybrane problemy
(nechat ho udelat zalohu-ta je ulozena v Dokumentech-DULEZITE).
Taktez 2x-3x po sobe.
Modrou obrazovku STOP s nejvetsi pravdepodobnosti vyvolava spatne napsany ovladac k nektere hardwarove komponente.Priste az to udela,opiste cislo chyby a jeji popis a vlozte jej sem.
Autoruns + HitmanPro + UPM + Avenger + GMER + OTM + AVPTool + RSIT + RootRepeal
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!
ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!
NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU!
___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
________________________________________________________________________________________
AKTUALIZOVANY ANTIVIR A PERSONALNI FIREWALL JSOU DVE NEZBYTNE OCHRANNE KOMPONENTY KAZDEHO PC,PRIPOJENEHO DO INTERNETU!!!ZALOHOVANIM OSOBNICH DAT O NE NEPRIJDETE V PRIPADE FATALNICH PROBLEMU SE SOFTWAREM I HARDWAREM!!NEPOUZIVEJTE COMBOFIX NA VLASTNI PEST, POUZE, POKUD K TOMU BUDETE VYZVANI.PRI NESPRAVNE MANIPULACI S NIM MUZE DOJIT K ZNEFUNKCNENI SYSTEMU! ___________________________________________________________
----------------------earl@forum.viry.cz-----------------------
Přispějete na provoz fóra?