Dobrý den, prosím o kontrolu logu. PC je pomalé, při testu MBAM nalezeny infekce. Přikládám logy MBAM a RSIT
Předem díky, MS
LOG MBAM:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 5144
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
18.11.2010 18:14:59
mbam-log-2010-11-18 (18-14-59).txt
Typ skenu: Úplný sken (C:\|)
Skenované objekty: 244338
Uplynulý čas: 36 minuta(y), 21 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 4
Infikované hodnoty registru: 3
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
HKEY_CLASSES_ROOT\CLSID\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a} (Adware.Shopper) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a} (Adware.Shopper) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a} (Adware.Shopper) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a} (Adware.Shopper) -> No action taken.
Infikované hodnoty registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a} (Adware.Shopper) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a} (Adware.Shopper) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a} (Adware.Shopper) -> No action taken.
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\Program Files\speed-bit\tbspe1.dll (Adware.Shopper) -> No action taken.
----------------------------------------------------------------------
LOG RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by a at 2010-11-18 18:19:22
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 51 GB (67%) free of 76 GB
Total RAM: 2039 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:19:54, on 18.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
c:\acer\recovery\RCService.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Acer\Desktop Manager\admtray.exe
C:\ACER\PSM.EXE
C:\Acer\Recovery\RCMonitor.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Acer\Desktop Manager\admServ.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgfws9.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\a\Plocha\RSIT.exe
C:\Program Files\trend micro\a.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
R3 - URLSearchHook: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspe1.dll
O3 - Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Zástupce stránky vlastností sběrnice High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [ADMTray.exe] "C:\Program Files\Acer\Desktop Manager\admtray.exe"
O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE
O4 - HKLM\..\Run: [RCMonitor] C:\Acer\Recovery\RCMonitor.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Otevřít obrázek v aplikaci &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1029\phdintl.dll/phdContext.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://GLOBAL.ACER.COM/
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 4322819131
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5908933250
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://212.80.95.221/activex/AxisCamControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {D96D2F74-0B74-47D2-964F-B67E9F69F1CD} (CongnamulMap4Asp Control) - http://asp.congnamul.com/AspActiveX/Con ... sp_V17.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Hardware Monitoring Program (ADMService) - OSA Technologies Inc - C:\Program Files\Acer\Desktop Manager\admServ.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: Služba Google Update (gupdate1ca3dc35205a860) (gupdate1ca3dc35205a860) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Recovery Confirm Service (RECOVERYCONFIRMSRV) - TODO: <Company name> - c:\acer\recovery\RCService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TwonkyMedia - PacketVideo - C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe
--
End of file - 13444 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\SpeedOptimizer Startup.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-557703830-971958249-808005895-1004.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-557703830-971958249-808005895-1004.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar BHO - C:\Program Files\Winamp Toolbar\winamptb.dll [2007-12-13 1185120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]
speed-bit Toolbar - C:\Program Files\speed-bit\tbspe1.dll [2008-01-30 1502232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-20 341600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-10-27 1623392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar4.dll [2007-01-19 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-11 842296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-15 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar4.dll [2007-01-19 2403392]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2007-12-13 1185120]
{2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - speed-bit Toolbar - C:\Program Files\speed-bit\tbspe1.dll [2008-01-30 1502232]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2010-10-06 2475336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Zástupce stránky vlastností sběrnice High Definition Audio"=C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-17 61952]
"ADMTray.exe"=C:\Program Files\Acer\Desktop Manager\admtray.exe [2004-06-01 1340416]
"MPS"=C:\ACER\PSM.EXE [2004-03-04 372736]
"RCMonitor"=C:\Acer\Recovery\RCMonitor.exe [2004-06-01 249856]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"gcasServ"=C:\Program Files\Microsoft AntiSpyware\gcasServ.exe [2005-07-12 473928]
"RemoteControl"=C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-06-28 32768]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2005-12-20 278528]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-06-06 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-06-06 118784]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-02-20 86016]
"AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2006-03-14 2809344]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"tsnpstd3"=C:\WINDOWS\tsnpstd3.exe [2006-06-19 262144]
"snpstd3"=C:\WINDOWS\vsnpstd3.exe [2006-05-12 831488]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"PinnacleDriverCheck"=C:\WINDOWS\system32\\PSDrvCheck.exe [2004-03-11 406016]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-11-11 2069856]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2009-11-06 2090272]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-20 202256]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-04-29 437584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-30 68856]
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-02-05 385856]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
""= []
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-06-28 12536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-06-06 344064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{9EF34FF2-3396-4527-9D27-04C8C1C67806}"=C:\Program Files\Microsoft AntiSpyware\shellextension.dll [2005-06-24 101080]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoActiveDesktop"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\A\Local Settings\Temp\~os95C.tmp\ossproxy.exe"="C:\Documents and Settings\A\Local Settings\Temp\~os95C.tmp\ossproxy.exe:*:Enabled:ossproxy.exe"
"c:\windows\system32\rk.exe"="c:\windows\system32\rk.exe:*:Enabled:rk.exe"
"c:\windows\system32\rlvknlg.exe"="c:\windows\system32\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\DAP\DAP.exe"="C:\Program Files\DAP\DAP.exe:*:Enabled:Download Accelerator Plus (DAP)"
"C:\WINDOWS\System32\rundll32.exe"="C:\WINDOWS\System32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\WINDOWS\System32\dpvsetup.exe"="C:\WINDOWS\System32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Winamp Remote\BIN\Orb.exe"="C:\Program Files\Winamp Remote\BIN\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\BIN\OrbTray.exe"="C:\Program Files\Winamp Remote\BIN\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\BIN\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\BIN\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:*:Enabled:VideoAccelerator"
"C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe"="C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe:*:Enabled:VideoAcceleratorService"
"C:\Program Files\Pinnacle\Studio 10\programs\RM.exe"="C:\Program Files\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"C:\Program Files\Pinnacle\Studio 10\programs\umi.exe"="C:\Program Files\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\AVG\AVG9\avgdiagex.exe"="C:\Program Files\AVG\AVG9\avgdiagex.exe:*:Enabled:avgdiagex.exe"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-11-18 18:19:23 ----D---- C:\Program Files\trend micro
2010-11-18 18:19:22 ----D---- C:\rsit
2010-11-18 17:34:19 ----D---- C:\Documents and Settings\a\Data aplikací\Malwarebytes
2010-11-18 17:34:11 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-11-18 17:34:10 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-11-18 17:34:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-11-18 17:34:10 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-11-15 14:25:05 ----D---- C:\Program Files\Defraggler
2010-11-15 14:06:10 ----D---- C:\Program Files\CCleaner
2010-11-03 20:49:47 ----D---- C:\Documents and Settings\a\Data aplikací\Nvu
2010-11-03 20:49:24 ----D---- C:\Program Files\Nvu
2010-11-03 20:22:57 ----A---- C:\WINDOWS\system32\javaws.exe
2010-11-03 20:22:57 ----A---- C:\WINDOWS\system32\javaw.exe
2010-11-03 20:22:57 ----A---- C:\WINDOWS\system32\java.exe
======List of files/folders modified in the last 1 months======
2010-11-16 16:25:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-11 21:46:38 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSErHrxpx;AVG9IDSErHr; C:\WINDOWS\System32\Drivers\AVGIDSxx.sys [2010-06-28 25168]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 tffsport;M-Systems DiskOnChip 2000; C:\WINDOWS\System32\DRIVERS\tffsport.sys [2008-04-13 149376]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-06-28 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-06-09 29584]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-06-28 243024]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R2 osaio;osaio; C:\WINDOWS\system32\drivers\osaio.sys [2004-06-01 10386]
R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\System32\Drivers\ASAPIW2K.sys [2005-01-10 11264]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-11-03 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys []
R3 AVGIDSFilterxpx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys []
R3 AVGIDSShimxpx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys []
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\System32\DRIVERS\b57xp32.sys [2004-04-30 186112]
R3 GEARAspiWDM;GEAR CDRom Filter; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2005-03-07 14408]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-17 4262912]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 PortRW;PortRW; C:\WINDOWS\System32\Drivers\PortRW.sys [2003-08-15 3456]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-11-03 30104]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys []
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2004-06-06 730653]
S3 jusb;jusb; C:\WINDOWS\System32\Drivers\jusb.sys [2010-03-04 29184]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys []
S3 P17;Sound Blaster Live! 24-bit; C:\WINDOWS\system32\drivers\P17.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2006-06-27 10148480]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADMService;Hardware Monitoring Program; C:\Program Files\Acer\Desktop Manager\admServ.exe [2004-06-01 1243648]
R2 avg9emc;AVG E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-26 921952]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-06-28 308136]
R2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2010-09-21 2331544]
R2 AVGIDSAgent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-06-28 5897808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-15 153376]
R2 RECOVERYCONFIRMSRV;Recovery Confirm Service; c:\acer\recovery\RCService.exe [2004-06-01 286720]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPodService;iPodService; C:\Program Files\iPod\bin\iPodService.exe [2005-12-20 323584]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S2 gupdate1ca3dc35205a860;Služba Google Update (gupdate1ca3dc35205a860); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-25 133104]
S2 TwonkyMedia;TwonkyMedia; C:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe [2009-01-29 102400]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-06 517448]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-15 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pomaly start, nálezy mbam
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomaly start, nálezy mbam
Smažte vše, co MBAM našel a dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
yugges
- Vzorný návštěvník
- Příspěvky: 152
- Registrován: 15 říj 2008 10:23
- Bydliště: Praha 20
- Kontaktovat uživatele:
Re: pomaly start, nálezy mbam
Díky!!!
Rád bych učinil další krok, ale ComboFix dokáže jen vygenerovat okýnko s nadpisem tsnpstd3, textem OnClose! a jediným tlačítkem OK
Mám to zkusit v nouz. režimu?
MS
Rád bych učinil další krok, ale ComboFix dokáže jen vygenerovat okýnko s nadpisem tsnpstd3, textem OnClose! a jediným tlačítkem OK
Mám to zkusit v nouz. režimu?
MS
-
yugges
- Vzorný návštěvník
- Příspěvky: 152
- Registrován: 15 říj 2008 10:23
- Bydliště: Praha 20
- Kontaktovat uživatele:
Re: pomaly start, nálezy mbam
Tak nakonec jsem Combofix spustil, když se mi (snad) podařilo zneškodnit AVGčko...
Tady je log z ComboFixu
ComboFix 10-11-18.03 - a 19.11.2010 14:34:47.1.2 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1581 [GMT 1:00]
Spuštěný z: c:\documents and settings\a\Plocha\ComboFix.exe
AV: AVG Internet Security *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\~WRD0000.tmp
c:\documents and settings\a\Dokumenty\cc_20101119_124448.reg
c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll
c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
c:\program files\Mozilla Firefox\Plugins\npqtplugin2.dll
c:\program files\Mozilla Firefox\Plugins\npqtplugin3.dll
c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
c:\program files\Mozilla Firefox\Plugins\npqtplugin6.dll
c:\program files\Mozilla Firefox\Plugins\npqtplugin7.dll
c:\program files\Opera\Program\Plugins\npqtplugin2.dll
c:\program files\Opera\Program\Plugins\npqtplugin3.dll
c:\program files\Opera\Program\Plugins\npqtplugin4.dll
c:\program files\Opera\Program\Plugins\npqtplugin5.dll
c:\program files\Opera\Program\Plugins\npqtplugin6.dll
c:\program files\Opera\Program\Plugins\npqtplugin7.dll
c:\program files\QuickTime\Plugins\npqtplugin2.dll
c:\program files\QuickTime\Plugins\npqtplugin3.dll
c:\program files\QuickTime\Plugins\npqtplugin4.dll
c:\program files\QuickTime\Plugins\npqtplugin5.dll
c:\program files\QuickTime\Plugins\npqtplugin6.dll
c:\program files\QuickTime\Plugins\npqtplugin7.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-19 do 2010-11-19 )))))))))))))))))))))))))))))))
.
2010-11-19 11:05 . 2010-11-19 11:05 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\VSRevoGroup
2010-11-19 10:57 . 2010-11-19 10:57 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-11-19 10:49 . 2010-11-19 10:49 -------- d-----w- c:\program files\VS Revo Group
2010-11-19 10:04 . 2010-11-19 10:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\avg8
2010-11-18 17:19 . 2010-11-18 17:19 -------- d-----w- c:\program files\trend micro
2010-11-18 17:19 . 2010-11-18 17:19 -------- d-----w- C:\rsit
2010-11-18 16:34 . 2010-11-18 16:34 -------- d-----w- c:\documents and settings\a\Data aplikací\Malwarebytes
2010-11-18 16:34 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-18 16:34 . 2010-11-18 16:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-18 16:34 . 2010-11-18 16:34 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-11-18 16:34 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-15 13:25 . 2010-11-15 13:25 -------- d-----w- c:\program files\Defraggler
2010-11-15 13:06 . 2010-11-15 13:06 -------- d-----w- c:\program files\CCleaner
2010-11-03 19:49 . 2010-11-03 19:49 -------- d-----w- c:\documents and settings\a\Data aplikací\Nvu
2010-11-03 19:49 . 2010-11-03 19:49 -------- d-----w- c:\program files\Nvu
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 11:23 . 1979-12-31 23:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 07:53 . 1979-12-31 23:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 07:53 . 1979-12-31 23:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 07:53 . 1979-12-31 23:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-15 03:50 . 2010-05-04 17:01 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 01:29 . 2007-05-12 15:13 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-10 06:52 . 2004-11-11 18:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 06:52 . 1979-12-31 23:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 06:52 . 1979-12-31 23:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-01 12:52 . 1979-12-31 23:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 08:57 . 1979-12-31 23:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 09:03 . 1979-12-31 23:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 06:54 . 1979-12-31 23:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 02:43 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 14:39 . 1979-12-31 23:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 17:12 . 1979-12-31 23:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2009-05-05 19:24 . 2009-05-05 19:24 5658992 ----a-w- c:\program files\mt4setup.exe
2006-06-22 19:40 . 2006-06-22 19:40 12815360 ----a-w- c:\program files\MP10Setup.exe
2006-01-24 19:15 . 2006-01-24 19:13 36488456 ----a-w- c:\program files\iTunesSetup.exe
2005-11-21 22:05 . 2005-11-21 22:04 7256768 ----a-w- c:\program files\140084.exe
2005-11-21 21:56 . 2005-11-21 21:56 7256768 ----a-w- c:\program files\SKYPE PHONE.exe
2004-08-09 22:30 . 2005-12-12 19:50 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zástupce stránky vlastností sběrnice High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 61952]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-06-06 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-06-06 118784]
"SoundMan"="SOUNDMAN.EXE" [2006-02-20 86016]
"AlcWzrd"="ALCWZRD.EXE" [2006-03-14 2809344]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-06-28 21:08 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-02-05 12:45 385856 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-07-30 18:01 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-20 08:31 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\System32\\dpvsetup.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Winamp Remote\\BIN\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\BIN\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\BIN\\OrbStreamerClient.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [3.11.2009 22:10 25168]
R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [10.2.2005 16:30 149376]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [4.1.2009 22:15 216400]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [4.1.2009 22:15 243024]
R2 RECOVERYCONFIRMSRV;Recovery Confirm Service;c:\acer\recovery\RCService.exe [31.8.2004 1:11 286720]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13.11.2009 12:31 92008]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [28.2.2009 18:06 30104]
R3 PortRW;PortRW;c:\windows\system32\drivers\PortRW.sys [31.8.2004 1:10 3456]
S2 gupdate1ca3dc35205a860;Služba Google Update (gupdate1ca3dc35205a860);c:\program files\Google\Update\GoogleUpdate.exe [25.9.2009 11:33 133104]
S2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [28.2.2009 18:06 30104]
S3 jusb;jusb;c:\windows\system32\drivers\jusb.sys [4.3.2010 11:41 29184]
.
Obsah adresáře 'Naplánované úlohy'
2010-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-25 10:32]
2010-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-25 10:32]
2010-11-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-557703830-971958249-808005895-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
2010-11-19 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-557703830-971958249-808005895-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Otevřít obrázek v aplikaci &Microsoft PhotoDraw - c:\progra~1\MICROS~2\Office\1029\phdintl.dll/phdContext.htm
DPF: {D96D2F74-0B74-47D2-964F-B67E9F69F1CD} - hxxp://asp.congnamul.com/AspActiveX/CongnamulMap4Asp_V17.cab
FF - ProfilePath - c:\documents and settings\a\Data aplikací\Mozilla\Firefox\Profiles\xe4qi5rz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1133554&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: browser.startup.homepage - hxxps://mail.atypo-sro.cz/owa
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=
FF - component: c:\documents and settings\a\Data aplikací\Mozilla\Firefox\Profiles\xe4qi5rz.default\extensions\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}\components\FFAlert.dll
FF - component: c:\documents and settings\a\Data aplikací\Mozilla\Firefox\Profiles\xe4qi5rz.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
URLSearchHooks-{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
SafeBoot-AVG Anti-Spyware Driver
SafeBoot-AVG Anti-Spyware Guard
AddRemove-DVD_is1 - d:\obaly na cd\Popisovač CD-DVD\unins000.exe
**************************************************************************
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory:
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2010-11-19 14:39:28
ComboFix-quarantined-files.txt 2010-11-19 13:39
Před spuštěním: Volných bajtů: 56 166 940 672
Po spuštění: Volných bajtů: 56 257 249 280
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
- - End Of File - - 782C6098964FC42430AAF04FC047964B
Tady je log z ComboFixu
ComboFix 10-11-18.03 - a 19.11.2010 14:34:47.1.2 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1581 [GMT 1:00]
Spuštěný z: c:\documents and settings\a\Plocha\ComboFix.exe
AV: AVG Internet Security *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\~WRD0000.tmp
c:\documents and settings\a\Dokumenty\cc_20101119_124448.reg
c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll
c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
c:\program files\Mozilla Firefox\Plugins\npqtplugin2.dll
c:\program files\Mozilla Firefox\Plugins\npqtplugin3.dll
c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
c:\program files\Mozilla Firefox\Plugins\npqtplugin6.dll
c:\program files\Mozilla Firefox\Plugins\npqtplugin7.dll
c:\program files\Opera\Program\Plugins\npqtplugin2.dll
c:\program files\Opera\Program\Plugins\npqtplugin3.dll
c:\program files\Opera\Program\Plugins\npqtplugin4.dll
c:\program files\Opera\Program\Plugins\npqtplugin5.dll
c:\program files\Opera\Program\Plugins\npqtplugin6.dll
c:\program files\Opera\Program\Plugins\npqtplugin7.dll
c:\program files\QuickTime\Plugins\npqtplugin2.dll
c:\program files\QuickTime\Plugins\npqtplugin3.dll
c:\program files\QuickTime\Plugins\npqtplugin4.dll
c:\program files\QuickTime\Plugins\npqtplugin5.dll
c:\program files\QuickTime\Plugins\npqtplugin6.dll
c:\program files\QuickTime\Plugins\npqtplugin7.dll
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-19 do 2010-11-19 )))))))))))))))))))))))))))))))
.
2010-11-19 11:05 . 2010-11-19 11:05 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\VSRevoGroup
2010-11-19 10:57 . 2010-11-19 10:57 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-11-19 10:49 . 2010-11-19 10:49 -------- d-----w- c:\program files\VS Revo Group
2010-11-19 10:04 . 2010-11-19 10:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\avg8
2010-11-18 17:19 . 2010-11-18 17:19 -------- d-----w- c:\program files\trend micro
2010-11-18 17:19 . 2010-11-18 17:19 -------- d-----w- C:\rsit
2010-11-18 16:34 . 2010-11-18 16:34 -------- d-----w- c:\documents and settings\a\Data aplikací\Malwarebytes
2010-11-18 16:34 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-18 16:34 . 2010-11-18 16:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-18 16:34 . 2010-11-18 16:34 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-11-18 16:34 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-15 13:25 . 2010-11-15 13:25 -------- d-----w- c:\program files\Defraggler
2010-11-15 13:06 . 2010-11-15 13:06 -------- d-----w- c:\program files\CCleaner
2010-11-03 19:49 . 2010-11-03 19:49 -------- d-----w- c:\documents and settings\a\Data aplikací\Nvu
2010-11-03 19:49 . 2010-11-03 19:49 -------- d-----w- c:\program files\Nvu
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 11:23 . 1979-12-31 23:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 07:53 . 1979-12-31 23:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 07:53 . 1979-12-31 23:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 07:53 . 1979-12-31 23:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-15 03:50 . 2010-05-04 17:01 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 01:29 . 2007-05-12 15:13 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-10 06:52 . 2004-11-11 18:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 06:52 . 1979-12-31 23:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 06:52 . 1979-12-31 23:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-01 12:52 . 1979-12-31 23:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 08:57 . 1979-12-31 23:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 09:03 . 1979-12-31 23:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 06:54 . 1979-12-31 23:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 02:43 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 14:39 . 1979-12-31 23:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-23 17:12 . 1979-12-31 23:00 617472 ----a-w- c:\windows\system32\comctl32.dll
2009-05-05 19:24 . 2009-05-05 19:24 5658992 ----a-w- c:\program files\mt4setup.exe
2006-06-22 19:40 . 2006-06-22 19:40 12815360 ----a-w- c:\program files\MP10Setup.exe
2006-01-24 19:15 . 2006-01-24 19:13 36488456 ----a-w- c:\program files\iTunesSetup.exe
2005-11-21 22:05 . 2005-11-21 22:04 7256768 ----a-w- c:\program files\140084.exe
2005-11-21 21:56 . 2005-11-21 21:56 7256768 ----a-w- c:\program files\SKYPE PHONE.exe
2004-08-09 22:30 . 2005-12-12 19:50 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Zástupce stránky vlastností sběrnice High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 61952]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-06-06 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-06-06 118784]
"SoundMan"="SOUNDMAN.EXE" [2006-02-20 86016]
"AlcWzrd"="ALCWZRD.EXE" [2006-03-14 2809344]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-06-28 21:08 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2010-02-05 12:45 385856 ----a-w- c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-07-30 18:01 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-03-20 08:31 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\System32\\dpvsetup.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Winamp Remote\\BIN\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\BIN\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\BIN\\OrbStreamerClient.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"c:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [3.11.2009 22:10 25168]
R0 tffsport;M-Systems DiskOnChip 2000;c:\windows\system32\drivers\tffsport.sys [10.2.2005 16:30 149376]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [4.1.2009 22:15 216400]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [4.1.2009 22:15 243024]
R2 RECOVERYCONFIRMSRV;Recovery Confirm Service;c:\acer\recovery\RCService.exe [31.8.2004 1:11 286720]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [13.11.2009 12:31 92008]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [28.2.2009 18:06 30104]
R3 PortRW;PortRW;c:\windows\system32\drivers\PortRW.sys [31.8.2004 1:10 3456]
S2 gupdate1ca3dc35205a860;Služba Google Update (gupdate1ca3dc35205a860);c:\program files\Google\Update\GoogleUpdate.exe [25.9.2009 11:33 133104]
S2 TwonkyMedia;TwonkyMedia;c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> c:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [28.2.2009 18:06 30104]
S3 jusb;jusb;c:\windows\system32\drivers\jusb.sys [4.3.2010 11:41 29184]
.
Obsah adresáře 'Naplánované úlohy'
2010-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-25 10:32]
2010-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-25 10:32]
2010-11-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-557703830-971958249-808005895-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
2010-11-19 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-557703830-971958249-808005895-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: &Winamp Toolbar Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Otevřít obrázek v aplikaci &Microsoft PhotoDraw - c:\progra~1\MICROS~2\Office\1029\phdintl.dll/phdContext.htm
DPF: {D96D2F74-0B74-47D2-964F-B67E9F69F1CD} - hxxp://asp.congnamul.com/AspActiveX/CongnamulMap4Asp_V17.cab
FF - ProfilePath - c:\documents and settings\a\Data aplikací\Mozilla\Firefox\Profiles\xe4qi5rz.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1133554&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - WebHledani
FF - prefs.js: browser.startup.homepage - hxxps://mail.atypo-sro.cz/owa
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresults.asp?src=default&q=
FF - component: c:\documents and settings\a\Data aplikací\Mozilla\Firefox\Profiles\xe4qi5rz.default\extensions\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}\components\FFAlert.dll
FF - component: c:\documents and settings\a\Data aplikací\Mozilla\Firefox\Profiles\xe4qi5rz.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
URLSearchHooks-{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
SafeBoot-AVG Anti-Spyware Driver
SafeBoot-AVG Anti-Spyware Guard
AddRemove-DVD_is1 - d:\obaly na cd\Popisovač CD-DVD\unins000.exe
**************************************************************************
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory:
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2010-11-19 14:39:28
ComboFix-quarantined-files.txt 2010-11-19 13:39
Před spuštěním: Volných bajtů: 56 166 940 672
Po spuštění: Volných bajtů: 56 257 249 280
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
- - End Of File - - 782C6098964FC42430AAF04FC047964B
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomaly start, nálezy mbam
Smažte vše, co MBAM nalezl. Další položky smazal CF. Zbytek logu CF vypadá čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?