Zdravim,
mohl bych Vas poprosit o kontrolu logu ? Mam WIN7 a uz par dni mam problem, ze nemuzu nikde uploadovat zadny soubory, nemuzu v programech jako je corel importovat ani kliknout na Soubor->otevrit , protoze to vubec nic neudela. Stejne tak jako, kdyz chci uploadovat soubor treba pres ulozto, tak po kliknuti se proste nic nestane. Diky moc za pomoc, nevim si s tim uz rady. Stejne tak jako treba zde, kde bych mohl vybrat soubor, ale kdyz na to kliknu taky se nic nestane.
Windows Vista SP 0 (build 7600)
Boot Mode: Normal
Ověření souborů Microsoftu: Ano
Whitelist: Ano
Internet Explorer v8.00.7600.16385 (win7_rtm.090713-1255)
Log vygenerován: 24.11.2010 22:27:05
================================================================
Běžící procesy
================================================================
C:\PROGRAM FILES\SPYWARE TERMINATOR\SP_RSSER.EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISSCH.EXE
C:\PROGRAM FILES\VIA\VIAUDIOI\VDECK\VDECK.EXE
Scanner
================================================================
[?] sp_rsser.exe
EntryPoint v sekci: .ITEXT
|_ Celkový počet sekcí: 9
Nemá okno
Soubor 70%
[S] explorer.exe
Spouští se po startu HKLM Winlogon [Shell]
[R] AvastUI.exe
Spouští se po startu HKLM Run [avast5]
[?] issch.exe
Spouští se po startu HKLM Run [ISUSScheduler]
Nemá okno
Soubor 7%
[?] VDeck.exe
Spouští se po startu HKLM Run [HDAudDeck]
Soubor 7%
[R] GrooveMonitor.exe
Ověřený Microsoft: Ne
Spouští se po startu HKLM Run [GrooveMonitor]
[R] GoogleDesktop.exe
Spouští se po startu HKLM Run [Google Desktop Search]
[R] GoogleDesktop.exe
Spouští se po startu HKLM Run [Google Desktop Search]
[R] DTLite.exe
Spouští se po startu HKCU Run [DAEMON Tools Lite]
EntryPoint v sekci: .VMP1
|_ Celkový počet sekcí: 6
[S] dllhost.exe
Proces se nepodařilo otevřít
ROOTKIT? Skrytá cesta
Spouští se po startu HKCU Run [SpywareTerminatorUpdate]
Nelze otevřít
Po spuštění
================================================================
HKCU Run
|_ [!][SpywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
|_ [?][ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
|_ [R][Google Update] C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe /c
|_ [R][DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun
HKLM Run
|_ [R][avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe /nogui
|_ [?][QuickTime Task] C:\Program Files\QuickTime\QTTask.exe -atboottime
|_ [?][ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -start
|_ [?][HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
|_ [R][Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup
|_ [?][CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe /title=CorelDRAW Graphics Suite 12 /date=112710 serial=dr12ccn-1517996-ebk lang=CZ
HKLM ShellServiceObjectDelayLoad
|_ [X][WebCheck] (Soubor nenalezen)
HKLM IC
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll
HKLM AppInit_DLLs
|_ [?][AppInit_DLLs] C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL
Služby (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[X] Google Update Service (gupdate)
|_ Cesta: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: gupdate
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Zastaveno
|_ Typ: Win32 Own Process
|_ Dependency: RPCSS
[!] Spyware Terminator Realtime Shield Service
|_ Cesta: C:\Program Files\Spyware Terminator\sp_rsser.exe
| |_ Výrobce: Crawler.com
| |_ Popis: Spyware Terminator Realtime Shield 32-bit Service
| |_ MD5: 642180B8F50E7FC1FBAF87C718E259D6
|
|_ Jméno: sp_rssrv
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:
Ovladače (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[X] Hardlock
|_ Cesta: C:\Windows\system32\drivers\hardlock.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: Hardlock
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency:
[?] ATK0110 ACPI UTILITY
|_ Cesta: C:\Windows\system32\DRIVERS\ASACPI.sys
| |_ Výrobce:
| |_ Popis: ATK0110 ACPI Utility
| |_ MD5: 0F24624106D8042E7F27882D9D6FF5C0
|
|_ Jméno: MTsensor
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] Guardant Emulator Driver
|_ Cesta: C:\Windows\system32\Drivers\NSHE.SYS
| |_ Výrobce: T0r0 2008
| |_ Popis: DongleEmulator for HASP, Sentinel, etc
| |_ MD5: F8E396F5E703D7A8F37D90F59C776268
|
|_ Jméno: NSHE
|_ StartName:
|_ Typ spouštění: Auto Start
|_ Status: Zastaveno
|_ Typ: Kernel Driver
|_ Dependency: HARDLOCK
[?] Realtek 8167 NT Driver
|_ Cesta: C:\Windows\system32\DRIVERS\Rt86win7.sys
| |_ Výrobce: Realtek Corporation
| |_ Popis: Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver
| |_ MD5: 3983CEA05BB855351D75F5482B6C42CE
|
|_ Jméno: RTL8167
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] sptd
|_ Cesta: C:\Windows\System32\Drivers\sptd.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: sptd
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] Spyware Terminator Driver 2
|_ Cesta: C:\Windows\system32\drivers\sp_rsdrv2.sys
| |_ Výrobce: ?
| |_ Popis: ?
| |_ MD5: 8831252BCF05FCFB5ABD116A22E552D8
|
|_ Jméno: sp_rsdrv2
|_ StartName:
|_ Typ spouštění: System Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
[?] VIA High Definition Audio Driver Service
|_ Cesta: C:\Windows\system32\drivers\viahduaa.sys
| |_ Výrobce: VIA Technologies, Inc.
| |_ Popis: VIA High Definition Audio Function Driver
| |_ MD5: 136D8C141515EBE185754459D83FD45F
|
|_ Jméno: VIAHdAudAddService
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:
Moduly (Zobraz i bezpečné DLL: False, Jen bez výrobce: True, Zobraz registrované: False)
================================================================
[!] sptcontmenu.dll
|_ Cesta: C:\Program Files\Spyware Terminator\sptcontmenu.dll
|_ MD5: A5E97B2B88CC48FC178E88BF6E02F5EC
|_ Výrobce: Crawler.com
|_ Procesy
|_ explorer.exe (2776)
[?] 7-zip.dll
|_ Cesta: C:\Program Files\7-Zip\7-zip.dll
|_ MD5: 20B2C339361E82A6707533BAC481FCE4
|_ Výrobce: Igor Pavlov
|_ Procesy
|_ explorer.exe (2776)
[?] googledesktophyper.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleDesktopHyper.dll
|_ MD5: BC272885EEEE1234E856C2FA65FC1A3E
|_ Výrobce: Google
|_ Procesy
|_ explorer.exe (2776)
|_ GoogleDesktop.exe (3116)
|_ GoogleDesktop.exe (3300)
[?] googledesktopresources_en.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll
|_ MD5: A4B20D256CD8F7BA4F303CB6DBDD7BE7
|_ Výrobce: Google
|_ Procesy
|_ explorer.exe (2776)
|_ GoogleDesktop.exe (3116)
|_ GoogleDesktop.exe (3300)
|_ chrome.exe (3284)
|_ chrome.exe (2816)
|_ chrome.exe (3476)
[?] googledesktopcommon.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleDesktopCommon.dll
|_ MD5: 543786F4FB229A1EEEBC820F86D50D7E
|_ Výrobce: Google
|_ Procesy
|_ explorer.exe (2776)
|_ GoogleDesktop.exe (3116)
|_ GoogleDesktop.exe (3300)
|_ chrome.exe (3284)
[?] atl80.dll
|_ Cesta: C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll
|_ MD5: 3E9A33113D663D8BD5ED38858E669652
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ explorer.exe (2776)
|_ GrooveMonitor.exe (3108)
|_ GoogleDesktop.exe (3300)
|_ chrome.exe (3284)
|_ javaw.exe (5184)
|_ UPM.exe (7708)
|_ UPM.exe (5024)
[?] googledesktopdeskbar2.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleDesktopDeskbar2.dll
|_ MD5: DF2C77792700C5E4AB182F68D3FAC905
|_ Výrobce: Google
|_ Procesy
|_ explorer.exe (2776)
|_ GoogleDesktop.exe (3300)
[?] vmicapi.dll
|_ Cesta: C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
|_ MD5: F9E91D9E8C7D1141B9B74AC4C5779619
|_ Výrobce:
|_ Procesy
|_ VDeck.exe (3092)
[?] skin.dll
|_ Cesta: C:\Program Files\VIA\VIAudioi\VDeck\skin.dll
|_ MD5: 4BE6A497117883B8DFDBBC5A75411CB5
|_ Výrobce:
|_ Procesy
|_ VDeck.exe (3092)
[?] qsapoapi.dll
|_ Cesta: C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
|_ MD5: E5E41D0974EEEC563F1FFBAD40167A5B
|_ Výrobce:
|_ Procesy
|_ VDeck.exe (3092)
[?] gzlib.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\gzlib.dll
|_ MD5: 97F1AC7B9D7D9A5F28DCEA8009914AD9
|_ Výrobce:
|_ Procesy
|_ GoogleDesktop.exe (3116)
|_ GoogleDesktop.exe (3300)
[?] googledesktopapi2.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll
|_ MD5: D5BBBA3E9B11C11AC51D75AB9BAE9C93
|_ Výrobce: Google
|_ Procesy
|_ GoogleDesktop.exe (3116)
|_ chrome.exe (3284)
[?] googleservices.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleServices.dll
|_ MD5: FAACB8DE84F2BD375BCABF661A9299B0
|_ Výrobce: Google
|_ Procesy
|_ GoogleDesktop.exe (3116)
|_ GoogleDesktop.exe (3300)
[?] googleuiengine.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleUIEngine.dll
|_ MD5: D42F6815A327FCADC5E3D5925EC92EB2
|_ Výrobce: Google
|_ Procesy
|_ GoogleDesktop.exe (3300)
[?] googledesktopssd.dll
|_ Cesta: C:\Program Files\Google\Google Desktop Search\GoogleDesktopSSD.dll
|_ MD5: 0F6C873CC521CA26526FD1AA8E1C44C6
|_ Výrobce: Google
|_ Procesy
|_ GoogleDesktop.exe (3300)
[?] mfc80u.dll
|_ Cesta: C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
|_ MD5: 686B224B4987C22B153FBB545FEE9657
|_ Výrobce: Microsoft Corporation
|_ Procesy
|_ DTLite.exe (4012)
[?] go36f4~1.dll
|_ Cesta: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL
|_ MD5: 2010517CC8E09E07087E50A04689012E
|_ Výrobce: Google
|_ Procesy
|_ chrome.exe (3284)
|_ chrome.exe (2816)
|_ chrome.exe (3476)
[?] gcswf32.dll
|_ Cesta: C:\Users\Lukas\AppData\Local\Google\Chrome\Application\7.0.517.44\gcswf32.dll
|_ MD5: 956BDB632F35E98335E77B91FFB6B52F
|_ Výrobce: ?
|_ Procesy
|_ chrome.exe (2816)
[?] awt.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\awt.dll
|_ MD5: 5DEEDBBF0C31641925832E3D5FFD630C
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)
[?] dcpr.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\dcpr.dll
|_ MD5: F23A7D1CC6F854ED59EB8D5E52893106
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)
[?] fontmanager.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\fontmanager.dll
|_ MD5: 9224A31667776E2E74D2C0B3531CB666
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)
[?] hpi.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\hpi.dll
|_ MD5: 70FE398D1050459C164BEF4CDAC1CF53
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)
[?] java.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\java.dll
|_ MD5: 8D8530720C7EE2621D56600787CBB630
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)
[?] mlib_image.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\mlib_image.dll
|_ MD5: EEB97821594068227405D7E6EE9BFDDA
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)
[?] net.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\net.dll
|_ MD5: AADC80A8F0867D632FB7D8B523E704EC
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)
[?] nio.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\nio.dll
|_ MD5: D5EDC76DFADE2BE98C44A5B65A49F115
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)
[?] sunmscapi.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\sunmscapi.dll
|_ MD5: 6F300CDD7C19D0B0D95FDD2F84FBFB70
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)
[?] verify.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\verify.dll
|_ MD5: 75E396AA1F886EC91D976A9050B98C01
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)
[?] zip.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\zip.dll
|_ MD5: 575A48A01DB1F33F3EF7AC658ABF9FB8
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)
[?] jvm.dll
|_ Cesta: C:\Program Files\Java\jre6\bin\client\jvm.dll
|_ MD5: 91914C2BA8B7DE1ACD625C23B833B30A
|_ Výrobce: Sun Microsystems, Inc.
|_ Procesy
|_ javaw.exe (5184)
================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ] - Not Registered =(
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrolu logu
Dobré ranko 
Můžete si stahnout soubor přes flešku z jiného pc?
Vložte log ze Rsitu s názvem LOG.TXT, viz můj podpis 
.
Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Můžete si stahnout soubor přes flešku z jiného pc?
Vložte log ze Rsitu s názvem LOG.TXT, viz můj podpis . Stahněte MBAM z mého podpisu-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Kontrolu logu
Zdravim,
co se tyce kopirovani pres flashku, tak to pokud vim problem neni. Nahravat, kopirovat, vsechno muzu, jen mi proste nevyskakuje okno, kdyz potrebuju otevrit soubor v nejakem programu (funguje to treba v office), ale v nicem jinem ne.
Zde je Log z Rsitu.
Diky
Logfile of random's system information tool 1.08 (written by random/random)
Run by Lukas at 2010-11-28 03:13:38
Microsoft Windows 7 Ultimate
System drive C: has 249 GB (52%) free of 477 GB
Total RAM: 2047 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:13:45, on 28.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\Downloads\RSIT.exe
C:\Program Files\trend micro\Lukas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe /title="CorelDRAW Graphics Suite 12" /date=121310 serial=dr12ccn-1517996-ebk lang=CZ
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 6829 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2283128623-4176583203-2776315920-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2283128623-4176583203-2776315920-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-17 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2009-06-05 1417216]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-02 30192]
"CorelDRAW Graphics Suite 11b"=C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe [2004-06-22 729088]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-11-22 3037696]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"Google Update"=C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-17 136176]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-11-28 03:13:38 ----D---- C:\rsit
2010-11-28 03:13:38 ----D---- C:\Program Files\trend micro
2010-11-24 22:22:48 ----D---- C:\Program Files\Ultimate Process Manager
2010-11-24 22:06:22 ----D---- C:\Users\Lukas\AppData\Roaming\ImgBurn
2010-11-24 22:04:26 ----D---- C:\Program Files\ImgBurn
2010-11-24 19:23:24 ----D---- C:\Windows\pss
2010-11-24 19:21:40 ----SHD---- C:\Config.Msi
2010-11-22 23:26:36 ----D---- C:\Users\Lukas\AppData\Roaming\Spyware Terminator
2010-11-22 23:26:36 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2010-11-22 23:26:35 ----D---- C:\ProgramData\Spyware Terminator
2010-11-22 23:26:34 ----D---- C:\Program Files\Spyware Terminator
2010-11-22 23:03:12 ----D---- C:\Program Files\Windows Live Safety Center
2010-11-22 22:42:56 ----D---- C:\Program Files\Recuva
2010-11-22 22:37:40 ----D---- C:\Program Files\Common Files\Adobe
2010-11-22 21:41:32 ----D---- C:\Users\Lukas\AppData\Roaming\Systweak
2010-11-22 21:41:27 ----D---- C:\Program Files\RegClean Pro
2010-11-22 21:18:56 ----A---- C:\Windows\ntbtlog.txt
2010-11-21 18:15:10 ----A---- C:\Windows\system32\drivers\ks.sys
2010-11-21 18:13:57 ----A---- C:\Windows\system32\msdri.dll
2010-11-21 18:13:57 ----A---- C:\Windows\system32\CPFilters.dll
2010-11-21 18:13:55 ----A---- C:\Windows\system32\psisdecd.dll
2010-11-21 18:13:48 ----A---- C:\Windows\system32\wmp.dll
2010-11-21 18:13:45 ----A---- C:\Windows\system32\wmploc.DLL
2010-11-21 18:13:42 ----A---- C:\Windows\system32\mshtml.dll
2010-11-21 18:13:42 ----A---- C:\Windows\system32\iertutil.dll
2010-11-21 18:13:41 ----A---- C:\Windows\system32\urlmon.dll
2010-11-21 18:13:41 ----A---- C:\Windows\system32\msfeeds.dll
2010-11-21 18:13:41 ----A---- C:\Windows\system32\licmgr10.dll
2010-11-21 18:13:41 ----A---- C:\Windows\system32\ieframe.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\wininet.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\mstime.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\ieui.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\iepeers.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\iedkcs32.dll
2010-11-21 18:13:39 ----A---- C:\Windows\system32\mshtmled.dll
2010-11-21 18:13:39 ----A---- C:\Windows\system32\msfeedssync.exe
2010-11-21 18:13:39 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-11-21 18:13:39 ----A---- C:\Windows\system32\jsproxy.dll
2010-11-21 18:13:36 ----A---- C:\Windows\system32\tzres.dll
2010-11-21 18:13:28 ----A---- C:\Windows\system32\wmpmde.dll
2010-11-21 18:13:27 ----A---- C:\Windows\system32\schannel.dll
2010-11-21 18:13:26 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-11-21 18:13:20 ----A---- C:\Windows\system32\mfc40u.dll
2010-11-21 18:13:20 ----A---- C:\Windows\system32\mfc40.dll
2010-11-21 18:13:19 ----A---- C:\Windows\system32\spoolsv.exe
2010-11-21 18:13:18 ----A---- C:\Windows\system32\ole32.dll
2010-11-21 18:13:18 ----A---- C:\Windows\system32\drivers\srv.sys
2010-11-21 18:13:17 ----A---- C:\Windows\system32\srvsvc.dll
2010-11-21 18:13:17 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-11-21 18:13:17 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-11-21 18:13:16 ----A---- C:\Windows\system32\t2embed.dll
2010-11-21 18:13:15 ----A---- C:\Windows\system32\comctl32.dll
2010-11-21 18:13:14 ----A---- C:\Windows\system32\win32k.sys
2010-11-21 18:13:13 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-11-19 01:58:26 ----D---- C:\ProgramData\PopCap Games
2010-11-08 23:30:04 ----D---- C:\Program Files\QuickTime
2010-11-08 23:30:03 ----D---- C:\ProgramData\Apple Computer
2010-11-08 23:29:32 ----D---- C:\Program Files\Common Files\Apple
2010-11-08 23:29:20 ----D---- C:\ProgramData\Apple
2010-11-08 23:29:20 ----D---- C:\Program Files\Apple Software Update
2010-11-01 20:17:48 ----D---- C:\Program Files\QS
======List of files/folders modified in the last 1 months======
2010-11-28 03:13:45 ----D---- C:\Windows\Prefetch
2010-11-28 03:13:38 ----RD---- C:\Program Files
2010-11-28 03:13:10 ----D---- C:\Windows\Temp
2010-11-28 03:11:11 ----D---- C:\Windows\System32
2010-11-28 03:11:07 ----D---- C:\ProgramData\NVIDIA
2010-11-26 01:49:52 ----D---- C:\Windows\system32\config
2010-11-26 00:07:57 ----D---- C:\Program Files\JDownloader
2010-11-25 22:11:52 ----SHD---- C:\System Volume Information
2010-11-25 20:58:04 ----D---- C:\Windows
2010-11-25 20:46:18 ----D---- C:\Windows\inf
2010-11-25 20:46:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-24 20:06:37 ----D---- C:\Windows\debug
2010-11-24 20:02:12 ----D---- C:\Windows\system32\Msdtc
2010-11-24 19:21:41 ----SHD---- C:\Windows\Installer
2010-11-24 19:15:21 ----SD---- C:\ProgramData\Microsoft
2010-11-24 19:14:46 ----HD---- C:\Windows\system32\GroupPolicy
2010-11-24 02:27:27 ----D---- C:\Windows\rescache
2010-11-22 23:26:37 ----D---- C:\Windows\system32\drivers
2010-11-22 23:26:35 ----D---- C:\ProgramData
2010-11-22 23:03:12 ----D---- C:\Windows\Downloaded Program Files
2010-11-22 22:37:43 ----D---- C:\ProgramData\Adobe
2010-11-22 22:37:40 ----D---- C:\Program Files\Common Files
2010-11-22 22:37:40 ----D---- C:\Program Files\Adobe
2010-11-22 22:01:47 ----D---- C:\Windows\winsxs
2010-11-22 21:51:46 ----D---- C:\Windows\system32\appmgmt
2010-11-22 21:50:50 ----D---- C:\Windows\system32\DriverStore
2010-11-22 21:50:50 ----D---- C:\Windows\system32\catroot
2010-11-22 19:00:00 ----SHD---- C:\$Recycle.Bin
2010-11-22 18:59:52 ----RD---- C:\Users
2010-11-21 18:38:23 ----D---- C:\Windows\Microsoft.NET
2010-11-21 18:38:08 ----RSD---- C:\Windows\assembly
2010-11-21 18:28:59 ----D---- C:\Windows\system32\migration
2010-11-21 18:28:59 ----D---- C:\Windows\system32\cs-CZ
2010-11-21 18:28:59 ----D---- C:\Windows\ehome
2010-11-21 18:28:59 ----D---- C:\Program Files\Internet Explorer
2010-11-21 18:28:58 ----D---- C:\Windows\AppPatch
2010-11-21 18:28:58 ----D---- C:\Program Files\Windows Media Player
2010-11-21 18:13:08 ----D---- C:\Windows\system32\catroot2
2010-11-18 13:51:32 ----D---- C:\Series
2010-11-02 16:47:16 ----A---- C:\Windows\system32\MRT.exe
2010-11-01 20:36:16 ----D---- C:\Users\Lukas\AppData\Roaming\Miranda
2010-10-31 15:39:48 ----D---- C:\Program Files\abgx360
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-17 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-11-22 142592]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-13 6504]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-06-02 1056256]
S2 Hardlock;Hardlock; C:\Windows\system32\drivers\hardlock.sys []
S2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS [2008-11-23 97792]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 acxna6f7;acxna6f7; C:\Windows\system32\drivers\acxna6f7.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-11-22 496128]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-22 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-02 30192]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
co se tyce kopirovani pres flashku, tak to pokud vim problem neni. Nahravat, kopirovat, vsechno muzu, jen mi proste nevyskakuje okno, kdyz potrebuju otevrit soubor v nejakem programu (funguje to treba v office), ale v nicem jinem ne.
Zde je Log z Rsitu.
Diky
Logfile of random's system information tool 1.08 (written by random/random)
Run by Lukas at 2010-11-28 03:13:38
Microsoft Windows 7 Ultimate
System drive C: has 249 GB (52%) free of 477 GB
Total RAM: 2047 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:13:45, on 28.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Lukas\Downloads\RSIT.exe
C:\Program Files\trend micro\Lukas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe /title="CorelDRAW Graphics Suite 12" /date=121310 serial=dr12ccn-1517996-ebk lang=CZ
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 6829 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2283128623-4176583203-2776315920-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2283128623-4176583203-2776315920-1000UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-17 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [2009-06-05 1417216]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-02 30192]
"CorelDRAW Graphics Suite 11b"=C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe [2004-06-22 729088]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-11-22 3037696]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"Google Update"=C:\Users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-17 136176]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-11-28 03:13:38 ----D---- C:\rsit
2010-11-28 03:13:38 ----D---- C:\Program Files\trend micro
2010-11-24 22:22:48 ----D---- C:\Program Files\Ultimate Process Manager
2010-11-24 22:06:22 ----D---- C:\Users\Lukas\AppData\Roaming\ImgBurn
2010-11-24 22:04:26 ----D---- C:\Program Files\ImgBurn
2010-11-24 19:23:24 ----D---- C:\Windows\pss
2010-11-24 19:21:40 ----SHD---- C:\Config.Msi
2010-11-22 23:26:36 ----D---- C:\Users\Lukas\AppData\Roaming\Spyware Terminator
2010-11-22 23:26:36 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2010-11-22 23:26:35 ----D---- C:\ProgramData\Spyware Terminator
2010-11-22 23:26:34 ----D---- C:\Program Files\Spyware Terminator
2010-11-22 23:03:12 ----D---- C:\Program Files\Windows Live Safety Center
2010-11-22 22:42:56 ----D---- C:\Program Files\Recuva
2010-11-22 22:37:40 ----D---- C:\Program Files\Common Files\Adobe
2010-11-22 21:41:32 ----D---- C:\Users\Lukas\AppData\Roaming\Systweak
2010-11-22 21:41:27 ----D---- C:\Program Files\RegClean Pro
2010-11-22 21:18:56 ----A---- C:\Windows\ntbtlog.txt
2010-11-21 18:15:10 ----A---- C:\Windows\system32\drivers\ks.sys
2010-11-21 18:13:57 ----A---- C:\Windows\system32\msdri.dll
2010-11-21 18:13:57 ----A---- C:\Windows\system32\CPFilters.dll
2010-11-21 18:13:55 ----A---- C:\Windows\system32\psisdecd.dll
2010-11-21 18:13:48 ----A---- C:\Windows\system32\wmp.dll
2010-11-21 18:13:45 ----A---- C:\Windows\system32\wmploc.DLL
2010-11-21 18:13:42 ----A---- C:\Windows\system32\mshtml.dll
2010-11-21 18:13:42 ----A---- C:\Windows\system32\iertutil.dll
2010-11-21 18:13:41 ----A---- C:\Windows\system32\urlmon.dll
2010-11-21 18:13:41 ----A---- C:\Windows\system32\msfeeds.dll
2010-11-21 18:13:41 ----A---- C:\Windows\system32\licmgr10.dll
2010-11-21 18:13:41 ----A---- C:\Windows\system32\ieframe.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\wininet.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\mstime.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\ieui.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\iepeers.dll
2010-11-21 18:13:40 ----A---- C:\Windows\system32\iedkcs32.dll
2010-11-21 18:13:39 ----A---- C:\Windows\system32\mshtmled.dll
2010-11-21 18:13:39 ----A---- C:\Windows\system32\msfeedssync.exe
2010-11-21 18:13:39 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-11-21 18:13:39 ----A---- C:\Windows\system32\jsproxy.dll
2010-11-21 18:13:36 ----A---- C:\Windows\system32\tzres.dll
2010-11-21 18:13:28 ----A---- C:\Windows\system32\wmpmde.dll
2010-11-21 18:13:27 ----A---- C:\Windows\system32\schannel.dll
2010-11-21 18:13:26 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-11-21 18:13:20 ----A---- C:\Windows\system32\mfc40u.dll
2010-11-21 18:13:20 ----A---- C:\Windows\system32\mfc40.dll
2010-11-21 18:13:19 ----A---- C:\Windows\system32\spoolsv.exe
2010-11-21 18:13:18 ----A---- C:\Windows\system32\ole32.dll
2010-11-21 18:13:18 ----A---- C:\Windows\system32\drivers\srv.sys
2010-11-21 18:13:17 ----A---- C:\Windows\system32\srvsvc.dll
2010-11-21 18:13:17 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-11-21 18:13:17 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-11-21 18:13:16 ----A---- C:\Windows\system32\t2embed.dll
2010-11-21 18:13:15 ----A---- C:\Windows\system32\comctl32.dll
2010-11-21 18:13:14 ----A---- C:\Windows\system32\win32k.sys
2010-11-21 18:13:13 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-11-19 01:58:26 ----D---- C:\ProgramData\PopCap Games
2010-11-08 23:30:04 ----D---- C:\Program Files\QuickTime
2010-11-08 23:30:03 ----D---- C:\ProgramData\Apple Computer
2010-11-08 23:29:32 ----D---- C:\Program Files\Common Files\Apple
2010-11-08 23:29:20 ----D---- C:\ProgramData\Apple
2010-11-08 23:29:20 ----D---- C:\Program Files\Apple Software Update
2010-11-01 20:17:48 ----D---- C:\Program Files\QS
======List of files/folders modified in the last 1 months======
2010-11-28 03:13:45 ----D---- C:\Windows\Prefetch
2010-11-28 03:13:38 ----RD---- C:\Program Files
2010-11-28 03:13:10 ----D---- C:\Windows\Temp
2010-11-28 03:11:11 ----D---- C:\Windows\System32
2010-11-28 03:11:07 ----D---- C:\ProgramData\NVIDIA
2010-11-26 01:49:52 ----D---- C:\Windows\system32\config
2010-11-26 00:07:57 ----D---- C:\Program Files\JDownloader
2010-11-25 22:11:52 ----SHD---- C:\System Volume Information
2010-11-25 20:58:04 ----D---- C:\Windows
2010-11-25 20:46:18 ----D---- C:\Windows\inf
2010-11-25 20:46:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-24 20:06:37 ----D---- C:\Windows\debug
2010-11-24 20:02:12 ----D---- C:\Windows\system32\Msdtc
2010-11-24 19:21:41 ----SHD---- C:\Windows\Installer
2010-11-24 19:15:21 ----SD---- C:\ProgramData\Microsoft
2010-11-24 19:14:46 ----HD---- C:\Windows\system32\GroupPolicy
2010-11-24 02:27:27 ----D---- C:\Windows\rescache
2010-11-22 23:26:37 ----D---- C:\Windows\system32\drivers
2010-11-22 23:26:35 ----D---- C:\ProgramData
2010-11-22 23:03:12 ----D---- C:\Windows\Downloaded Program Files
2010-11-22 22:37:43 ----D---- C:\ProgramData\Adobe
2010-11-22 22:37:40 ----D---- C:\Program Files\Common Files
2010-11-22 22:37:40 ----D---- C:\Program Files\Adobe
2010-11-22 22:01:47 ----D---- C:\Windows\winsxs
2010-11-22 21:51:46 ----D---- C:\Windows\system32\appmgmt
2010-11-22 21:50:50 ----D---- C:\Windows\system32\DriverStore
2010-11-22 21:50:50 ----D---- C:\Windows\system32\catroot
2010-11-22 19:00:00 ----SHD---- C:\$Recycle.Bin
2010-11-22 18:59:52 ----RD---- C:\Users
2010-11-21 18:38:23 ----D---- C:\Windows\Microsoft.NET
2010-11-21 18:38:08 ----RSD---- C:\Windows\assembly
2010-11-21 18:28:59 ----D---- C:\Windows\system32\migration
2010-11-21 18:28:59 ----D---- C:\Windows\system32\cs-CZ
2010-11-21 18:28:59 ----D---- C:\Windows\ehome
2010-11-21 18:28:59 ----D---- C:\Program Files\Internet Explorer
2010-11-21 18:28:58 ----D---- C:\Windows\AppPatch
2010-11-21 18:28:58 ----D---- C:\Program Files\Windows Media Player
2010-11-21 18:13:08 ----D---- C:\Windows\system32\catroot2
2010-11-18 13:51:32 ----D---- C:\Series
2010-11-02 16:47:16 ----A---- C:\Windows\system32\MRT.exe
2010-11-01 20:36:16 ----D---- C:\Users\Lukas\AppData\Roaming\Miranda
2010-10-31 15:39:48 ----D---- C:\Program Files\abgx360
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-17 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-11-22 142592]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2009-05-13 6504]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-06-02 1056256]
S2 Hardlock;Hardlock; C:\Windows\system32\drivers\hardlock.sys []
S2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS [2008-11-23 97792]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 acxna6f7;acxna6f7; C:\Windows\system32\drivers\acxna6f7.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-11-22 496128]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-22 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-02 30192]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Re: Kontrolu logu
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Kontrolu logu
Porad nepomohlo, navic pri prvnim pokusu combofix vyvolal bluescreen a behem prubehu to porad psalo ze to nemuze neco otevrit (ADVAPI32.DLL). Tak nevim co se deje. Tady je LOG, ktery se na podruh podaril vytvorit.
ComboFix 10-11-27.01 - Lukas 28.11.2010 14:48:38.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2047.1211 [GMT 1:00]
Spuštěný z: c:\users\Lukas\Downloads\ComboFix.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-28 do 2010-11-28 )))))))))))))))))))))))))))))))
.
2010-11-28 13:55 . 2010-11-28 13:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-28 02:18 . 2010-11-28 02:18 -------- d-----w- c:\users\Lukas\AppData\Roaming\Malwarebytes
2010-11-28 02:18 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-28 02:18 . 2010-11-28 02:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-28 02:18 . 2010-11-28 02:18 -------- d-----w- c:\programdata\Malwarebytes
2010-11-28 02:18 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-28 02:13 . 2010-11-28 02:13 -------- d-----w- C:\rsit
2010-11-28 02:13 . 2010-11-28 02:13 -------- d-----w- c:\program files\trend micro
2010-11-24 21:22 . 2010-11-24 21:25 -------- d-----w- c:\program files\Ultimate Process Manager
2010-11-24 21:06 . 2010-11-24 21:06 -------- d-----w- c:\users\Lukas\AppData\Roaming\ImgBurn
2010-11-24 21:04 . 2010-11-24 21:04 -------- d-----w- c:\program files\ImgBurn
2010-11-22 22:03 . 2010-11-24 18:21 -------- d-----w- c:\program files\Windows Live Safety Center
2010-11-22 21:42 . 2010-11-22 21:42 -------- d-----w- c:\program files\Recuva
2010-11-22 21:37 . 2010-11-22 21:37 -------- d-----w- c:\program files\Common Files\Adobe
2010-11-22 20:44 . 2000-05-22 14:58 140488 ----a-w- C:\comdlg32.ocx
2010-11-22 20:41 . 2010-11-22 20:45 -------- d-----w- c:\users\Lukas\AppData\Roaming\Systweak
2010-11-22 20:41 . 2010-11-22 20:45 -------- d-----w- c:\program files\RegClean Pro
2010-11-22 17:59 . 2010-11-22 18:00 -------- d-----w- c:\users\Test
2010-11-21 17:15 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-11-21 17:11 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8F0834A8-C4E5-492B-AD29-D895AD48A77A}\mpengine.dll
2010-11-21 17:10 . 2010-08-27 05:30 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-19 00:58 . 2010-11-19 01:02 -------- d-----w- c:\programdata\PopCap Games
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2010-11-08 22:30 . 2010-11-08 22:30 -------- d-----w- c:\program files\QuickTime
2010-11-08 22:30 . 2010-11-08 22:30 -------- d-----w- c:\programdata\Apple Computer
2010-11-08 22:29 . 2010-11-08 22:29 -------- d-----w- c:\program files\Common Files\Apple
2010-11-08 22:29 . 2010-11-08 22:29 -------- d-----w- c:\users\Lukas\AppData\Local\Apple
2010-11-08 22:29 . 2010-11-08 22:29 -------- d-----w- c:\programdata\Apple
2010-11-08 22:29 . 2010-11-08 22:29 -------- d-----w- c:\program files\Apple Software Update
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2010-11-01 19:17 . 2010-11-01 19:17 -------- d-----w- c:\program files\QS
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2010-08-17 02:06 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-23 20:20 . 2010-09-23 20:20 191488 ----a-w- c:\windows\system32\hlvdd.dll
2010-09-08 10:17 . 2010-09-08 10:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 10:17 . 2010-09-08 10:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-07 15:12 . 2010-08-17 01:58 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-08-17 01:58 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-08-17 01:59 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-08-17 01:59 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-08-17 01:59 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-08-17 01:59 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2010-08-17 01:59 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-02 01:33 . 2010-09-02 01:33 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-09-02 01:33 . 2010-09-02 01:33 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"Google Update"="c:\users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-08-17 136176]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-06-05 1417216]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-09-02 30192]
"CorelDRAW Graphics Suite 11b"="c:\program files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe" [2004-06-22 729088]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
c:\users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 136176]
R2 NSHE;Guardant Emulator Driver;c:\windows\system32\Drivers\NSHE.SYS [2008-11-23 97792]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-02 30192]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-16 691696]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-06-02 1056256]
.
Obsah adresáře 'Naplánované úlohy'
2010-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 20:46]
2010-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 20:46]
2010-11-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2283128623-4176583203-2776315920-1000Core.job
- c:\users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-17 01:55]
2010-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2283128623-4176583203-2776315920-1000UA.job
- c:\users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-17 01:55]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-11-28 14:57:03
ComboFix-quarantined-files.txt 2010-11-28 13:57
Před spuštěním: Volných bajtů: 265 435 803 648
Po spuštění: Volných bajtů: 265 221 464 064
- - End Of File - - E8485FB058EF2F7A0537DE10F458CE02
ComboFix 10-11-27.01 - Lukas 28.11.2010 14:48:38.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2047.1211 [GMT 1:00]
Spuštěný z: c:\users\Lukas\Downloads\ComboFix.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-28 do 2010-11-28 )))))))))))))))))))))))))))))))
.
2010-11-28 13:55 . 2010-11-28 13:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-11-28 02:18 . 2010-11-28 02:18 -------- d-----w- c:\users\Lukas\AppData\Roaming\Malwarebytes
2010-11-28 02:18 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-28 02:18 . 2010-11-28 02:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-28 02:18 . 2010-11-28 02:18 -------- d-----w- c:\programdata\Malwarebytes
2010-11-28 02:18 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-28 02:13 . 2010-11-28 02:13 -------- d-----w- C:\rsit
2010-11-28 02:13 . 2010-11-28 02:13 -------- d-----w- c:\program files\trend micro
2010-11-24 21:22 . 2010-11-24 21:25 -------- d-----w- c:\program files\Ultimate Process Manager
2010-11-24 21:06 . 2010-11-24 21:06 -------- d-----w- c:\users\Lukas\AppData\Roaming\ImgBurn
2010-11-24 21:04 . 2010-11-24 21:04 -------- d-----w- c:\program files\ImgBurn
2010-11-22 22:03 . 2010-11-24 18:21 -------- d-----w- c:\program files\Windows Live Safety Center
2010-11-22 21:42 . 2010-11-22 21:42 -------- d-----w- c:\program files\Recuva
2010-11-22 21:37 . 2010-11-22 21:37 -------- d-----w- c:\program files\Common Files\Adobe
2010-11-22 20:44 . 2000-05-22 14:58 140488 ----a-w- C:\comdlg32.ocx
2010-11-22 20:41 . 2010-11-22 20:45 -------- d-----w- c:\users\Lukas\AppData\Roaming\Systweak
2010-11-22 20:41 . 2010-11-22 20:45 -------- d-----w- c:\program files\RegClean Pro
2010-11-22 17:59 . 2010-11-22 18:00 -------- d-----w- c:\users\Test
2010-11-21 17:15 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-11-21 17:11 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8F0834A8-C4E5-492B-AD29-D895AD48A77A}\mpengine.dll
2010-11-21 17:10 . 2010-08-27 05:30 13312 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-19 00:58 . 2010-11-19 01:02 -------- d-----w- c:\programdata\PopCap Games
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2010-11-08 22:30 . 2010-11-08 22:30 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2010-11-08 22:30 . 2010-11-08 22:30 -------- d-----w- c:\program files\QuickTime
2010-11-08 22:30 . 2010-11-08 22:30 -------- d-----w- c:\programdata\Apple Computer
2010-11-08 22:29 . 2010-11-08 22:29 -------- d-----w- c:\program files\Common Files\Apple
2010-11-08 22:29 . 2010-11-08 22:29 -------- d-----w- c:\users\Lukas\AppData\Local\Apple
2010-11-08 22:29 . 2010-11-08 22:29 -------- d-----w- c:\programdata\Apple
2010-11-08 22:29 . 2010-11-08 22:29 -------- d-----w- c:\program files\Apple Software Update
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2010-11-01 19:17 . 2010-11-01 19:17 -------- d-----w- c:\program files\QS
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2010-08-17 02:06 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-23 20:20 . 2010-09-23 20:20 191488 ----a-w- c:\windows\system32\hlvdd.dll
2010-09-08 10:17 . 2010-09-08 10:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 10:17 . 2010-09-08 10:17 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-07 15:12 . 2010-08-17 01:58 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-08-17 01:58 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-08-17 01:59 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-08-17 01:59 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-08-17 01:59 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-08-17 01:59 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2010-08-17 01:59 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-02 01:33 . 2010-09-02 01:33 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-09-02 01:33 . 2010-09-02 01:33 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"Google Update"="c:\users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-08-17 136176]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-06-05 1417216]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-09-02 30192]
"CorelDRAW Graphics Suite 11b"="c:\program files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe" [2004-06-22 729088]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
c:\users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 136176]
R2 NSHE;Guardant Emulator Driver;c:\windows\system32\Drivers\NSHE.SYS [2008-11-23 97792]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-02 30192]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-16 691696]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-06-02 1056256]
.
Obsah adresáře 'Naplánované úlohy'
2010-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 20:46]
2010-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-22 20:46]
2010-11-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2283128623-4176583203-2776315920-1000Core.job
- c:\users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-17 01:55]
2010-11-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2283128623-4176583203-2776315920-1000UA.job
- c:\users\Lukas\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-17 01:55]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-11-28 14:57:03
ComboFix-quarantined-files.txt 2010-11-28 13:57
Před spuštěním: Volných bajtů: 265 435 803 648
Po spuštění: Volných bajtů: 265 221 464 064
- - End Of File - - E8485FB058EF2F7A0537DE10F458CE02
Re: Kontrolu logu
Log je v pořádku. Jaký používáte prohlížeč?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Kontrolu logu
Pouzivam Google Chrome, ale nefunguje to ani v exploreru ani v mozille. A hlavne nebude to prohlizecem, jelikoz to nefunguje treba ani v adobe readeru, corelu atd.....
Re: Kontrolu logu
Zkoušel jste obnovu systému k datu, kdy to fungovalo?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Kontrolu logu
Bohuzel, kdyz sem to zjistil, tak tak starou obnovu sem jiz nemel. V obnoveni jsem mel jen cca 4 dny. Stalo se mi to uz zhruba pred 10ti dny a nevenoval jsem tomu pozornost, myslel jsem, ze je to chyba programu. Az pozdeji jsem zjistil, ze je to nejaky jiny problem.
Re: Kontrolu logu
Bohuzel, kdyz sem to zjistil, tak tak starou obnovu sem jiz nemel. V obnoveni jsem mel jen cca 4 dny. Stalo se mi to uz zhruba pred 10ti dny a nevenoval jsem tomu pozornost, myslel jsem, ze je to chyba programu. Az pozdeji jsem zjistil, ze je to nejaky jiny problem.
Re: Kontrolu logu
Bohuzel, kdyz sem to zjistil, tak tak starou obnovu sem jiz nemel. V obnoveni jsem mel jen cca 4 dny. Stalo se mi to uz zhruba pred 10ti dny a nevenoval jsem tomu pozornost, myslel jsem, ze je to chyba programu. Az pozdeji jsem zjistil, ze je to nejaky jiny problem.
Re: Kontrolu logu
Pošlu sem kolegu
Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Stahněte MBAM z mého podpisu-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?