prosim o kontrolu logu

Zpráva

peter.peco · #1 Příspěvek od **peter.peco** » 07 pro 2010 12:05

Logfile of random's system information tool 1.08 (written by random/random)
Run by OOO at 2010-12-07 12:02:47
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 66 GB (66%) free of 100 GB
Total RAM: 3583 MB (86% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-09-12 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-11-09 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-11-09 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-11-09 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 81920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-12 136600]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 153608]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-28 61440]
"NVIDIA driver monitor"=C:\WINDOWS\nvsvc32.exe [2010-11-01 81920]
"loomyd"=C:\WINDOWS\system32\doquequopoo.exe [2010-11-27 315392]
"myquessig"=C:\WINDOWS\system32\noupy.exe [2010-11-27 315392]
"Windows Firewall"=C:\DOCUME~1\OOO\LOCALS~1\Temp\lsass.exe [2010-11-12 57344]
"wuaucldt"=c:\windows\system32\wuaucldt.exe [2010-11-23 33280]
"Regedit32"=C:\WINDOWS\system32\regedit.exe []
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-10-09 17021440]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]
"NVIDIA driver monitor"=C:\WINDOWS\nvsvc32.exe [2010-11-01 81920]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-11-09 39408]
"Windows Firewall"=C:\DOCUME~1\OOO\LOCALS~1\Temp\lsass.exe [2010-11-12 57344]
"wuaucldt"=c:\documents and settings\ooo\wuaucldt.exe [2010-11-23 33280]

C:\Documents and Settings\OOO\Start Menu\Programs\Startup
0bxss6e.exe
0ccxooj.exe
0dzuu6g.exe
0fbww6i.exe
0jfaa6m.exe
0kkfwwr.exe
0lhcc6o.exe
0njee6q.exe
0tpkk6w.exe
0vrmm6y.exe
0xi9o69.exe
0xtoo6a.exe
0zvqq6c.exe
1awwrii.exe
1gccxoo.exe
1miiduu.exe
1qmmhyy.exe
1soojaa.exe
1yuupgg.exe
2fqllhx.exe
2lgg6ss.exe
2nii6uu.exe
2pkk6ww.exe
2rmm6yy.exe
2too6aa.exe
2vqq6cc.exe
2zuu6gg.exe
3aavmmh.exe
3eezqql.exe
3ggbssn.exe
3mmhyyt.exe
3ooz9ql.exe
3qqlccx.exe
3ssneez.exe
3wwriid.exe
3yytkkf.exe
6aa6mm6.exe
6ii6uu6.exe
6iyoe5a.exe
6mm6yy6.exe
6tyupf8.exe
6yy6kk6.exe
70bxss6.exe
70fbww6.exe
70jfaa6.exe
70lhcc6.exe
70uukql.exe
70vrmm6.exe
70xtoo6.exe
9e1awwr.exe
9g1cyyt.exe
9k1gccx.exe
9o1kggb.exe
9q1mxto.exe
9u1qmmh.exe
9w1sooj.exe
a1wssnee.exe
a1wssneezq.exe
a1wxdyy6.exe
a6mm6yy6.exe
a70bxss6e.exe
a70bxss6ee6.exe
a71wssnee.exe
a9w1soojaa.exe
aa6mm6yy6.exe
aavmmhyy.exe
avmhc3eezq.exe
bc70dzuu6g.exe
bxnnjzzv.exe
bxss6ee6.exe
c1yuupggbs.exe
c3eezqqlccx.exe
c70dzuu6g.exe
c9y1uqqlcc.exe
ccxoojaa.exe
ccxoojaavm.exe
cxoojaav.exe
ddjekfq70xt.exe
ddzpplbbxnn.exe
de70fbww6i.exe
dttpffbr.exe
duupggbs.exe
duupggbssne.exe
dy1uqqlccx.exe
dyy6kk6ww6i.exe
dzppfl2rhid.exe
dzpplbbx.exe
dzpplbbxnn.exe
dzuu6gg6.exe
e1alhcc6oo.exe
e3ggbssneez.exe
e9a1wssnee.exe
eaavbxsije.exe
eaavmmhyyt.exe
ee6qq6cc6.exe
eezqqlcc.exe
ezqqlccx.exe
fa1wssneez.exe
faa6mm6yy.exe
fbrrnddz.exe
fbrrnddzpp.exe
flqbxint5k.exe
fwwriiduupg.exe
g9c1yuupgg.exe
gbssneezqq.exe
gg6ss70zv.exe
ggbssnee.exe
h0njee6qq.exe
hc1yuupggb.exe
hcc6oo6aa.exe
hcc6oo6aa6m.exe
hhdttpffbrr.exe
hs3z0kllhx.exe
hyytkkfwwri.exe
i1eaavmmhy.exe
i3kkfwwriid.exe
i6uu6gg6.exe
i75u70vrm.exe
ieezqqlccx.exe
iiduupggbs.exe
ioo69gg9m.exe
j0plgg6ss.exe
jaavmmhy.exe
jaavmmhyytk.exe
jee6qq6cc.exe
jee6qq6cc6o.exe
jo6aa6mm.exe
k1gccxoo.exe
kk6ww6ii6.exe
kkfwwrii.exe
l70xxntjp6.exe
lcs6d5zaqvr.exe
lg1cyytkkf.exe
lhcc6oo6.exe
lhxxtjjf.exe
m1ieezqqlc.exe
m3oojaavmmh.exe
m6yy6kk6.exe
m9i1eaavmm.exe
mhyytkkf.exe
mhyytkkfww.exe
miiduupggb.exe
mm1ieezqq.exe
mmhyytkk.exe
n0tpkk6ww.exe
n5jekfq70.exe
neezqqlccxo.exe
ni1eaavmmh.exe
nii6ua70bmh.exe
nii6uklgg.exe
nii6uu6gg.exe
njee6qq6.exe
njzzvllhxx.exe
no70plgg6s.exe
o1kggbss.exe
o1kggbssne.exe
o3qqlccxooj.exe
ojaavmmhyy.exe
okkfwwriid.exe
oo6aa6mm6.exe
p0vrmm6yy.exe
p6gw9sy9pu8.exe
pffbrrnd.exe
pggbss9y1uq.exe
pggbssneezq.exe
pkk6ww6ii.exe
pkk6ww6ii6u.exe
plbbxnnj.exe
plbbxnnjzz.exe
pq70rnii6u.exe
q1miiduu.exe
q9m1ieezqq.exe
riiduupggbs.exe
rm1ieezqql.exe
rmm6yy6kk.exe
rmm6yy6kk6w.exe
rnddzppl.exe
rnii6uu6.exe
rw6no70p.exe
s1okkfww.exe
s1okkfwwri.exe
s6ee6qq6.exe
s9o1kggbss.exe
ss6ee6qq6.exe
ssneezqq.exe
ssneezqqlc.exe
tkkfwwri.exe
too6aa6mm.exe
too6aa6mm6y.exe
tpffbrrn.exe
tpffbrrndd.exe
tpkk6ww6.exe
ttpffbrrndd.exe
tu70vrmm6y.exe
u6gg6ss6.exe
u6k3g1xs1.exe
u70vrmm6y.exe
upggbssn.exe
upggbssnee.exe
uqqlccxooj.exe
uu6gg6ss6.exe
uu6gg6xy7.exe
uupggbss.exe
v0bxss6ee.exe
vggr670e.exe
vrhhdttp.exe
vrmnii6u.exe
vvrhhdttpff.exe
w1soojaa.exe
w1soojaavm.exe
w3yytkkfwwr.exe
w3yytpplbbx.exe
w70xtoo6a.exe
x0dzuu6gg.exe
xnnjzzv2.exe
xnnjzzvl.exe
xoojaavmmhy.exe
xss6ee6qq.exe
xtjjfvvrhh.exe
xtjzzqg0rh.exe
xxtjjfvvrhh.exe
xy70zvqq6c.exe
y1uqqlcc.exe
y1uqqlccxo.exe
y3aavmmhyyt.exe
y6kk6ww6.exe
y70zvqq6c.exe
y9u1qmmhyy.exe
ytjkfvwh5x.exe
ytpplbbm.exe
yuupggbssn.exe
z0fbww6ii.exe
zqqlccxooja.exe
zu1qmmhyyt.exe
zuu6gg6ss.exe
zuu6gg6ss6e.exe
zvllhxxt.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-08-26 159744]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Gxs16.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\gxscwecu]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hrjechtg]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nagpmnsb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\neteeqfd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\riumscbg]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rnnagslj]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rtnrouhc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tupdwjiz.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Gxs16.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\gxscwecu]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hrjechtg]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nagpmnsb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\neteeqfd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\riumscbg]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rnnagslj]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rtnrouhc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tupdwjiz.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe"="C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe:*:Enabled:Need For Speed III for Win32"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\OOO\Local Settings\Temporary Internet Files\Content.IE5\FJ2LMJ6L\P17535732.JPG-www.facebook[1].exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\spool\drivers\Distributed.exe"="C:\WINDOWS\system32\spool\drivers\Distributed.exe:*:Enabled:BWProxyClient"
"C:\Documents and Settings\OOO\init.exe"="C:\Documents and Settings\OOO\init.exe:*:Enabled:ENABLE"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 3 months======

2010-12-07 12:01:14 ----ASH---- C:\pagefile.sys
2010-12-07 10:51:47 ----D---- C:\rsit
2010-12-07 10:51:47 ----D---- C:\Program Files\trend micro
2010-12-07 10:49:08 ----D---- C:\WINDOWS\Prefetch
2010-12-07 10:43:46 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-12-07 10:41:55 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-12-07 10:31:42 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-12-07 10:31:42 ----A---- C:\WINDOWS\system32\irclass.dll
2010-12-07 10:31:19 ----RA---- C:\WINDOWS\SET5C.tmp
2010-12-07 10:31:17 ----RA---- C:\WINDOWS\SET50.tmp
2010-12-07 10:31:16 ----RA---- C:\WINDOWS\SET4F.tmp
2010-12-07 10:16:45 ----D---- C:\Program Files\CCleaner
2010-12-06 12:30:55 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-12-06 10:33:32 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-12-06 10:33:32 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-12-06 10:33:28 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-12-06 10:33:24 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-11-27 22:02:11 ----A---- C:\WINDOWS\system32\drivers\gxscwecu.sys
2010-11-27 14:44:11 ----A---- C:\WINDOWS\system32\drivers\ndisvvan.sys
2010-11-26 22:07:37 ----A---- C:\WINDOWS\system32\drivers\aouviwqn.sys
2010-11-26 21:03:53 ----A---- C:\WINDOWS\system32\drivers\sbruxjer.sys
2010-11-26 20:01:23 ----A---- C:\WINDOWS\system32\drivers\wcscd.sys
2010-11-26 17:54:29 ----RA---- C:\Documents and Settings\OOO\Application Data\nK6Nk.txt
2010-11-26 08:05:49 ----A---- C:\WINDOWS\system32\drivers\udtofnxc.sys
2010-11-24 23:34:55 ----A---- C:\WebHD.exe
2010-11-23 06:06:42 ----A---- C:\WINDOWS\system32\wuaucldt.exe
2010-11-22 18:42:50 ----RA---- C:\Documents and Settings\OOO\Application Data\BG0Ai.txt
2010-11-21 22:33:38 ----A---- C:\HDTV.exe
2010-11-20 15:33:30 ----A---- C:\wifi32.exe
2010-11-19 13:05:45 ----A---- C:\win22.exe
2010-11-18 20:19:38 ----A---- C:\nlw.exe
2010-11-14 00:49:54 ----A---- C:\t6.exe
2010-11-12 20:46:47 ----A---- C:\min32.exe
2010-11-11 04:40:53 ----A---- C:\wscnnt.exe
2010-11-11 04:36:05 ----A---- C:\21.exe
2010-11-10 22:16:59 ----A---- C:\WINDOWS\system32\noupy.exe
2010-11-10 22:16:19 ----A---- C:\WINDOWS\system32\rivoo.exe
2010-11-10 22:15:36 ----A---- C:\WINDOWS\system32\pisi.exe
2010-11-10 16:35:44 ----A---- C:\27.exe
2010-11-10 15:51:27 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2010-11-10 06:20:19 ----A---- C:\jshd.exe
2010-11-10 05:39:47 ----A---- C:\WINDOWS\system32\quouwyjegu.exe
2010-11-10 05:39:05 ----A---- C:\WINDOWS\system32\doquequopoo.exe
2010-11-10 05:38:04 ----RSH---- C:\Documents and Settings\OOO\Application Data\juzjf.exe
2010-11-10 05:38:00 ----A---- C:\f32.exe
2010-11-09 06:07:07 ----A---- C:\sx.exe
2010-11-01 18:58:17 ----RSH---- C:\WINDOWS\nvsvc32.exe
2010-10-25 15:46:44 ----D---- C:\Documents and Settings\OOO\Application Data\ATI
2010-10-25 15:46:44 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2010-10-25 15:42:49 ----RSD---- C:\WINDOWS\assembly
2010-10-25 15:42:32 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-25 15:37:58 ----A---- C:\WINDOWS\system32\ati2sgag.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atitvo32.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ATIODE.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atimpc32.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atikvmag.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\aticalrt.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\aticaldd.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\aticalcl.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atibtmon.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati3duag.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2010-10-25 15:18:40 ----D---- C:\Program Files\Common Files\ATI Technologies
2010-10-25 15:18:36 ----D---- C:\Program Files\ATI
2010-10-25 15:18:18 ----D---- C:\Program Files\ATI Technologies
2010-10-25 15:17:56 ----D---- C:\ATI
2010-10-10 15:26:44 ----D---- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
2010-10-10 15:24:14 ----D---- C:\Program Files\Playrix Entertainment
2010-10-02 06:38:58 ----D---- C:\WINDOWS\Minidump
2010-09-26 14:28:40 ----D---- C:\WINDOWS\WBEM
2010-09-26 14:28:32 ----A---- C:\WINDOWS\system32\spmsg.dll
2010-09-26 14:28:23 ----HDC---- C:\WINDOWS\ie8
2010-09-26 14:28:23 ----D---- C:\WINDOWS\system32\sk-SK
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\normaliz.dll
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\nlsdl.dll
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\msrating.dll.mui
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\mshta.exe.mui
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\msdbg2.dll
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\ieudinit.exe
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\idndl.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ieui.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\iedkcs32.dll.mui
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ie4uinit.exe.mui
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\icardie.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\advpack.dll.mui

======List of files/folders modified in the last 3 months======

2010-12-07 12:02:39 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-07 12:02:37 ----AD---- C:\WINDOWS\Temp
2010-12-07 12:02:19 ----D---- C:\WINDOWS
2010-12-07 11:52:37 ----D---- C:\WINDOWS\security
2010-12-07 11:52:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-07 11:28:38 ----D---- C:\WINDOWS\system32\Setup
2010-12-07 11:28:37 ----D---- C:\WINDOWS\Help
2010-12-07 11:28:30 ----D---- C:\WINDOWS\system32\usmt
2010-12-07 11:28:22 ----D---- C:\WINDOWS\AppPatch
2010-12-07 11:28:16 ----D---- C:\WINDOWS\mui
2010-12-07 11:28:15 ----D---- C:\WINDOWS\ime
2010-12-07 11:28:15 ----D---- C:\WINDOWS\ehome
2010-12-07 11:28:14 ----RSD---- C:\WINDOWS\Fonts
2010-12-07 11:28:13 ----D---- C:\WINDOWS\Media
2010-12-07 11:28:05 ----D---- C:\WINDOWS\PeerNet
2010-12-07 11:27:55 ----D---- C:\WINDOWS\system32\npp
2010-12-07 11:27:50 ----D---- C:\WINDOWS\msagent
2010-12-07 11:26:10 ----D---- C:\WINDOWS\twain_32
2010-12-07 11:26:01 ----D---- C:\WINDOWS\system32\icsxml
2010-12-07 11:25:42 ----D---- C:\WINDOWS\system32\ias
2010-12-07 11:25:38 ----D---- C:\WINDOWS\system32\1033
2010-12-07 11:24:39 ----D---- C:\WINDOWS\Driver Cache
2010-12-07 10:51:47 ----RD---- C:\Program Files
2010-12-07 10:50:45 ----D---- C:\WINDOWS\system32
2010-12-07 10:50:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-07 10:50:35 ----D---- C:\WINDOWS\Registration
2010-12-07 10:50:07 ----HD---- C:\WINDOWS\inf
2010-12-07 10:49:55 ----A---- C:\WINDOWS\setuplog.txt
2010-12-07 10:49:21 ----SHD---- C:\System Volume Information
2010-12-07 10:49:21 ----D---- C:\WINDOWS\system32\Restore
2010-12-07 10:48:39 ----D---- C:\WINDOWS\system32\drivers
2010-12-07 10:48:39 ----D---- C:\WINDOWS\system32\config
2010-12-07 10:46:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-07 10:44:35 ----A---- C:\WINDOWS\OEWABLog.txt
2010-12-07 10:44:31 ----A---- C:\WINDOWS\ODBCINST.INI
2010-12-07 10:44:14 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2010-12-07 10:43:49 ----RD---- C:\WINDOWS\Web
2010-12-07 10:43:42 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-12-07 10:43:33 ----A---- C:\WINDOWS\win.ini
2010-12-07 10:43:29 ----D---- C:\WINDOWS\system32\oobe
2010-12-07 10:43:28 ----D---- C:\WINDOWS\srchasst
2010-12-07 10:43:26 ----D---- C:\Program Files\Windows Media Player
2010-12-07 10:43:20 ----D---- C:\Program Files\Movie Maker
2010-12-07 10:43:08 ----D---- C:\Program Files\NetMeeting
2010-12-07 10:43:04 ----D---- C:\Program Files\Outlook Express
2010-12-07 10:43:04 ----D---- C:\Program Files\Common Files\System
2010-12-07 10:42:51 ----D---- C:\Program Files\Internet Explorer
2010-12-07 10:42:23 ----D---- C:\WINDOWS\system32\Com
2010-12-07 10:42:00 ----D---- C:\WINDOWS\system32\wbem
2010-12-07 10:41:57 ----D---- C:\Program Files\Windows NT
2010-12-07 10:40:55 ----SH---- C:\boot.ini
2010-12-07 10:31:46 ----A---- C:\WINDOWS\system.ini
2010-12-07 10:31:42 ----D---- C:\WINDOWS\system
2010-12-07 10:31:33 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-12-07 10:31:20 ----D---- C:\WINDOWS\system32\CatRoot
2010-12-07 10:30:56 ----D---- C:\WINDOWS\WinSxS
2010-12-06 14:27:43 ----A---- C:\WINDOWS\ntbtlog.txt
2010-12-06 14:26:32 ----D---- C:\Documents and Settings
2010-12-06 14:24:10 ----SHD---- C:\WINDOWS\Installer
2010-12-06 14:24:10 ----D---- C:\Config.Msi
2010-12-06 13:50:56 ----SHD---- C:\RECYCLER
2010-12-06 10:33:24 ----D---- C:\Program Files\Alwil Software
2010-12-01 20:18:02 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-24 23:18:09 ----D---- C:\Documents and Settings\OOO\Application Data\BSplayer
2010-11-24 14:23:34 ----D---- C:\Documents and Settings\OOO\Application Data\Skype
2010-11-20 05:25:10 ----D---- C:\Documents and Settings\OOO\Application Data\skypePM
2010-11-14 09:38:42 ----D---- C:\Program Files\Common Files\Nokia
2010-11-10 22:15:15 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-11-10 05:50:34 ----D---- C:\Program Files\Ask.com
2010-11-09 06:37:29 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2010-11-09 06:37:28 ----D---- C:\Program Files\Google
2010-10-31 08:37:22 ----D---- C:\Documents and Settings\OOO\Application Data\Image Zone Express
2010-10-26 16:08:39 ----D---- C:\Program Files\Polda
2010-10-25 15:42:33 ----D---- C:\WINDOWS\system32\mui
2010-10-25 15:38:24 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-25 15:29:21 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-10-25 15:18:40 ----D---- C:\Program Files\Common Files
2010-10-25 15:11:01 ----D---- C:\WINDOWS\SoftwareDistribution
2010-09-26 14:28:48 ----A---- C:\WINDOWS\imsins.BAK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-08-26 5386752]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-13 4879360]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 Passthru;Service; C:\WINDOWS\system32\DRIVERS\ndisvvan.sys [2010-11-27 57856]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2009-09-11 22792]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2009-09-11 14984]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2009-09-11 66056]
S2 aouviwqn;aouviwqn; \??\C:\WINDOWS\system32\Drivers\aouviwqn.sys []
S2 gxscwecu;gxscwecu; C:\WINDOWS\system32\drivers\gxscwecu.sys [2010-11-27 82944]
S2 sbruxjer;sbruxjer; \??\C:\WINDOWS\system32\Drivers\sbruxjer.sys []
S2 udtofnxc;udtofnxc; \??\C:\WINDOWS\system32\Drivers\udtofnxc.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 sermouse;Serial Mouse Driver; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-08-23 17664]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-04 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2009-09-11 35592]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2009-09-11 31752]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-08-26 606208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-12 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R2 rpaayyooe1qeud;BCL easyPDF SDK Loader; C:\WINDOWS\system32\noupy.exe [2010-11-27 315392]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-04-28 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-27 135664]
S2 NVSvc;NVIDIA-OMEGA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-11-09 182768]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]

-----------------EOF-----------------

#2 Příspěvek od **JaRon** » 07 pro 2010 12:29

tak ja Ti musim pogratulovat

s tym co si tu ukazal sa urcite dostanes do TOP10 v historii zavirenych PCs

1. zmaz vsetky subory pod zlozkou C:\Documents and Settings\OOO\Start Menu\Programs\Startup
2. restartuj PC do nudzoveho rezimu, odpoj od siete a vycisti s CureIT

peter.peco · #3 Příspěvek od **peter.peco** » 07 pro 2010 13:26

JaRon píše:tak ja Ti musim pogratulovat s tym co si tu ukazal sa urcite dostanes do TOP10 v historii zavirenych PCs
1. zmaz vsetky subory pod zlozkou C:\Documents and Settings\OOO\Start Menu\Programs\Startup
2. restartuj PC do nudzoveho rezimu, odpoj od siete a vycisti s CureIT

PC nemalo 1 rok ziaden antivirusovy program a vcera mi ho priniesol znamy, ze mu nefunguje. Ak sa mi nepodari to vycistit, asi pomoze len reinstall OS. Data som odzalohoval, horsie je to s aplikaciami a ich nastavenim.

#4 Příspěvek od **JaRon** » 07 pro 2010 13:52

po vycisteni s CureIT restart a daj dalsi log RSIT

peter.peco · #5 Příspěvek od **peter.peco** » 07 pro 2010 13:54

JaRon píše:po vycisteni s CureIT restart a daj dalsi log RSIT

V tom CureIT je treba kompletny sken, alebo staci expresny ?

#6 Příspěvek od **JaRon** » 07 pro 2010 14:02

teraz expresny

peter.peco · #7 Příspěvek od **peter.peco** » 07 pro 2010 14:06

aj som si myslel, ze expresny

Tuna je novy log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by OOO at 2010-12-07 14:05:32
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 68 GB (68%) free of 100 GB
Total RAM: 3583 MB (87% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-09-12 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-11-09 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-11-09 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-11-09 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 81920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-12 136600]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 153608]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-28 61440]
"NVIDIA driver monitor"=C:\WINDOWS\nvsvc32.exe [2010-11-01 81920]
"Regedit32"=C:\WINDOWS\system32\regedit.exe []
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-10-09 17021440]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]
"NVIDIA driver monitor"=C:\WINDOWS\nvsvc32.exe [2010-11-01 81920]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-11-09 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-08-26 159744]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Gxs16.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\gxscwecu]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hrjechtg]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nagpmnsb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\neteeqfd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\riumscbg]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rnnagslj]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rtnrouhc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tupdwjiz.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Gxs16.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\gxscwecu]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hrjechtg]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nagpmnsb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\neteeqfd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\riumscbg]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rnnagslj]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rtnrouhc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tupdwjiz.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe"="C:\Program Files\Electronic Arts\Need For Speed III\nfs3.exe:*:Enabled:Need For Speed III for Win32"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Disabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Disabled:Nokia Software Updater"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Documents and Settings\OOO\Local Settings\Temporary Internet Files\Content.IE5\FJ2LMJ6L\P17535732.JPG-www.facebook[1].exe"="C:\WINDOWS\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\spool\drivers\Distributed.exe"="C:\WINDOWS\system32\spool\drivers\Distributed.exe:*:Enabled:BWProxyClient"
"C:\Documents and Settings\OOO\init.exe"="C:\Documents and Settings\OOO\init.exe:*:Enabled:ENABLE"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 3 months======

2010-12-07 12:42:55 ----ASH---- C:\pagefile.sys
2010-12-07 12:22:15 ----A---- C:\WINDOWS\zip.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\SWSC.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\SWREG.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\sed.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\PEV.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\NIRCMD.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\MBR.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\grep.exe
2010-12-07 12:22:11 ----SD---- C:\ComboFix
2010-12-07 12:22:11 ----D---- C:\WINDOWS\ERDNT
2010-12-07 12:06:34 ----D---- C:\Qoobox
2010-12-07 10:51:47 ----D---- C:\rsit
2010-12-07 10:51:47 ----D---- C:\Program Files\trend micro
2010-12-07 10:49:08 ----D---- C:\WINDOWS\Prefetch
2010-12-07 10:43:46 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-12-07 10:41:55 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-12-07 10:31:42 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-12-07 10:31:42 ----A---- C:\WINDOWS\system32\irclass.dll
2010-12-07 10:31:19 ----RA---- C:\WINDOWS\SET5C.tmp
2010-12-07 10:31:17 ----RA---- C:\WINDOWS\SET50.tmp
2010-12-07 10:31:16 ----RA---- C:\WINDOWS\SET4F.tmp
2010-12-07 10:16:45 ----D---- C:\Program Files\CCleaner
2010-12-06 12:30:55 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-12-06 10:33:32 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-12-06 10:33:32 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-12-06 10:33:28 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-12-06 10:33:24 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-11-27 14:44:11 ----A---- C:\WINDOWS\system32\drivers\ndisvvan.sys
2010-11-26 22:07:37 ----A---- C:\WINDOWS\system32\drivers\aouviwqn.sys
2010-11-26 21:03:53 ----A---- C:\WINDOWS\system32\drivers\sbruxjer.sys
2010-11-26 17:54:29 ----RA---- C:\Documents and Settings\OOO\Application Data\nK6Nk.txt
2010-11-26 08:05:49 ----A---- C:\WINDOWS\system32\drivers\udtofnxc.sys
2010-11-24 23:34:55 ----A---- C:\WebHD.exe
2010-11-22 18:42:50 ----RA---- C:\Documents and Settings\OOO\Application Data\BG0Ai.txt
2010-11-21 22:33:38 ----A---- C:\HDTV.exe
2010-11-19 13:05:45 ----A---- C:\win22.exe
2010-11-14 00:49:54 ----A---- C:\t6.exe
2010-11-11 04:40:53 ----A---- C:\wscnnt.exe
2010-11-11 04:36:05 ----A---- C:\21.exe
2010-11-10 16:35:44 ----A---- C:\27.exe
2010-11-10 15:51:27 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2010-11-09 06:07:07 ----A---- C:\sx.exe
2010-11-01 18:58:17 ----RSH---- C:\WINDOWS\nvsvc32.exe
2010-10-25 15:46:44 ----D---- C:\Documents and Settings\OOO\Application Data\ATI
2010-10-25 15:46:44 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2010-10-25 15:42:49 ----RSD---- C:\WINDOWS\assembly
2010-10-25 15:42:32 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-25 15:37:58 ----A---- C:\WINDOWS\system32\ati2sgag.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atitvo32.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ATIODE.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atimpc32.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atikvmag.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\aticalrt.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\aticaldd.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\aticalcl.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atibtmon.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati3duag.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2010-10-25 15:18:40 ----D---- C:\Program Files\Common Files\ATI Technologies
2010-10-25 15:18:36 ----D---- C:\Program Files\ATI
2010-10-25 15:18:18 ----D---- C:\Program Files\ATI Technologies
2010-10-25 15:17:56 ----D---- C:\ATI
2010-10-10 15:26:44 ----D---- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
2010-10-10 15:24:14 ----D---- C:\Program Files\Playrix Entertainment
2010-10-02 06:38:58 ----D---- C:\WINDOWS\Minidump
2010-09-26 14:28:40 ----D---- C:\WINDOWS\WBEM
2010-09-26 14:28:32 ----A---- C:\WINDOWS\system32\spmsg.dll
2010-09-26 14:28:23 ----HDC---- C:\WINDOWS\ie8
2010-09-26 14:28:23 ----D---- C:\WINDOWS\system32\sk-SK
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\normaliz.dll
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\nlsdl.dll
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\msrating.dll.mui
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\mshta.exe.mui
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\msdbg2.dll
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\ieudinit.exe
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\idndl.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ieui.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\iedkcs32.dll.mui
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ie4uinit.exe.mui
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\icardie.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\advpack.dll.mui

======List of files/folders modified in the last 3 months======

2010-12-07 14:04:59 ----AD---- C:\WINDOWS\Temp
2010-12-07 13:51:14 ----D---- C:\WINDOWS\system32
2010-12-07 13:50:55 ----A---- C:\WINDOWS\ntbtlog.txt
2010-12-07 13:50:45 ----D---- C:\WINDOWS\system32\drivers
2010-12-07 13:45:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-07 12:51:54 ----D---- C:\Documents and Settings
2010-12-07 12:27:43 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-07 12:24:40 ----D---- C:\WINDOWS
2010-12-07 11:52:37 ----D---- C:\WINDOWS\security
2010-12-07 11:28:38 ----D---- C:\WINDOWS\system32\Setup
2010-12-07 11:28:37 ----D---- C:\WINDOWS\Help
2010-12-07 11:28:30 ----D---- C:\WINDOWS\system32\usmt
2010-12-07 11:28:22 ----D---- C:\WINDOWS\AppPatch
2010-12-07 11:28:16 ----D---- C:\WINDOWS\mui
2010-12-07 11:28:15 ----D---- C:\WINDOWS\ime
2010-12-07 11:28:15 ----D---- C:\WINDOWS\ehome
2010-12-07 11:28:14 ----RSD---- C:\WINDOWS\Fonts
2010-12-07 11:28:13 ----D---- C:\WINDOWS\Media
2010-12-07 11:28:05 ----D---- C:\WINDOWS\PeerNet
2010-12-07 11:27:55 ----D---- C:\WINDOWS\system32\npp
2010-12-07 11:27:50 ----D---- C:\WINDOWS\msagent
2010-12-07 11:26:10 ----D---- C:\WINDOWS\twain_32
2010-12-07 11:26:01 ----D---- C:\WINDOWS\system32\icsxml
2010-12-07 11:25:42 ----D---- C:\WINDOWS\system32\ias
2010-12-07 11:25:38 ----D---- C:\WINDOWS\system32\1033
2010-12-07 11:24:39 ----D---- C:\WINDOWS\Driver Cache
2010-12-07 10:51:47 ----RD---- C:\Program Files
2010-12-07 10:50:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-07 10:50:35 ----D---- C:\WINDOWS\Registration
2010-12-07 10:50:07 ----HD---- C:\WINDOWS\inf
2010-12-07 10:49:55 ----A---- C:\WINDOWS\setuplog.txt
2010-12-07 10:49:21 ----SHD---- C:\System Volume Information
2010-12-07 10:49:21 ----D---- C:\WINDOWS\system32\Restore
2010-12-07 10:48:39 ----D---- C:\WINDOWS\system32\config
2010-12-07 10:46:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-07 10:44:35 ----A---- C:\WINDOWS\OEWABLog.txt
2010-12-07 10:44:31 ----A---- C:\WINDOWS\ODBCINST.INI
2010-12-07 10:44:14 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2010-12-07 10:43:49 ----RD---- C:\WINDOWS\Web
2010-12-07 10:43:42 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-12-07 10:43:33 ----A---- C:\WINDOWS\win.ini
2010-12-07 10:43:29 ----D---- C:\WINDOWS\system32\oobe
2010-12-07 10:43:28 ----D---- C:\WINDOWS\srchasst
2010-12-07 10:43:26 ----D---- C:\Program Files\Windows Media Player
2010-12-07 10:43:20 ----D---- C:\Program Files\Movie Maker
2010-12-07 10:43:08 ----D---- C:\Program Files\NetMeeting
2010-12-07 10:43:04 ----D---- C:\Program Files\Outlook Express
2010-12-07 10:43:04 ----D---- C:\Program Files\Common Files\System
2010-12-07 10:42:51 ----D---- C:\Program Files\Internet Explorer
2010-12-07 10:42:23 ----D---- C:\WINDOWS\system32\Com
2010-12-07 10:42:00 ----D---- C:\WINDOWS\system32\wbem
2010-12-07 10:41:57 ----D---- C:\Program Files\Windows NT
2010-12-07 10:40:55 ----SH---- C:\boot.ini
2010-12-07 10:31:46 ----A---- C:\WINDOWS\system.ini
2010-12-07 10:31:42 ----D---- C:\WINDOWS\system
2010-12-07 10:31:33 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-12-07 10:31:20 ----D---- C:\WINDOWS\system32\CatRoot
2010-12-07 10:30:56 ----D---- C:\WINDOWS\WinSxS
2010-12-06 14:24:10 ----SHD---- C:\WINDOWS\Installer
2010-12-06 14:24:10 ----D---- C:\Config.Msi
2010-12-06 13:50:56 ----SHD---- C:\RECYCLER
2010-12-06 10:33:24 ----D---- C:\Program Files\Alwil Software
2010-12-01 20:18:02 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-24 23:18:09 ----D---- C:\Documents and Settings\OOO\Application Data\BSplayer
2010-11-24 14:23:34 ----D---- C:\Documents and Settings\OOO\Application Data\Skype
2010-11-20 05:25:10 ----D---- C:\Documents and Settings\OOO\Application Data\skypePM
2010-11-14 09:38:42 ----D---- C:\Program Files\Common Files\Nokia
2010-11-10 22:15:15 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-11-10 05:50:34 ----D---- C:\Program Files\Ask.com
2010-11-09 06:37:29 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2010-11-09 06:37:28 ----D---- C:\Program Files\Google
2010-10-31 08:37:22 ----D---- C:\Documents and Settings\OOO\Application Data\Image Zone Express
2010-10-26 16:08:39 ----D---- C:\Program Files\Polda
2010-10-25 15:42:33 ----D---- C:\WINDOWS\system32\mui
2010-10-25 15:38:24 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-25 15:29:21 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-10-25 15:18:40 ----D---- C:\Program Files\Common Files
2010-10-25 15:11:01 ----D---- C:\WINDOWS\SoftwareDistribution
2010-09-26 14:28:48 ----A---- C:\WINDOWS\imsins.BAK

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-08-26 5386752]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-13 4879360]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 Passthru;Service; C:\WINDOWS\system32\DRIVERS\ndisvvan.sys [2010-11-27 57856]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2009-09-11 22792]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2009-09-11 14984]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2009-09-11 66056]
S2 aouviwqn;aouviwqn; \??\C:\WINDOWS\system32\Drivers\aouviwqn.sys []
S2 gxscwecu;gxscwecu; C:\WINDOWS\system32\drivers\gxscwecu.sys []
S2 sbruxjer;sbruxjer; \??\C:\WINDOWS\system32\Drivers\sbruxjer.sys []
S2 udtofnxc;udtofnxc; \??\C:\WINDOWS\system32\Drivers\udtofnxc.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\OOO\LOCALS~1\Temp\catchme.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 sermouse;Serial Mouse Driver; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-08-23 17664]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-04 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2009-09-11 35592]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2009-09-11 31752]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S4 dwshd;dwshd; C:\WINDOWS\System32\drivers\dwshd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-08-26 606208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-12 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-04-28 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-27 135664]
S2 NVSvc;NVIDIA-OMEGA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-11-09 182768]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]

-----------------EOF-----------------

#8 Příspěvek od **JaRon** » 07 pro 2010 14:16

takze zaciname:
Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Driver::
aouviwqn
gxscwecu
sbruxjer
udtofnxc

File::
C:\win22.exe
C:\t6.exe
C:\wscnnt.exe
C:\21.exe
C:\27.exe
C:\sx.exe

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Gxs16.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\gxscwecu]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hrjechtg]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nagpmnsb]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\neteeqfd]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\riumscbg]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rnnagslj]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rtnrouhc]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tupdwjiz.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Gxs16.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\gxscwecu]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hrjechtg]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nagpmnsb]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\neteeqfd]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\riumscbg]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rnnagslj]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rtnrouhc]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tupdwjiz.sys]

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:

Obrázek

po aplikacii by mal vzniknut dalsi log, ten vloz sem

peter.peco · #9 Příspěvek od **peter.peco** » 07 pro 2010 14:31

Tuna je log z combofix, na konci sa chcel pripojit na Internet a nieco stiahnut ci poslat, ale dany PC nemam moznost teraz pripojit na siet.

ComboFix 10-12-06.03 - OOO 07.12.2010 14:22:14.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3583.3132 [GMT 1:00]
Running from: c:\documents and settings\OOO\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\OOO\Desktop\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
"C:\21.exe"
"C:\27.exe"
"C:\sx.exe"
"C:\t6.exe"
"C:\win22.exe"
"C:\wscnnt.exe"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\21.exe
C:\27.exe
c:\documents and settings\All Users\Application Data\common.data
c:\documents and settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\OOO\Application Data\BG0Ai.txt
c:\documents and settings\OOO\Application Data\nK6Nk.txt
c:\documents and settings\OOO\gfvib.exe
c:\documents and settings\OOO\My Documents\cc_20101207_140840.reg
c:\documents and settings\OOO\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\OOO\rkibuh.exe
c:\documents and settings\OOO\secupdat.dat
C:\sx.exe
C:\t6.exe
C:\win22.exe
c:\windows\nvsvc32.exe
c:\windows\system32\drivers\ndisvvan.sys
C:\wscnnt.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AOUVIWQN
-------\Legacy_GXSCWECU
-------\Legacy_SBRUXJER
-------\Legacy_UDTOFNXC
-------\Service_aouviwqn
-------\Service_gxscwecu
-------\Service_sbruxjer
-------\Service_udtofnxc
-------\Service_Passthru

((((((((((((((((((((((((( Files Created from 2010-11-07 to 2010-12-07 )))))))))))))))))))))))))))))))
.

2010-12-07 09:51 . 2010-12-07 09:51 -------- d-----w- C:\rsit
2010-12-07 09:51 . 2010-12-07 09:51 -------- d-----w- c:\program files\trend micro
2010-12-07 09:49 . 2010-12-07 09:49 -------- d-----w- c:\windows\system32\config\systemprofile\Pracovná plocha
2010-12-07 09:45 . 2001-08-23 12:00 6144 -c--a-w- c:\windows\system32\dllcache\kbdax2.dll
2010-12-07 09:43 . 2001-08-23 12:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2010-12-07 09:43 . 2001-08-23 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe
2010-12-07 09:41 . 2004-08-03 20:59 44544 -c--a-w- c:\windows\system32\dllcache\tscupgrd.exe
2010-12-07 09:41 . 2004-08-03 20:59 44544 ----a-w- c:\windows\system32\tscupgrd.exe
2010-12-07 09:16 . 2010-12-07 13:04 -------- d-----w- c:\program files\CCleaner
2010-12-06 13:26 . 2010-12-07 11:53 -------- d-----w- c:\documents and settings\Administrator.OOO-F7C5BA042DC.004
2010-12-06 11:30 . 2008-04-14 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-12-06 09:33 . 2010-09-07 15:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-12-06 09:33 . 2010-09-07 15:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-06 09:33 . 2010-09-07 15:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-12-06 09:33 . 2010-09-07 15:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-12-06 09:33 . 2010-09-07 15:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-12-06 09:33 . 2010-09-07 15:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-12-06 09:33 . 2010-09-07 15:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-12-06 09:33 . 2010-09-07 16:12 38848 ----a-w- c:\windows\avastSS.scr
2010-12-06 09:33 . 2010-09-07 16:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-12-06 09:33 . 2010-12-06 09:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-11-26 21:07 . 2010-11-26 21:07 82944 ----a-w- c:\windows\system32\drivers\aouviwqn.sys
2010-11-26 20:03 . 2010-11-26 20:03 82944 ----a-w- c:\windows\system32\drivers\sbruxjer.sys
2010-11-26 07:05 . 2010-11-26 07:05 82944 ----a-w- c:\windows\system32\drivers\udtofnxc.sys
2010-11-24 22:34 . 2010-11-25 05:16 196608 ----a-w- C:\WebHD.exe
2010-11-21 21:33 . 2010-11-21 21:33 257 ----a-w- C:\HDTV.exe
2010-11-10 14:51 . 2010-11-10 14:51 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-09 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"nwiz"="nwiz.exe" [2007-12-05 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-12 136600]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2009-09-16 153608]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-28 61440]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"RTHDCPL"="RTHDCPL.EXE" [2008-10-09 17021440]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6.12.2010 10:33 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6.12.2010 10:33 17744]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [27.2.2010 23:59 135664]
.
Contents of the 'Scheduled Tasks' folder

2010-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-27 22:59]

2010-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-27 22:59]

2010-12-07 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-07-10 16:29]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
.
- - - - ORPHANS REMOVED - - - -

Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-2kv4.8.442 - c:\windows\Radeon Omega Drivers v4.8.442

**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(424)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Completion time: 2010-12-07 14:27:56 - machine was rebooted
ComboFix-quarantined-files.txt 2010-12-07 13:27

Pre-Run: 72 373 448 704 bytes free
Post-Run: 72 333 447 168 bytes free

- - End Of File - - A11EF4EB5A3B73D700926E0CEEEF1311

#10 Příspěvek od **JaRon** » 07 pro 2010 14:38

dalsi CFScript:

Kód: Vybrat vše

File::
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
c:\windows\system32\drivers\aouviwqn.sys
c:\windows\system32\drivers\sbruxjer.sys
c:\windows\system32\drivers\udtofnxc.sys
C:\WebHD.exe
C:\HDTV.exe

po ukonceni spust uplnu kontrolu s CureIT - ja uz tu nebudem, ale vypada to dobre

peter.peco · #11 Příspěvek od **peter.peco** » 07 pro 2010 14:54

OK, dam vediet co a ako

Vdaka!

peter.peco · #12 Příspěvek od **peter.peco** » 08 pro 2010 08:47

Vypada to OK, tuna je log z RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by OOO at 2010-12-08 08:44:18
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 69 GB (69%) free of 100 GB
Total RAM: 3583 MB (87% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-09-12 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-11-09 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-11-09 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-11-09 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 81920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-12 136600]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 153608]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-28 61440]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-10-09 17021440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-11-09 39408]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-03 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-08-26 159744]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 3 months======

2010-12-08 08:42:17 ----SHD---- C:\RECYCLER
2010-12-07 14:44:02 ----A---- C:\ComboFix.txt
2010-12-07 14:40:21 ----D---- C:\ComboFix
2010-12-07 12:42:55 ----ASH---- C:\pagefile.sys
2010-12-07 12:22:15 ----A---- C:\WINDOWS\zip.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\SWSC.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\SWREG.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\sed.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\PEV.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\NIRCMD.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\MBR.exe
2010-12-07 12:22:15 ----A---- C:\WINDOWS\grep.exe
2010-12-07 12:22:11 ----D---- C:\WINDOWS\ERDNT
2010-12-07 12:06:34 ----D---- C:\Qoobox
2010-12-07 10:51:47 ----D---- C:\rsit
2010-12-07 10:51:47 ----D---- C:\Program Files\trend micro
2010-12-07 10:49:08 ----D---- C:\WINDOWS\Prefetch
2010-12-07 10:43:46 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-12-07 10:41:55 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-12-07 10:31:42 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-12-07 10:31:42 ----A---- C:\WINDOWS\system32\irclass.dll
2010-12-07 10:31:19 ----RA---- C:\WINDOWS\SET5C.tmp
2010-12-07 10:31:17 ----RA---- C:\WINDOWS\SET50.tmp
2010-12-07 10:31:16 ----RA---- C:\WINDOWS\SET4F.tmp
2010-12-07 10:16:45 ----D---- C:\Program Files\CCleaner
2010-12-06 12:30:55 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-12-06 10:33:32 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-12-06 10:33:32 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-12-06 10:33:31 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-12-06 10:33:28 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-12-06 10:33:24 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-11-10 15:51:27 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2010-10-25 15:46:44 ----D---- C:\Documents and Settings\OOO\Application Data\ATI
2010-10-25 15:46:44 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2010-10-25 15:42:49 ----RSD---- C:\WINDOWS\assembly
2010-10-25 15:42:32 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-25 15:37:58 ----A---- C:\WINDOWS\system32\ati2sgag.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atitvo32.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ATIODE.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atimpc32.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atikvmag.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\aticalrt.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\aticaldd.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\aticalcl.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atibtmon.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati3duag.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2010-10-25 15:29:21 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2010-10-25 15:18:40 ----D---- C:\Program Files\Common Files\ATI Technologies
2010-10-25 15:18:36 ----D---- C:\Program Files\ATI
2010-10-25 15:18:18 ----D---- C:\Program Files\ATI Technologies
2010-10-25 15:17:56 ----D---- C:\ATI
2010-10-10 15:26:44 ----D---- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
2010-10-10 15:24:14 ----D---- C:\Program Files\Playrix Entertainment
2010-10-02 06:38:58 ----D---- C:\WINDOWS\Minidump
2010-09-26 14:28:40 ----D---- C:\WINDOWS\WBEM
2010-09-26 14:28:32 ----A---- C:\WINDOWS\system32\spmsg.dll
2010-09-26 14:28:23 ----HDC---- C:\WINDOWS\ie8
2010-09-26 14:28:23 ----D---- C:\WINDOWS\system32\sk-SK
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\normaliz.dll
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\nlsdl.dll
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\msrating.dll.mui
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\mshta.exe.mui
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\msdbg2.dll
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\ieudinit.exe
2010-09-26 14:27:49 ----A---- C:\WINDOWS\system32\idndl.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ieui.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ieframe.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\iedkcs32.dll.mui
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\ie4uinit.exe.mui
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\icardie.dll
2010-09-26 14:27:48 ----A---- C:\WINDOWS\system32\advpack.dll.mui

======List of files/folders modified in the last 3 months======

2010-12-08 08:44:12 ----AD---- C:\WINDOWS\Temp
2010-12-08 08:42:18 ----D---- C:\WINDOWS
2010-12-08 08:41:19 ----SHD---- C:\WINDOWS\Installer
2010-12-08 08:41:19 ----D---- C:\Config.Msi
2010-12-08 08:36:52 ----SHD---- C:\WINDOWS\CSC
2010-12-08 08:36:01 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-12-08 08:35:42 ----D---- C:\Documents and Settings
2010-12-07 14:50:28 ----D---- C:\WINDOWS\system32\drivers
2010-12-07 14:46:56 ----D---- C:\WINDOWS\system32\CatRoot2
2010-12-07 14:43:18 ----A---- C:\WINDOWS\system.ini
2010-12-07 14:43:12 ----D---- C:\WINDOWS\system32\drivers\etc
2010-12-07 14:43:00 ----SD---- C:\WINDOWS\Tasks
2010-12-07 14:42:16 ----D---- C:\WINDOWS\system32
2010-12-07 14:42:16 ----D---- C:\WINDOWS\AppPatch
2010-12-07 14:42:15 ----D---- C:\Program Files\Common Files
2010-12-07 14:26:39 ----D---- C:\WINDOWS\system32\config
2010-12-07 14:08:15 ----D---- C:\WINDOWS\Debug
2010-12-07 11:52:37 ----D---- C:\WINDOWS\security
2010-12-07 11:28:38 ----D---- C:\WINDOWS\system32\Setup
2010-12-07 11:28:37 ----D---- C:\WINDOWS\Help
2010-12-07 11:28:30 ----D---- C:\WINDOWS\system32\usmt
2010-12-07 11:28:16 ----D---- C:\WINDOWS\mui
2010-12-07 11:28:15 ----D---- C:\WINDOWS\ime
2010-12-07 11:28:15 ----D---- C:\WINDOWS\ehome
2010-12-07 11:28:14 ----RSD---- C:\WINDOWS\Fonts
2010-12-07 11:28:13 ----D---- C:\WINDOWS\Media
2010-12-07 11:28:05 ----D---- C:\WINDOWS\PeerNet
2010-12-07 11:27:55 ----D---- C:\WINDOWS\system32\npp
2010-12-07 11:27:50 ----D---- C:\WINDOWS\msagent
2010-12-07 11:26:10 ----D---- C:\WINDOWS\twain_32
2010-12-07 11:26:01 ----D---- C:\WINDOWS\system32\icsxml
2010-12-07 11:25:42 ----D---- C:\WINDOWS\system32\ias
2010-12-07 11:25:38 ----D---- C:\WINDOWS\system32\1033
2010-12-07 11:24:39 ----D---- C:\WINDOWS\Driver Cache
2010-12-07 10:51:47 ----RD---- C:\Program Files
2010-12-07 10:50:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-07 10:50:35 ----D---- C:\WINDOWS\Registration
2010-12-07 10:50:07 ----HD---- C:\WINDOWS\inf
2010-12-07 10:49:21 ----SHD---- C:\System Volume Information
2010-12-07 10:49:21 ----D---- C:\WINDOWS\system32\Restore
2010-12-07 10:46:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-12-07 10:44:31 ----A---- C:\WINDOWS\ODBCINST.INI
2010-12-07 10:44:14 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2010-12-07 10:43:49 ----RD---- C:\WINDOWS\Web
2010-12-07 10:43:42 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-12-07 10:43:33 ----A---- C:\WINDOWS\win.ini
2010-12-07 10:43:29 ----D---- C:\WINDOWS\system32\oobe
2010-12-07 10:43:28 ----D---- C:\WINDOWS\srchasst
2010-12-07 10:43:26 ----D---- C:\Program Files\Windows Media Player
2010-12-07 10:43:20 ----D---- C:\Program Files\Movie Maker
2010-12-07 10:43:08 ----D---- C:\Program Files\NetMeeting
2010-12-07 10:43:04 ----D---- C:\Program Files\Outlook Express
2010-12-07 10:43:04 ----D---- C:\Program Files\Common Files\System
2010-12-07 10:42:51 ----D---- C:\Program Files\Internet Explorer
2010-12-07 10:42:23 ----D---- C:\WINDOWS\system32\Com
2010-12-07 10:42:00 ----D---- C:\WINDOWS\system32\wbem
2010-12-07 10:41:57 ----D---- C:\Program Files\Windows NT
2010-12-07 10:40:55 ----SH---- C:\boot.ini
2010-12-07 10:31:42 ----D---- C:\WINDOWS\system
2010-12-07 10:31:33 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-12-07 10:31:20 ----D---- C:\WINDOWS\system32\CatRoot
2010-12-07 10:30:56 ----D---- C:\WINDOWS\WinSxS
2010-12-06 10:33:24 ----D---- C:\Program Files\Alwil Software
2010-12-01 20:18:02 ----A---- C:\WINDOWS\NeroDigital.ini
2010-11-24 23:18:09 ----D---- C:\Documents and Settings\OOO\Application Data\BSplayer
2010-11-24 14:23:34 ----D---- C:\Documents and Settings\OOO\Application Data\Skype
2010-11-20 05:25:10 ----D---- C:\Documents and Settings\OOO\Application Data\skypePM
2010-11-14 09:38:42 ----D---- C:\Program Files\Common Files\Nokia
2010-11-10 22:15:15 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-11-10 05:50:34 ----D---- C:\Program Files\Ask.com
2010-11-09 06:37:29 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2010-11-09 06:37:28 ----D---- C:\Program Files\Google
2010-10-31 08:37:22 ----D---- C:\Documents and Settings\OOO\Application Data\Image Zone Express
2010-10-26 16:08:39 ----D---- C:\Program Files\Polda
2010-10-25 15:42:33 ----D---- C:\WINDOWS\system32\mui
2010-10-25 15:38:24 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-25 15:29:21 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-10-25 15:11:01 ----D---- C:\WINDOWS\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-03 14848]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-08-26 5386752]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-10-13 4879360]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2009-09-11 22792]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2009-09-11 14984]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2009-09-11 66056]
S3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 sermouse;Serial Mouse Driver; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-08-23 17664]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-04 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2009-09-11 35592]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS\system32\drivers\WmHidLo.sys [2009-09-11 31752]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]
S4 dwshd;dwshd; C:\WINDOWS\System32\drivers\dwshd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-08-26 606208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-12 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-04-28 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-27 135664]
S2 NVSvc;NVIDIA-OMEGA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-11-09 182768]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-05 774144]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-04-27 611840]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]

-----------------EOF-----------------

#13 Příspěvek od **JaRon** » 08 pro 2010 08:49

doporucujem doinstalovat SP3 a potom vycistit s CCleanerom

peter.peco · #14 Příspěvek od **peter.peco** » 08 pro 2010 09:41

OK. Vdaka!

#15 Příspěvek od **JaRon** » 08 pro 2010 09:43

rado sa stalo

VIRY.CZ

prosim o kontrolu logu

prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu

Re: prosim o kontrolu logu