Pred casom nasiel antivir conficker... Hlasi, ze uz bol odstraneny, ale je potrebna hlbsia kontrola PC koli pripojeni do univerzitnej siete.
Dakujem.
Logfile of random's system information tool 1.08 (written by random/random)
Run by justDVL at 2011-01-09 13:34:17
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 584 MB (4%) free of 14 GB
Total RAM: 1015 MB (35% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-1580818891-1177238915-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-1580818891-1177238915-1003UA.job
C:\WINDOWS\tasks\Ovládání hlasitosti.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-04-09 688128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\justDVL\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll [2010-04-12 48080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83B80A9C-D91A-4F22-8DCF-EA7204039F79}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]
FlashGetBHO - C:\Documents and Settings\justDVL\Data aplikací\FlashGetBHO\FlashGetBHO3.dll [2009-12-22 157232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-29 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-29 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Dealio Toolbar - C:\Program Files\Dealio Toolbar\DealioToolbarIE.dll [2009-04-09 688128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-10-11 1826816]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2007-11-13 851968]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"RegistryMechanic"= []
"Microsoft WinUpdate"=C:\WINDOWS\system32\msupdte.exe [2009-08-09 3702]
"IgfxTray"=C:\WINDOWS\system32\i [2009-08-07 77]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-11-08 166424]
"Persistence"=C:\WINDOWS\system32\i [2009-08-07 77]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-10-25 16855552]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"FileZilla Server Interface"=C:\Program Files\FileZilla Server\FileZilla Server Interface.exe [2010-10-17 1259008]
"QuickTime Task"=D:\Programy\QuickTime\QTTask.exe [2010-11-29 421888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WhatPulse"=C:\Program Files\WhatPulse\WhatPulse.exe [2009-04-08 2814976]
"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2008-12-09 495616]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"AutoScreenshotMaker"=C:\Program Files\Auto Screenshot Maker\AutoScreenshotMaker.exe [2009-05-27 1507328]
"Google Update"=C:\Documents and Settings\justDVL\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-10-20 133104]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"awplite"=C:\Program Files\AllWallpapersLite\awplite.exe [2007-02-10 2607616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath]
C:\WINDOWS\VM_STI.EXE [2004-06-09 40960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Teleport Scheduler]
C:\Program Files\Teleport Pro\scheduler.exe [2007-09-20 327680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po sputìní^TrayMin210.exe.lnk]
C:\PROGRA~1\Philips\PHILIP~1\TRAYMI~1.EXE [2006-05-10 278528]
C:\Documents and Settings\justDVL\Nabídka Start\Programy\Po sputìní
Bitcoin.lnk - C:\Program Files\Bitcoin\bitcoin.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-10-30 208896]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\justDVL\Plocha\ApexDC++_1.1.0\ApexDC++_1.1.0\ApexDC.exe"="C:\Documents and Settings\justDVL\Plocha\ApexDC++_1.1.0\ApexDC++_1.1.0\ApexDC.exe:*:Enabled:ApexDC++"
"C:\Program Files\ApexDC\ApexDC++_1.1.0\ApexDC.exe"="C:\Program Files\ApexDC\ApexDC++_1.1.0\ApexDC.exe:*:Enabled:ApexDC++"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Vidalia Bundle\Tor\tor.exe"="C:\Program Files\Vidalia Bundle\Tor\tor.exe:*:Enabled:tor"
"C:\xampp\mysql\bin\mysqld.exe"="C:\xampp\mysql\bin\mysqld.exe:*:Enabled:mysqld"
"C:\xampp\apache\bin\httpd.exe"="C:\xampp\apache\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Opera 10 Beta\opera.exe"="C:\Program Files\Opera 10 Beta\opera.exe:*:Enabled:Opera Internet Browser"
"C:\xampp\FileZillaFTP\FileZillaServer.exe"="C:\xampp\FileZillaFTP\FileZillaServer.exe:*:Enabled:FileZillaServer.exe"
"C:\xampp\FileZillaFTP\FileZilla server.exe"="C:\xampp\FileZillaFTP\FileZilla server.exe:*:Enabled:FileZilla server.exe"
"D:\HRY\Warcraft III\Warcraft III.exe"="D:\HRY\Warcraft III\Warcraft III.exe:*:Disabled:Warcraft III"
"D:\HRY\Warcraft III\war3.exe"="D:\HRY\Warcraft III\war3.exe:*:Disabled:Warcraft III"
"C:\Program Files\Warcraft III\Warcraft III.exe"="C:\Program Files\Warcraft III\Warcraft III.exe:*:Disabled:Warcraft III"
"C:\Program Files\Warcraft III\war3.exe"="C:\Program Files\Warcraft III\war3.exe:*:Disabled:Warcraft III"
"C:\Program Files\ApexDC++\ApexDC.exe"="C:\Program Files\ApexDC++\ApexDC.exe:*:Enabled:ApexDC++ - Pinnacle of File Sharing"
"C:\Documents and Settings\justDVL\Local Settings\Temp\IXP000.TMP\SMPCSetup.exe"="C:\Documents and Settings\justDVL\Local Settings\Temp\IXP000.TMP\SMPCSetup.exe:*:Enabled:SMPCSetup"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\War-ftpd\war-ftpd.exe"="C:\Program Files\War-ftpd\war-ftpd.exe:*:Enabled:War FTP Daemon"
"C:\Program Files\SoulseekNS\slsk.exe"="C:\Program Files\SoulseekNS\slsk.exe:*:Enabled:SoulSeek"
"D:\HRY\Warcraft III\ghost\GHostOne.exe"="D:\HRY\Warcraft III\ghost\GHostOne.exe:*:Enabled:GHostOne.exe"
"D:\HRY\Warcraft III\ghost\ghost.exe"="D:\HRY\Warcraft III\ghost\ghost.exe:*:Enabled:ghost"
"C:\Documents and Settings\justDVL\Local Settings\Temp\IXP000.TMP\smwinvnc.exe"="C:\Documents and Settings\justDVL\Local Settings\Temp\IXP000.TMP\smwinvnc.exe:*:Enabled:TightVNC Win32 Server"
"C:\Program Files\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Program Files\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\Xi\NetXfer\NetTransport.exe"="C:\Program Files\Xi\NetXfer\NetTransport.exe:*:Enabled:NetXfer Download Manager"
"C:\Documents and Settings\justDVL\temp\TeamViewer\Version5\TeamViewer.exe"="C:\Documents and Settings\justDVL\temp\TeamViewer\Version5\TeamViewer.exe:*:Enabled:TeamViewer"
"C:\Documents and Settings\justDVL\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\justDVL\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Documents and Settings\justDVL\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\justDVL\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\justDVL\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\justDVL\Local Settings\Data aplikací\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"C:\Documents and Settings\justDVL\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\justDVL\Local Settings\Data aplikací\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Program Files\Pando Networks\Pando\pando.exe"="C:\Program Files\Pando Networks\Pando\pando.exe:*:Enabled:pando"
"C:\Program Files\Antik Phone\AntikSIPsoftPhone.exe"="C:\Program Files\Antik Phone\AntikSIPsoftPhone.exe:*:Enabled:AntikSIPsoftPhone"
"C:\Program Files\Antik Phone\AntikSIPsoftPhone.atk"="C:\Program Files\Antik Phone\AntikSIPsoftPhone.atk:*:Enabled:AntikSIPsoftPhone"
"C:\Program Files\Growl for Windows\Growl.exe"="C:\Program Files\Growl for Windows\Growl.exe:*:Enabled:Growl"
"C:\Documents and Settings\justDVL\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\justDVL\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\justDVL\Data aplikací\GameRanger\GameRanger\GameRanger.exe"="C:\Documents and Settings\justDVL\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"D:\Games\Age Of Empires 2 & The Conquerors Expansion - Full Game\Age Of Empires 2 & The Conquerors Expansion - Full Game\empires2.exe"="D:\Games\Age Of Empires 2 & The Conquerors Expansion - Full Game\Age Of Empires 2 & The Conquerors Expansion - Full Game\empires2.exe:*:Enabled:Age of Empires II"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\Games\Age Of Empires 2 & The Conquerors Expansion - Full Game\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe"="D:\Games\Age Of Empires 2 & The Conquerors Expansion - Full Game\Age Of Empires 2 & The Conquerors Expansion - Full Game\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"C:\Program Files\KaM - The Peasants Rebellion\KM_TPR.exe"="C:\Program Files\KaM - The Peasants Rebellion\KM_TPR.exe:*:Enabled:KM_TPR"
"C:\Program Files\Bitcoin\bitcoin.exe"="C:\Program Files\Bitcoin\bitcoin.exe:*:Enabled:bitcoin"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======File associations======
.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 3 months======
2011-01-09 13:34:18 ----D---- C:\Program Files\trend micro
2011-01-09 13:34:17 ----D---- C:\rsit
2011-01-04 19:25:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2011-01-01 22:12:42 ----A---- C:\WINDOWS\system32\acovcnt.exe
2010-12-29 20:14:18 ----D---- C:\2010.12.29
2010-12-24 15:46:23 ----D---- C:\Nová sloka (2)
2010-12-22 09:01:59 ----D---- C:\Documents and Settings\justDVL\Data aplikací\Bitcoin
2010-12-22 09:01:53 ----D---- C:\Program Files\Bitcoin
2010-12-19 14:07:51 ----A---- C:\AILog.txt
2010-12-17 18:46:58 ----D---- C:\Documents and Settings\justDVL\Data aplikací\GameRanger
2010-12-11 18:51:04 ----D---- C:\Program Files\Common Files\Skype
2010-11-22 17:07:12 ----D---- C:\Documents and Settings\justDVL\Data aplikací\Winamp
2010-11-21 20:38:18 ----ASH---- C:\hiberfil.sys
2010-11-21 20:14:54 ----A---- C:\virus.txt
2010-11-21 18:04:35 ----AH---- C:\.picasa.ini
2010-11-20 23:48:19 ----D---- C:\Program Files\FileZilla Server
2010-11-20 23:47:11 ----D---- C:\Documents and Settings\justDVL\Data aplikací\FileZilla
2010-11-20 23:46:48 ----D---- C:\Program Files\FileZilla FTP Client
2010-11-15 10:54:29 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 7
2010-10-22 21:59:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2010-10-21 15:57:55 ----D---- C:\Documents and Settings\justDVL\Data aplikací\Google
2010-10-21 13:23:07 ----D---- C:\Program Files\KaM - The Peasants Rebellion
======List of files/folders modified in the last 3 months======
2011-01-09 13:34:51 ----D---- C:\Documents and Settings\justDVL\Data aplikací\.purple
2011-01-09 13:34:18 ----D---- C:\Program Files
2011-01-09 13:34:15 ----D---- C:\WINDOWS\Prefetch
2011-01-09 12:51:54 ----D---- C:\Documents and Settings\justDVL\Data aplikací\Skype
2011-01-09 10:41:52 ----D---- C:\WINDOWS\system32
2011-01-08 18:22:45 ----D---- C:\Documents and Settings\justDVL\Data aplikací\Audacity
2011-01-08 15:01:58 ----A---- C:\WINDOWS\NeroDigital.ini
2011-01-08 12:42:44 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\MPK
2011-01-08 11:35:01 ----SD---- C:\WINDOWS\Tasks
2011-01-07 21:37:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-07 09:47:16 ----D---- C:\WINDOWS\Temp
2011-01-07 08:54:55 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-07 01:14:51 ----D---- C:\WINDOWS\system32\ias
2011-01-04 19:27:24 ----SHD---- C:\WINDOWS\Installer
2011-01-04 19:27:12 ----HD---- C:\Config.Msi
2011-01-03 14:29:14 ----D---- C:\Documents and Settings\justDVL\Data aplikací\ApexDC++
2010-12-29 09:44:41 ----D---- C:\Program Files\Replay Media Catcher
2010-12-29 09:40:41 ----A---- C:\WINDOWS\system32\rmc_rtspdl.dll
2010-12-29 09:40:41 ----A---- C:\WINDOWS\system32\rmc_fixasf.exe
2010-12-29 09:40:37 ----A---- C:\WINDOWS\system32\AudioGenie2.dll
2010-12-24 17:45:02 ----D---- C:\zopar z roku 2010 I
2010-12-24 08:33:34 ----D---- C:\Program Files\AllWallpapersLite
2010-12-17 10:29:28 ----D---- C:\Program Files\Opera 10 Beta
2010-12-15 16:46:00 ----D---- C:\Program Files\ApexDC++
2010-12-13 18:56:11 ----D---- C:\Program Files\Mozilla Firefox
2010-12-11 18:51:04 ----RD---- C:\Program Files\Skype
2010-12-11 18:51:04 ----D---- C:\Program Files\Common Files
2010-12-11 18:50:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-12-11 17:16:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-09 23:45:43 ----D---- C:\Documents and Settings\justDVL\Data aplikací\Mozilla
2010-12-06 10:43:49 ----D---- C:\Program Files\socialsafe
2010-12-06 10:39:25 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-12-06 01:03:43 ----D---- C:\Documents and Settings\justDVL\Data aplikací\uTorrent
2010-11-27 00:06:46 ----A---- C:\WINDOWS\wincmd.ini
2010-11-27 00:00:25 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-11-26 08:32:31 ----D---- C:\WINDOWS
2010-11-22 17:07:33 ----D---- C:\Program Files\Winamp
2010-11-21 20:41:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-11-21 20:35:58 ----SHD---- C:\RECYCLER
2010-11-20 23:46:29 ----D---- C:\Program Files\Registry Mechanic
2010-11-14 14:41:04 ----D---- C:\WINDOWS\Debug
2010-11-14 11:12:53 ----D---- C:\WINDOWS\system32\drivers
2010-11-14 10:43:21 ----D---- C:\WINDOWS\system32\Restore
2010-11-13 09:26:24 ----SHD---- C:\System Volume Information
2010-11-01 08:52:17 ----D---- C:\Program Files\Last.fm
2010-10-25 19:42:01 ----D---- C:\WINDOWS\system32\drivers\etc
2010-10-22 21:59:05 ----D---- C:\Program Files\Google
2010-10-22 21:51:57 ----D---- C:\Documents and Settings\justDVL\Data aplikací\Media Player Classic
2010-10-22 21:50:44 ----D---- C:\WINDOWS\Minidump
2010-10-22 21:47:16 ----D---- C:\Program Files\CCleaner
2010-10-20 10:55:11 ----D---- C:\xampp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 AsDsm;AsDsm; C:\WINDOWS\system32\drivers\AsDsm.sys [2007-08-10 29752]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-08-20 44944]
R1 bbcap;bbcap; C:\WINDOWS\system32\DRIVERS\bbcap.sys [2010-09-01 2944]
R1 intelppm;Øadiè procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-10-25 549184]
R3 HDAudBus;Ovladaè Microsoft UAA pro sbìrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-10-30 5851488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-01 4620288]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-24 5632]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-24 5760]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-07-12 96384]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 USBSTOR;Ovladaè velkokapacitního pamìového zaøízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladaè Microsoft univerzálního hostitelského øadièe USB od spoleènosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\PROGRA~1\ATKHOT~1\ASNDIS5.SYS []
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hidusb;Ovladaè tøídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 mouhid;Ovladaè myi standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
S3 msloop;Microsoft Loopback Adapter Driver; C:\WINDOWS\system32\DRIVERS\loop.sys [2001-08-17 4992]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 sffdisk;Ovladaè tøídy úloitì SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;Ovladaè protokolu úloitì SFF pro pamì sbìrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys []
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088]
S3 usbccgp;Obecný nadøazený ovladaè Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Tøída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladaè skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Documents and Settings\justDVL\Plocha\RealTemp_3.00\WinRing0.sys []
S3 WSTCODEC;Dálnopisný kodek svìtového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 ZSMC301b;Philips SPC210NC Webcam; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2005-02-26 91527]
S4 WS2IFSL;Podpùrné prostøedí zprostøedkovatele slueb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2007-05-18 73728]
R2 FileZilla Server;FileZilla Server FTP server; C:\Program Files\FileZilla Server\FileZilla Server.exe [2010-10-17 742912]
R2 FolderSize;Folder Size; C:\Program Files\FolderSize\FolderSizeSvc.exe [2007-11-14 131072]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2009-12-17 185640]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 mspgm;Installer Server; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-03 69632]
S2 XAMPP;XAMPP Service; C:\xampp\service.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 HP Port Resolver;HP Port Resolver; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE [2004-10-16 73728]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Conficker
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Conficker
Log vypadá čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Conficker
Dakujem.
Je este nieco co by som mohol spravit pre kontrolu?
Je este nieco co by som mohol spravit pre kontrolu?
-
Rudy
- Site Admin
- Příspěvky: 119402
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Conficker
Můžete udělat sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log v případě nějakého nálezu, předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?