Log z RSITU:
Logfile of random's system information tool 1.08 (written by random/random)
Run by oem at 2011-05-14 21:27:29
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (8%) free of 100 GB
Total RAM: 2046 MB (68% free)
HijackThis download failed
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-OEM-387A462E386-oem.job
C:\WINDOWS\tasks\CKCXYJUK.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-25 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67BCF957-85FC-4036-8DC4-D4D80E00A77B}]
CIEDownload Object - C:\Program Files\SMART Technologies\Notebook Software\NotebookPlugin.dll [2008-07-31 558376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-04-30 298160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-04-30 848952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-09 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-25 520192]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-04-30 298160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-11-20 106496]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-08-11 63048]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2006-04-29 94208]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
""= []
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-03 500208]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2011-01-07 111208]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-01-07 13880424]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-11-04 1753192]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-02-25 39408]
"Active Desktop Calendar"=C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe [2009-10-02 5636608]
"Steam"=C:\Program Files\Steam\Steam.exe [2011-04-14 1242448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2010-12-08 87424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Disabled:aolload.exe"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Disabled:ICQ7.2"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Disabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Disabled:PnkBstrB"
"C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe"="C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe:*:Disabled:SMART SNMPAgent"
"D:\Stažené_programy\VideoConverter_Setup.exe"="D:\Stažené_programy\VideoConverter_Setup.exe:*:Disabled:Video Converter"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Heroes in the Sky\HIS.exe"="D:\Heroes in the Sky\HIS.exe:*:Enabled:his"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Funcom\Age of Conan\ConanPatcher.exe"="C:\Program Files\Funcom\Age of Conan\ConanPatcher.exe:*:Enabled:Age of Conan Update Manager"
"C:\Program Files\Funcom\Age of Conan\AgeOfConan.exe"="C:\Program Files\Funcom\Age of Conan\AgeOfConan.exe:*:Enabled:Age of Conan ConanLiveWin32 v2.01.7@149869"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
======List of files/folders created in the last 1 months======
2011-05-14 21:27:29 ----D---- C:\rsit
2011-05-14 21:27:29 ----D---- C:\Program Files\trend micro
2011-05-14 21:15:26 ----A---- C:\WINDOWS\resetlog.txt
2011-05-14 20:43:22 ----D---- C:\Documents and Settings\oem\Data aplikací\NVIDIA
2011-05-14 20:42:16 ----D---- C:\Documents and Settings\oem\Data aplikací\Složka odesílání Share-to-Web
2011-05-14 20:42:10 ----D---- C:\Program Files\LANGMaster Škola DNES
2011-05-14 20:42:09 ----HD---- C:\WINDOWS\PIF
2011-05-14 19:25:25 ----SHD---- C:\Config.Msi
2011-05-03 14:07:41 ----D---- C:\Documents and Settings\oem\Data aplikací\AVI ReComp
2011-05-03 14:04:46 ----D---- C:\Program Files\Gabest
2011-05-03 14:04:42 ----D---- C:\Program Files\Xvid
2011-05-03 14:04:15 ----D---- C:\Program Files\AviSynth 2.5
2011-05-03 14:04:02 ----D---- C:\Program Files\AVI ReComp
2011-04-26 15:32:03 ----D---- C:\Program Files\vso
2011-04-22 18:15:16 ----A---- C:\WINDOWS\system32\nvgenco32hda.dll
2011-04-22 18:15:15 ----A---- C:\WINDOWS\system32\OpenCL.dll
2011-04-22 18:15:15 ----A---- C:\WINDOWS\system32\nvgenco322040.dll
2011-04-22 18:15:15 ----A---- C:\WINDOWS\system32\nvdispco322090.dll
2011-04-22 18:15:14 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2011-04-22 18:14:50 ----D---- C:\NVIDIA
2011-04-16 10:54:19 ----A---- C:\WINDOWS\system32\npptNT2.sys
2011-04-16 10:53:46 ----D---- C:\Program Files\Common Files\INCA Shared
2011-04-15 17:10:01 ----HD---- C:\Program Files\Zero G Registry
======List of files/folders modified in the last 1 months======
2011-05-14 21:27:29 ----RD---- C:\Program Files
2011-05-14 21:27:28 ----D---- C:\WINDOWS\Prefetch
2011-05-14 21:25:17 ----D---- C:\WINDOWS\Temp
2011-05-14 21:25:15 ----D---- C:\WINDOWS\system32\CatRoot2
2011-05-14 21:24:24 ----SD---- C:\WINDOWS\Tasks
2011-05-14 21:23:59 ----D---- C:\Program Files\Steam
2011-05-14 21:23:42 ----AD---- C:\WINDOWS
2011-05-14 21:23:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-14 21:22:36 ----D---- C:\WINDOWS\system32\drivers\etc
2011-05-14 20:54:04 ----SHD---- C:\WINDOWS\Installer
2011-05-14 20:54:03 ----D---- C:\WINDOWS\system32\drivers
2011-05-14 20:54:03 ----D---- C:\WINDOWS\system32
2011-05-14 20:54:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo
2011-05-14 20:53:52 ----A---- C:\WINDOWS\system32\MRT.exe
2011-05-14 20:50:09 ----D---- C:\WINDOWS\system32\config
2011-05-14 20:49:45 ----D---- C:\WINDOWS\system32\wbem
2011-05-14 20:49:45 ----D---- C:\WINDOWS\Registration
2011-05-14 20:49:28 ----D---- C:\Documents and Settings\oem\Data aplikací\gtk-2.0
2011-05-14 20:49:25 ----D---- C:\Documents and Settings\oem\Data aplikací\dvdcss
2011-05-14 20:43:14 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-05-14 20:42:42 ----D---- C:\WINDOWS\system32\DirectX
2011-05-14 20:42:32 ----HD---- C:\WINDOWS\inf
2011-05-14 20:42:22 ----D---- C:\WINDOWS\WinSxS
2011-05-14 20:42:13 ----D---- C:\Program Files\Common Files\Java
2011-05-14 20:42:13 ----D---- C:\Program Files\Common Files
2011-05-14 20:41:34 ----D---- C:\Program Files\Microsoft Silverlight
2011-05-14 20:41:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-05-14 20:41:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-05-14 20:40:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-05-14 20:40:25 ----D---- C:\Program Files\Mozilla Firefox
2011-05-14 20:39:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-05-14 20:39:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-05-14 20:39:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-05-14 20:39:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-05-14 20:39:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-05-14 20:39:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-05-14 20:38:24 ----D---- C:\Program Files\Internet Explorer
2011-05-14 20:38:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-05-14 20:38:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2011-05-14 20:38:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-05-14 20:37:59 ----D---- C:\Games (x86)
2011-05-14 20:37:42 ----D---- C:\Program Files\Total War Shogun 2
2011-05-14 20:36:38 ----D---- C:\WINDOWS\Help
2011-05-14 20:36:23 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-05-14 20:21:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\BioWare
2011-05-14 10:05:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\LogMeIn
2011-05-09 13:08:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2011-05-02 10:51:04 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-04-29 15:52:23 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2011-04-28 17:36:23 ----D---- C:\ScanSoft Documents
2011-04-28 09:22:15 ----D---- C:\Documents and Settings\oem\Data aplikací\Vso
2011-04-27 20:56:37 ----A---- C:\WINDOWS\hpqcopy.INI
2011-04-26 16:40:45 ----A---- C:\WINDOWS\NeroDigital.ini
2011-04-22 18:18:16 ----D---- C:\Program Files\NVIDIA Corporation
2011-04-22 18:16:48 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-04-18 12:23:39 ----A---- C:\WINDOWS\system32\lsdelete.exe
2011-04-16 22:19:47 ----D---- C:\Documents and Settings\oem\Data aplikací\Skype
2011-04-16 20:45:39 ----D---- C:\Documents and Settings\oem\Data aplikací\skypePM
2011-04-16 10:16:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2011-04-16 10:05:09 ----A---- C:\WINDOWS\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-11-22 64288]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-07-09 45200]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2010-02-26 158272]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-02-26 646392]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\WINDOWS\system32\DRIVERS\tdrpm258.sys [2010-02-26 911680]
R0 timounter;Acronis Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2010-02-26 581984]
R0 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2006-04-22 24320]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-01-01 26024]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-03-26 278984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-03-26 25416]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2010-02-26 160288]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2010-07-22 108480]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-12-08 6017568]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-08-11 10144]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\WINDOWS\system32\DRIVERS\nusb3hub.sys [2009-11-20 58880]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys [2009-11-20 137728]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-01-08 9888672]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2010-11-12 100456]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-02-25 47360]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-07-28 143360]
R3 SDVPlus;Pinnacle Studio DVplus WDM Renderer; C:\WINDOWS\system32\DRIVERS\SDVPlus.sys [2001-05-15 42102]
R3 SNXPCARD;Golden Series Multiport Adapter Driver; C:\WINDOWS\system32\DRIVERS\snxpcard.sys [2008-11-04 17536]
R3 SNXPPALX;Golden Parallel Port Driver; C:\WINDOWS\system32\DRIVERS\snxppalx.sys [2008-11-04 78848]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S1 MpKsl0fe53727;MpKsl0fe53727; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2B80CF8C-CBB9-41AD-9E3C-E0E9432DE411}\MpKsl0fe53727.sys []
S1 MpKsl2ced0088;MpKsl2ced0088; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{027B96A4-A4E2-43F6-9982-C003113E659B}\MpKsl2ced0088.sys []
S1 MpKsl2d7702a1;MpKsl2d7702a1; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A717BFA7-7420-4C9B-9F89-DFCD751D9FB1}\MpKsl2d7702a1.sys []
S1 MpKsl400e64b9;MpKsl400e64b9; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{130D9B46-8D22-4849-B574-F8B8B398D848}\MpKsl400e64b9.sys []
S1 MpKsl514a6d66;MpKsl514a6d66; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{07D627A1-F63A-477F-8988-7910252C43FE}\MpKsl514a6d66.sys []
S1 MpKsl6f298348;MpKsl6f298348; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B4718C7D-A402-4A51-A20D-441AE9D09BDC}\MpKsl6f298348.sys []
S1 MpKsl8a2a4f95;MpKsl8a2a4f95; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E4C43C6-31BD-44C3-B641-1077B66A2F1C}\MpKsl8a2a4f95.sys []
S1 MpKsl9bf43ab7;MpKsl9bf43ab7; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{07D627A1-F63A-477F-8988-7910252C43FE}\MpKsl9bf43ab7.sys []
S1 MpKsl9eb04903;MpKsl9eb04903; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{399D6383-A111-4E43-BEED-949F916979CE}\MpKsl9eb04903.sys []
S1 MpKsla06b56cb;MpKsla06b56cb; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0D128381-19A9-4C13-88DD-244B97B0FE97}\MpKsla06b56cb.sys []
S1 MpKslb9ed1b0d;MpKslb9ed1b0d; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8F058040-8E14-4FBC-93D5-2517E1158294}\MpKslb9ed1b0d.sys []
S1 MpKsld4d333d4;MpKsld4d333d4; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8E0A6123-D1BB-49BF-8097-A6876F478066}\MpKsld4d333d4.sys []
S1 MpKsld5dadcea;MpKsld5dadcea; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{326C46C9-CD62-4B1F-8376-D9C7C44B7CBF}\MpKsld5dadcea.sys []
S1 MpKsldd76f118;MpKsldd76f118; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8C64056C-69DA-48F6-B900-F5DD3E16BCE9}\MpKsldd76f118.sys []
S1 MpKsleebcea5b;MpKsleebcea5b; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{68E75B6D-2FAA-4395-A774-BAA48866E52A}\MpKsleebcea5b.sys []
S1 MpKslf60cdccc;MpKslf60cdccc; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D34423CA-B98B-45E0-9C84-41FC70661504}\MpKslf60cdccc.sys []
S1 MpKslfe459b11;MpKslfe459b11; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{06A17B4C-3083-4B50-8F12-4A23A09DB0B1}\MpKslfe459b11.sys []
S2 ADILOADER;General Purpose USB Driver (adildr.sys); C:\WINDOWS\System32\Drivers\adildr.sys [2003-07-17 46167]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 a1matuo1;a1matuo1; C:\WINDOWS\system32\drivers\a1matuo1.sys []
S3 adiusbaw;USB ADSL WAN Adapter; C:\WINDOWS\system32\DRIVERS\adiusbaw.sys [2003-03-27 127145]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StMp3Rec;Player Recovery Device Control Driver; C:\WINDOWS\System32\Drivers\StMp3Rec.sys [2006-10-05 71539]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files\Common Files\Acronis\Plán2\schedul2.exe [2009-11-26 661008]
R2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2010-02-26 2480048]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-02-02 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-04-26 2146496]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2010-12-08 374152]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2010-12-08 136584]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2010-11-08 390528]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-01-07 156776]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-07-02 66872]
R2 SMART Board Service;Služba SMART Board; C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe [2008-08-08 2123048]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2010-02-25 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-25 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-25 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2011-01-12 4266480]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SMART SNMP Agent Service;SMART SNMP Agent Service; C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe [2008-07-31 1037608]
S3 SMART Web Server;Webový server SMART; C:\Program Files\SMART Technologies\SMART Board Drivers\WebServer.exe [2008-07-31 1205544]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-02-25 360192]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problém s připojením k netu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s připojením k netu
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s připojením k netu
Děkuji moc za radu, nechám proskenovat a poté sdělím výsledky. Ještě bych doplnil, jak chyba možná vnikla a jak se projevuje: Při instalaci softwaru COMODO Firewall Internet Security Free v poslední verzi, jsem zaškrtl volbu "Použít Comodo DNS servery" a zřejmě poté, po restartu, nastaly problémy s připojením. Na panelu Start, ale ikona hlásí, že počítač je připojen, rychlostí 100Mb/s, ale při spuštění kteréhokoliv webového prohlížeče, zahlásí prohlížeč chybovou hlášku - Spojení přerušeno, nelze načíst DNS server.
Domnívám se proto, že Comodo při instalaci přepsal původní DNS servery a IP adresu a následně vzniká nějaký konflikt.
Nepomohla ani odinstalace Comodo Firewallu, pokus o opravu připojení, pokus o obnovu původního nastavení Firewallu Windows.
Budu velmi vděčný, za případnou další radu, jak problém řešit...
Domnívám se proto, že Comodo při instalaci přepsal původní DNS servery a IP adresu a následně vzniká nějaký konflikt.
Nepomohla ani odinstalace Comodo Firewallu, pokus o opravu připojení, pokus o obnovu původního nastavení Firewallu Windows.
Budu velmi vděčný, za případnou další radu, jak problém řešit...
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s připojením k netu
Zkuste obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s připojením k netu
Log:
ComboFix 11-05-11.01 - oem 15.05.2011 13:18:44.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1530 [GMT 2:00]
Spuštěný z: c:\documents and settings\oem\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
ADS - WINDOWS: deleted 48 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\oem\Local Settings\Temporary Internet Files\SLOVA.WAV
c:\documents and settings\oem\WINDOWS
c:\program files\DaemonTools_WhenUSave_Installer
d:\dokumenty\DPE.DUS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-15 do 2011-05-15 )))))))))))))))))))))))))))))))
.
.
2011-05-15 09:38 . 2011-05-15 09:38 -------- d-----w- c:\program files\trend micro
2011-05-15 07:32 . 2011-05-15 07:32 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-05-15 07:32 . 2011-05-15 07:32 1060864 ----a-w- c:\windows\system32\mfc71.dll
2011-05-15 07:31 . 2011-05-15 07:31 -------- d-----r- C:\assembly
2011-05-15 07:18 . 2010-06-10 06:30 5588304 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{5CA5BE6B-D14C-48B1-A2BE-805E72A0EDB5}\mpengine.dll
2011-05-15 07:17 . 2011-05-15 07:17 -------- d-----w- c:\windows\system32\wbem\Repository
2011-05-14 23:09 . 2011-05-15 07:15 -------- d-----w- C:\ERDNT
2011-05-14 19:51 . 2011-05-14 19:51 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\Opera
2011-05-14 19:51 . 2011-05-15 07:15 -------- d-----w- c:\program files\Opera
2011-05-14 19:27 . 2011-05-14 19:30 -------- d-----w- C:\rsit
2011-05-14 18:43 . 2011-05-14 18:43 -------- d-----w- c:\documents and settings\oem\Data aplikací\NVIDIA
2011-05-14 18:42 . 2011-05-14 18:42 -------- d--h--w- c:\documents and settings\oem\InstallAnywhere
2011-05-14 18:42 . 2011-05-14 18:42 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\PackageAware
2011-05-14 18:42 . 2011-05-14 18:42 -------- d-----w- c:\documents and settings\oem\Data aplikací\Složka odesílání Share-to-Web
2011-05-14 18:42 . 2011-05-14 18:42 -------- d-----w- c:\program files\LANGMaster Škola DNES
2011-05-14 18:42 . 2011-05-14 18:42 -------- d--h--w- c:\windows\PIF
2011-05-14 18:42 . 2011-05-14 18:42 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\Castle_Age
2011-05-03 12:07 . 2011-05-15 07:16 -------- d-----w- c:\documents and settings\oem\Data aplikací\AVI ReComp
2011-05-03 12:04 . 2011-05-03 12:04 -------- d-----w- c:\program files\Gabest
2011-05-03 12:04 . 2011-05-15 07:15 -------- d-----w- c:\program files\Xvid
2011-05-03 12:04 . 2011-05-14 18:49 -------- d-----w- c:\program files\AviSynth 2.5
2011-05-03 12:04 . 2011-05-15 07:15 -------- d-----w- c:\program files\AVI ReComp
2011-04-26 13:32 . 2011-05-14 18:36 -------- d-----w- c:\program files\vso
2011-04-22 16:15 . 2011-04-22 16:15 252080 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-04-22 16:15 . 2011-04-22 16:15 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-04-22 16:15 . 2011-04-22 16:15 252080 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-04-22 16:15 . 2010-12-02 09:12 837224 ----a-w- c:\windows\system32\nvgenco32hda.dll
2011-04-22 16:15 . 2011-01-08 03:27 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-04-22 16:15 . 2011-01-08 03:27 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-04-22 16:15 . 2011-01-08 03:27 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-22 16:15 . 2011-01-08 03:27 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-04-22 16:14 . 2011-04-22 16:14 -------- d-----w- C:\NVIDIA
2011-04-16 08:54 . 2011-01-12 17:15 4266480 ----a-w- c:\windows\system32\GameMon.des
2011-04-16 08:54 . 2005-01-04 00:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2011-04-16 08:54 . 2003-07-20 09:17 5174 ----a-w- c:\windows\system32\nppt9x.vxd
2011-04-16 08:53 . 2011-04-16 08:53 -------- d-----w- c:\program files\Common Files\INCA Shared
2011-04-15 15:10 . 2011-04-15 15:14 -------- d--h--w- c:\program files\Zero G Registry
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-11 07:04 . 2010-05-31 10:20 7071056 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-03-07 05:33 . 2010-02-24 16:16 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:43 . 2004-08-17 13:49 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2004-08-17 13:44 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 15:40 . 2011-02-24 15:40 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-02-17 18:55 . 2004-08-17 13:49 832512 ----a-w- c:\windows\system32\wininet.dll
2011-02-17 18:55 . 2004-08-17 13:49 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-17 18:55 . 2004-08-17 13:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-02-17 18:55 . 2004-08-17 13:49 17408 ----a-w- c:\windows\system32\corpol.dll
2011-02-17 13:18 . 2004-08-03 21:15 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2004-08-03 21:14 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-17 11:44 . 2004-08-17 13:44 389120 ----a-w- c:\windows\system32\html.iec
2011-02-15 12:56 . 2004-08-17 13:48 290432 ----a-w- c:\windows\system32\atmfd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-25 39408]
"Active Desktop Calendar"="c:\program files\XemiComputers\Active Desktop Calendar\ADC.exe" [2009-10-02 5636608]
"Steam"="c:\program files\Steam\Steam.exe" [2011-04-14 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2006-04-29 94208]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-03 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-12-08 12:11 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" -lang 1033
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"OEXPRESS"=c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"RTHDCPL"=RTHDCPL.EXE
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /install
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" /s
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"PaperPort PTD"=c:\progra~1\scansoft\paperp~1\pptd40nt.exe
"Share-to-Web Namespace Daemon"=c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Služba Acronis Scheduler2"="c:\program files\Common Files\Acronis\Plán2\schedhlp.exe"
"TrueImageMonitor.exe"=c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [24.2.2011 17:40 64288]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.2.2010 12:31 646392]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\drivers\tdrpm258.sys [25.2.2010 20:21 911680]
R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [26.2.2010 14:41 2480048]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [26.4.2010 15:22 247096]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [30.9.2010 9:19 374152]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [26.2.2010 14:41 160288]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [20.11.2009 13:15 58880]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [20.11.2009 13:15 137728]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [24.2.2010 20:05 100456]
R3 SDVPlus;Pinnacle Studio DVplus WDM Renderer;c:\windows\system32\drivers\SDVPlus.sys [31.8.2007 10:45 42102]
R3 SNXPCARD;Golden Series Multiport Adapter Driver;c:\windows\system32\drivers\snxpcard.sys [25.2.2010 23:51 17536]
R3 SNXPPALX;Golden Parallel Port Driver;c:\windows\system32\drivers\snxppalx.sys [25.2.2010 23:51 78848]
S1 MpKsl0fe53727;MpKsl0fe53727;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2B80CF8C-CBB9-41AD-9E3C-E0E9432DE411}\MpKsl0fe53727.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2B80CF8C-CBB9-41AD-9E3C-E0E9432DE411}\MpKsl0fe53727.sys [?]
S1 MpKsl2ced0088;MpKsl2ced0088;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{027B96A4-A4E2-43F6-9982-C003113E659B}\MpKsl2ced0088.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{027B96A4-A4E2-43F6-9982-C003113E659B}\MpKsl2ced0088.sys [?]
S1 MpKsl2d7702a1;MpKsl2d7702a1;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A717BFA7-7420-4C9B-9F89-DFCD751D9FB1}\MpKsl2d7702a1.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A717BFA7-7420-4C9B-9F89-DFCD751D9FB1}\MpKsl2d7702a1.sys [?]
S1 MpKsl2f07b7eb;MpKsl2f07b7eb;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B91EA20D-B74A-40D4-9A4C-2D9969829449}\MpKsl2f07b7eb.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B91EA20D-B74A-40D4-9A4C-2D9969829449}\MpKsl2f07b7eb.sys [?]
S1 MpKsl2f0f6dc0;MpKsl2f0f6dc0;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{1F82D1FE-7A71-41C3-BC2E-E100C8E3A9C2}\MpKsl2f0f6dc0.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{1F82D1FE-7A71-41C3-BC2E-E100C8E3A9C2}\MpKsl2f0f6dc0.sys [?]
S1 MpKsl400e64b9;MpKsl400e64b9;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{130D9B46-8D22-4849-B574-F8B8B398D848}\MpKsl400e64b9.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{130D9B46-8D22-4849-B574-F8B8B398D848}\MpKsl400e64b9.sys [?]
S1 MpKsl514a6d66;MpKsl514a6d66;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{07D627A1-F63A-477F-8988-7910252C43FE}\MpKsl514a6d66.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{07D627A1-F63A-477F-8988-7910252C43FE}\MpKsl514a6d66.sys [?]
S1 MpKsl6f298348;MpKsl6f298348;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B4718C7D-A402-4A51-A20D-441AE9D09BDC}\MpKsl6f298348.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B4718C7D-A402-4A51-A20D-441AE9D09BDC}\MpKsl6f298348.sys [?]
S1 MpKsl89a10f63;MpKsl89a10f63;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3621F66B-2714-4384-AE08-C0A3FB92847C}\MpKsl89a10f63.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3621F66B-2714-4384-AE08-C0A3FB92847C}\MpKsl89a10f63.sys [?]
S1 MpKsl8a2a4f95;MpKsl8a2a4f95;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E4C43C6-31BD-44C3-B641-1077B66A2F1C}\MpKsl8a2a4f95.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E4C43C6-31BD-44C3-B641-1077B66A2F1C}\MpKsl8a2a4f95.sys [?]
S1 MpKsl9bf43ab7;MpKsl9bf43ab7;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{07D627A1-F63A-477F-8988-7910252C43FE}\MpKsl9bf43ab7.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{07D627A1-F63A-477F-8988-7910252C43FE}\MpKsl9bf43ab7.sys [?]
S1 MpKsl9eb04903;MpKsl9eb04903;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{399D6383-A111-4E43-BEED-949F916979CE}\MpKsl9eb04903.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{399D6383-A111-4E43-BEED-949F916979CE}\MpKsl9eb04903.sys [?]
S1 MpKsla06b56cb;MpKsla06b56cb;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0D128381-19A9-4C13-88DD-244B97B0FE97}\MpKsla06b56cb.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0D128381-19A9-4C13-88DD-244B97B0FE97}\MpKsla06b56cb.sys [?]
S1 MpKslb9ed1b0d;MpKslb9ed1b0d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8F058040-8E14-4FBC-93D5-2517E1158294}\MpKslb9ed1b0d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8F058040-8E14-4FBC-93D5-2517E1158294}\MpKslb9ed1b0d.sys [?]
S1 MpKsld4d333d4;MpKsld4d333d4;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8E0A6123-D1BB-49BF-8097-A6876F478066}\MpKsld4d333d4.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8E0A6123-D1BB-49BF-8097-A6876F478066}\MpKsld4d333d4.sys [?]
S1 MpKsld5dadcea;MpKsld5dadcea;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{326C46C9-CD62-4B1F-8376-D9C7C44B7CBF}\MpKsld5dadcea.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{326C46C9-CD62-4B1F-8376-D9C7C44B7CBF}\MpKsld5dadcea.sys [?]
S1 MpKsldd76f118;MpKsldd76f118;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8C64056C-69DA-48F6-B900-F5DD3E16BCE9}\MpKsldd76f118.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8C64056C-69DA-48F6-B900-F5DD3E16BCE9}\MpKsldd76f118.sys [?]
S1 MpKslea7f79c4;MpKslea7f79c4;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{482F23D9-41FB-41A2-9AB5-6BAEEC6C9829}\MpKslea7f79c4.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{482F23D9-41FB-41A2-9AB5-6BAEEC6C9829}\MpKslea7f79c4.sys [?]
S1 MpKsleebcea5b;MpKsleebcea5b;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{68E75B6D-2FAA-4395-A774-BAA48866E52A}\MpKsleebcea5b.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{68E75B6D-2FAA-4395-A774-BAA48866E52A}\MpKsleebcea5b.sys [?]
S1 MpKslf60cdccc;MpKslf60cdccc;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D34423CA-B98B-45E0-9C84-41FC70661504}\MpKslf60cdccc.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D34423CA-B98B-45E0-9C84-41FC70661504}\MpKslf60cdccc.sys [?]
S1 MpKslfe459b11;MpKslfe459b11;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{06A17B4C-3083-4B50-8F12-4A23A09DB0B1}\MpKslfe459b11.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{06A17B4C-3083-4B50-8F12-4A23A09DB0B1}\MpKslfe459b11.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.2.2010 22:40 135664]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [11.8.2008 13:41 12856]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [24.2.2010 18:46 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [25.2.2010 22:40 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [8.9.2010 13:28 38224]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SMART SNMP Agent Service;SMART SNMP Agent Service;c:\program files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe [31.7.2008 2:51 1037608]
S3 SMART Web Server;Webový server SMART;c:\program files\SMART Technologies\SMART Board Drivers\WebServer.exe [31.7.2008 2:50 1205544]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 14:37 517096]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-15 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
2011-05-15 c:\windows\Tasks\AdobeAAMUpdater-1.0-OEM-387A462E386-oem.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-03-03 18:28]
.
2011-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 20:40]
.
2011-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 20:40]
.
2011-05-15 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]
.
2011-05-15 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
Trusted Zone: mojebanka.cz\www
FF - ProfilePath - c:\documents and settings\oem\Data aplikací\Mozilla\Firefox\Profiles\mxdzg6fn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2536667&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-15 13:27
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-776561741-1993962763-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:e5,d2,0e,33,53,ee,8e,ae,d5,51,e3,0f,37,ad,91,3d,17,99,0b,cb,be,
92,d3,76,c9,e7,18,e8,97,40,b0,a3,6a,5a,c6,8d,19,6d,ad,28,19,17,6b,de,5f,64,\
"rkeysecu"=hex:49,bb,84,3e,80,58,2b,0f,f9,6e,a2,ba,05,5c,e0,2b
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components]
@Denied: (Full) (Everyone)
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
@="IE7 Uninstall Stub"
"ComponentID"="IEUDINIT"
"DontAsk"=dword:00000002
"IsInstalled"=dword:00000001
"Locale"="*"
"StubPath"="c:\\WINDOWS\\system32\\ieudinit.exe"
"Version"="7,0,5730,0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"DontAsk"=dword:00000002
"Version"="11,0,5721,5145"
"IsInstalled"=dword:00000000
"Stubpath"="c:\\WINDOWS\\inf\\unregmp2.exe /ShowWMP"
@="Windows Media Player"
"ComponentID"="WMPACCESS"
"Locale"="*"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
@="Internet Explorer"
"ComponentID"="IEACCESS"
"Dontask"=dword:00000002
"IsInstalled"=dword:00000001
"Locale"="*"
"StubPath"="c:\\WINDOWS\\system32\\ie4uinit.exe -UserIconConfig"
"Version"="6,0,5730,13"
"LocalizedName"="@c:\\WINDOWS\\system32\\ie4uinit.exe,-21"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
@="Browser Customizations"
"ComponentiD"="BRANDING.CAB"
"IsInstalled"=dword:00000001
"Locale"="*"
"LocalizedName"="@c:\\WINDOWS\\system32\\iedkcs32.dll,-3052"
"StubPath"="RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP"
"Version"="6,0,5730,13"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
@="Vlastní nastavení prohlížeče"
"ComponentID"="BRANDING.CAB"
"StubPath"="RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP"
"Version"="6,0,2900,2180"
"Locale"="*"
"IsInstalled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
@="Outlook Express"
"ComponentID"="OEACCESS"
"Dontask"=dword:00000002
"IsInstalled"=dword:00000001
"Locale"="*"
"StubPath"=expand:"%systemroot%\\system32\\shmgrate.exe OCInstallUserConfigOE"
"Version"="2,0,0,0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}]
@="Microsoft VM"
"ComponentID"="JAVAVM"
"IsInstalled"=dword:00000001
"KeyFileName"="c:\\WINDOWS\\system32\\msjava.dll"
"Version"="5,0,3810,0"
"Locale"="EN"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}]
@="Vykreslování vektorové grafiky (VML)"
"ComponentID"="MSVML"
"Version"="6,0,2462,0001"
"IsInstalled"=hex:01,00,00,00
"Locale"="EN"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
@=""
"ComponentID"="NetShow"
"IsInstalled"=dword:00000001
"DontAsk"=dword:00000002
"Locale"="CS"
"StubPath"=""
"Version"="11,0,5721,5145"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"ComponentID"="Microsoft Windows Media Player"
"DontAsk"=dword:00000002
"Locale"="CSY"
"StubPath"=""
"IsInstalled"=dword:00000001
@="Microsoft Windows Media Player 6.4"
"Version"="11,0,5721,5145"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{283807B5-2C60-11D0-A31D-00AA00B92C03}]
@="DirectAnimation"
"IsInstalled"=dword:00000001
"Version"="6,0,3,531"
"Locale"="CS"
"ComponentID"="DirectAnimation"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{2A3320D6-C805-4280-B423-B665BDE33D8F}]
"ComponentID"="M979906"
@="Microsoft .NET Framework 1.1 Security Update (KB979906)"
"Version"="1,1,4322"
"Locale"="*"
"IsInstalled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
@="Themes Setup"
"ComponentID"="Theme Component"
"IsInstalled"=dword:00000001
"Locale"="CS"
"StubPath"=expand:"%SystemRoot%\\system32\\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\\system32\\themeui.dll"
"Version"="1,1,1,7"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{2F6EFCE6-10DF-49F9-9E64-9AE3775B2588}]
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="1,1,4322"
"ComponentID"="M2416447"
@="Microsoft .NET Framework 1.1 Security Update (KB2416447)"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}]
@="Datové vazby jazyka DHTML pro jazyk Java"
"ComponentID"="TridataJava"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="4,7,0,0320"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}]
"Version"="7,0,5730,13"
@="Offline Browsing Pack"
"ComponentID"="MobilePk"
"IsInstalled"=dword:00000001
"Locale"="*"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}]
@="Uniscribe"
"ComponentID"="USP10"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="1,397,2406,1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{411EDCF7-755D-414E-A74B-3DCD6583F589}]
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="1,1,4322"
"ComponentID"="S867460"
@="Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{4278c270-a269-11d1-b5bf-0000f8051515}]
@="Vylepšené vytváření obsahu"
"ComponentID"="AdvAuth"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="6,0,2900,2180"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
"Version"="6,0,2900,5512"
@="Microsoft Outlook Express 6"
"IsInstalled"=dword:00000001
"Locale"="cs"
"ComponentID"="MailNews"
"CloneUser"=dword:00000001
"StubPath"=expand:"\"%ProgramFiles%\\Outlook Express\\setup50.exe\" /APP:OE /CALLER:WINNT /user /install"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
@="NetMeeting 3.01"
"ComponentID"="NetMeeting"
"IsInstalled"=hex:01,00,00,00
"Version"="4,4,0,3400"
"Locale"="CS"
"StubPath"="rundll32.exe advpack.dll,LaunchINFSection c:\\WINDOWS\\INF\\msnetmtg.inf,NetMtg.Install.PerUser.NT"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]
@="DirectShow"
"ComponentID"="activemovie"
"IsInstalled"=dword:00000001
"DontAsk"=dword:00000002
"Locale"="CS"
"Version"="11,0,5721,5145"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]
@="DirectDrawEx"
"ComponentID"="DirectDrawEx"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="4,71,1113,0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
@="Internet Explorer Help"
"ComponentID"="HelpCont"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="7,0,5730,13"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{4f216970-c90c-11d1-b5c7-0000f8051515}]
@="Třídy DirectAnimation jazyka Java"
"ComponentID"="DAJava"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="6,00,01,0223"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
@="Microsoft Windows Script 5.7"
"ComponentID"="MSVBScript"
"IsInstalled"=dword:00000001
"Locale"="CS"
"Version"="5,7,6002,22589"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{5056b317-8d4c-43ee-8543-b9d1e234b8f4}]
@="Aktualizace zabezpečení systému Windows XP (KB923789)"
"IsInstalled"=dword:00000001
"Version"="6,0,88,0"
"ComponentID"="KB923789"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
@="Windows Messenger 4.7"
"ComponentID"="Messenger"
"StubPath"="rundll32.exe advpack.dll,LaunchINFSection c:\\WINDOWS\\INF\\msmsgs.inf,BLC.QuietInstall.PerUser"
"Locale"="CS"
"Version"="4,7,0,3000"
"IsInstalled"=dword:00000001
"KeyFileName"="c:\\Program Files\\Messenger\\msmsgs.exe"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{5A8D6EE0-3E18-11D0-821E-444553540000}]
"(Default)"="Internet Connection Wizard"
"ComponentID"="ICW"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="5,00,2918,1900"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
@="Internet Explorer Setup Tools"
"ComponentID"="GenSetup"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="7,0,5730,13"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
"Version"="7,0,5730,13"
@="Browsing Enhancements"
"ComponentID"="ExtraPack"
"IsInstalled"=dword:00000001
"Locale"="*"
"KeyFileName"="c:\\WINDOWS\\system32\\msieftp.dll"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
@="Microsoft Windows Media Player"
"ComponentID"="Microsoft Windows Media Player"
"DontAsk"=dword:00000002
"Locale"="CSY"
"StubPath"="rundll32.exe advpack.dll,LaunchINFSection c:\\WINDOWS\\INF\\wmp11.inf,PerUserStub"
"IsInstalled"=dword:00000001
"Version"="11,0,5721,5145"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
@="MSN Site Access"
"ComponentID"="MSN_Auth"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="4,9,9,2"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
"Version"="10,0,0,1"
@="Web Folders"
"Locale"="*"
"IsInstalled"=dword:00000001
"ComponentID"="WebFolders"
"StubPath"=""
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
"Version"="6,0,2900,5512"
@="Adresář 6"
"IsInstalled"=dword:00000001
"Locale"="cs"
"ComponentID"="WAB"
"StubPath"=expand:"\"%ProgramFiles%\\Outlook Express\\setup50.exe\" /APP:WAB /CALLER:WINNT /user /install"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
"Version"="6,0,2900,5512"
@="Aktualizace plochy systému Windows"
"ComponentID"="IE4Shell_NT"
"IsInstalled"=dword:00000001
"Locale"="cs"
"StubPath"=expand:"regsvr32.exe /s /n /i:U shell32.dll"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
"Version"="7,0,5730,13"
@="Internet Explorer"
"ComponentID"="BASEIE40_W2K"
"IsInstalled"=dword:00000001
"Locale"="en"
"StubPath"="c:\\WINDOWS\\system32\\ie4uinit.exe -BaseSettings"
"LocalizedName"="@c:\\WINDOWS\\system32\\ie4uinit.exe,-20"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
"DontAsk"=dword:00000002
"StubPath"="c:\\WINDOWS\\system32\\Rundll32.exe c:\\WINDOWS\\system32\\mscories.dll,Install"
"IsInstalled"=dword:00000001
"ComponentID"="DOTNETFRAMEWORKS"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
@="Dynamic HTML Data Binding"
"ComponentID"="Tridata"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="7,0,5730,13"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}]
"Locale"=""
"Version"="2,0,50727,0"
"ComponentID"=".NETFramework"
@=".NET Framework"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}]
@="Internet Explorer Core Fonts"
"ComponentID"="Fontcore"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="6,0,5730,13"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]
"Locale"=""
"Version"="1,0,4322,1"
"ComponentID"=".NETFramework"
@=".NET Framework"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{CC2A9BA0-3BDD-11D0-821E-444553540000}]
@="Plánovač úloh"
"ComponentID"="MSTASK"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="4,71,1968,1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}]
"ComponentID"="Windows Movie Maker v2.0"
"IsInstalled"=hex:01,00,00,00
"Version"="2,0,3312,1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@="Adobe Flash Player"
"ComponentID"="Flash"
"IsInstalled"=hex:01,00,00,00
"Version"="10.0.45.2"
"Locale"="EN"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
@="HTML Help"
"ComponentID"="HTMLHelp"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="6,0,5730,13"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]
@="Active Directory Service Interface"
"ComponentID"="ADSI"
"IsInstalled"=hex:01,00,00,00
"Locale"="EN"
"Version"="5,0,00,0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(904)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Celkový čas: 2011-05-15 13:29:37
ComboFix-quarantined-files.txt 2011-05-15 11:29
.
Před spuštěním: Volných bajtů: 12 018 741 248
Po spuštění: Volných bajtů: 12 896 161 792
.
- - End Of File - - 755C4295C2734B6A1FA13F7E0D78DBED
Obnovu systému jsem již zkoušel k několikerým dřívějším datům, toto nepomáhá. Google Chrome hlásí chybovou hlášku: "Chyba 105(net::ERR_NAME_NOT_RESOLVED): Adresu DNS serveru nelze vyhledat."
Budu vděčný za další radu...
ComboFix 11-05-11.01 - oem 15.05.2011 13:18:44.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1530 [GMT 2:00]
Spuštěný z: c:\documents and settings\oem\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
ADS - WINDOWS: deleted 48 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\oem\Local Settings\Temporary Internet Files\SLOVA.WAV
c:\documents and settings\oem\WINDOWS
c:\program files\DaemonTools_WhenUSave_Installer
d:\dokumenty\DPE.DUS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-15 do 2011-05-15 )))))))))))))))))))))))))))))))
.
.
2011-05-15 09:38 . 2011-05-15 09:38 -------- d-----w- c:\program files\trend micro
2011-05-15 07:32 . 2011-05-15 07:32 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-05-15 07:32 . 2011-05-15 07:32 1060864 ----a-w- c:\windows\system32\mfc71.dll
2011-05-15 07:31 . 2011-05-15 07:31 -------- d-----r- C:\assembly
2011-05-15 07:18 . 2010-06-10 06:30 5588304 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{5CA5BE6B-D14C-48B1-A2BE-805E72A0EDB5}\mpengine.dll
2011-05-15 07:17 . 2011-05-15 07:17 -------- d-----w- c:\windows\system32\wbem\Repository
2011-05-14 23:09 . 2011-05-15 07:15 -------- d-----w- C:\ERDNT
2011-05-14 19:51 . 2011-05-14 19:51 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\Opera
2011-05-14 19:51 . 2011-05-15 07:15 -------- d-----w- c:\program files\Opera
2011-05-14 19:27 . 2011-05-14 19:30 -------- d-----w- C:\rsit
2011-05-14 18:43 . 2011-05-14 18:43 -------- d-----w- c:\documents and settings\oem\Data aplikací\NVIDIA
2011-05-14 18:42 . 2011-05-14 18:42 -------- d--h--w- c:\documents and settings\oem\InstallAnywhere
2011-05-14 18:42 . 2011-05-14 18:42 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\PackageAware
2011-05-14 18:42 . 2011-05-14 18:42 -------- d-----w- c:\documents and settings\oem\Data aplikací\Složka odesílání Share-to-Web
2011-05-14 18:42 . 2011-05-14 18:42 -------- d-----w- c:\program files\LANGMaster Škola DNES
2011-05-14 18:42 . 2011-05-14 18:42 -------- d--h--w- c:\windows\PIF
2011-05-14 18:42 . 2011-05-14 18:42 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\Castle_Age
2011-05-03 12:07 . 2011-05-15 07:16 -------- d-----w- c:\documents and settings\oem\Data aplikací\AVI ReComp
2011-05-03 12:04 . 2011-05-03 12:04 -------- d-----w- c:\program files\Gabest
2011-05-03 12:04 . 2011-05-15 07:15 -------- d-----w- c:\program files\Xvid
2011-05-03 12:04 . 2011-05-14 18:49 -------- d-----w- c:\program files\AviSynth 2.5
2011-05-03 12:04 . 2011-05-15 07:15 -------- d-----w- c:\program files\AVI ReComp
2011-04-26 13:32 . 2011-05-14 18:36 -------- d-----w- c:\program files\vso
2011-04-22 16:15 . 2011-04-22 16:15 252080 ----a-w- c:\windows\system32\nvdrsdb0.bin
2011-04-22 16:15 . 2011-04-22 16:15 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-04-22 16:15 . 2011-04-22 16:15 252080 ----a-w- c:\windows\system32\nvdrsdb1.bin
2011-04-22 16:15 . 2010-12-02 09:12 837224 ----a-w- c:\windows\system32\nvgenco32hda.dll
2011-04-22 16:15 . 2011-01-08 03:27 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2011-04-22 16:15 . 2011-01-08 03:27 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2011-04-22 16:15 . 2011-01-08 03:27 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-22 16:15 . 2011-01-08 03:27 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-04-22 16:14 . 2011-04-22 16:14 -------- d-----w- C:\NVIDIA
2011-04-16 08:54 . 2011-01-12 17:15 4266480 ----a-w- c:\windows\system32\GameMon.des
2011-04-16 08:54 . 2005-01-04 00:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2011-04-16 08:54 . 2003-07-20 09:17 5174 ----a-w- c:\windows\system32\nppt9x.vxd
2011-04-16 08:53 . 2011-04-16 08:53 -------- d-----w- c:\program files\Common Files\INCA Shared
2011-04-15 15:10 . 2011-04-15 15:14 -------- d--h--w- c:\program files\Zero G Registry
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-11 07:04 . 2010-05-31 10:20 7071056 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-03-07 05:33 . 2010-02-24 16:16 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:43 . 2004-08-17 13:49 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2004-08-17 13:44 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 15:40 . 2011-02-24 15:40 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-02-17 18:55 . 2004-08-17 13:49 832512 ----a-w- c:\windows\system32\wininet.dll
2011-02-17 18:55 . 2004-08-17 13:49 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-17 18:55 . 2004-08-17 13:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-02-17 18:55 . 2004-08-17 13:49 17408 ----a-w- c:\windows\system32\corpol.dll
2011-02-17 13:18 . 2004-08-03 21:15 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2004-08-03 21:14 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2008-05-05 06:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-17 11:44 . 2004-08-17 13:44 389120 ----a-w- c:\windows\system32\html.iec
2011-02-15 12:56 . 2004-08-17 13:48 290432 ----a-w- c:\windows\system32\atmfd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-25 39408]
"Active Desktop Calendar"="c:\program files\XemiComputers\Active Desktop Calendar\ADC.exe" [2009-10-02 5636608]
"Steam"="c:\program files\Steam\Steam.exe" [2011-04-14 1242448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2006-04-29 94208]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-03 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-12-08 12:11 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" -lang 1033
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"OEXPRESS"=c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"RTHDCPL"=RTHDCPL.EXE
"nwiz"=c:\program files\NVIDIA Corporation\nView\nwiz.exe /install
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"NvCplDaemon"=RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" /s
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"PaperPort PTD"=c:\progra~1\scansoft\paperp~1\pptd40nt.exe
"Share-to-Web Namespace Daemon"=c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Služba Acronis Scheduler2"="c:\program files\Common Files\Acronis\Plán2\schedhlp.exe"
"TrueImageMonitor.exe"=c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [24.2.2011 17:40 64288]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.2.2010 12:31 646392]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\drivers\tdrpm258.sys [25.2.2010 20:21 911680]
R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [26.2.2010 14:41 2480048]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [26.4.2010 15:22 247096]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [30.9.2010 9:19 374152]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [26.2.2010 14:41 160288]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [20.11.2009 13:15 58880]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [20.11.2009 13:15 137728]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [24.2.2010 20:05 100456]
R3 SDVPlus;Pinnacle Studio DVplus WDM Renderer;c:\windows\system32\drivers\SDVPlus.sys [31.8.2007 10:45 42102]
R3 SNXPCARD;Golden Series Multiport Adapter Driver;c:\windows\system32\drivers\snxpcard.sys [25.2.2010 23:51 17536]
R3 SNXPPALX;Golden Parallel Port Driver;c:\windows\system32\drivers\snxppalx.sys [25.2.2010 23:51 78848]
S1 MpKsl0fe53727;MpKsl0fe53727;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2B80CF8C-CBB9-41AD-9E3C-E0E9432DE411}\MpKsl0fe53727.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{2B80CF8C-CBB9-41AD-9E3C-E0E9432DE411}\MpKsl0fe53727.sys [?]
S1 MpKsl2ced0088;MpKsl2ced0088;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{027B96A4-A4E2-43F6-9982-C003113E659B}\MpKsl2ced0088.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{027B96A4-A4E2-43F6-9982-C003113E659B}\MpKsl2ced0088.sys [?]
S1 MpKsl2d7702a1;MpKsl2d7702a1;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A717BFA7-7420-4C9B-9F89-DFCD751D9FB1}\MpKsl2d7702a1.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{A717BFA7-7420-4C9B-9F89-DFCD751D9FB1}\MpKsl2d7702a1.sys [?]
S1 MpKsl2f07b7eb;MpKsl2f07b7eb;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B91EA20D-B74A-40D4-9A4C-2D9969829449}\MpKsl2f07b7eb.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B91EA20D-B74A-40D4-9A4C-2D9969829449}\MpKsl2f07b7eb.sys [?]
S1 MpKsl2f0f6dc0;MpKsl2f0f6dc0;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{1F82D1FE-7A71-41C3-BC2E-E100C8E3A9C2}\MpKsl2f0f6dc0.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{1F82D1FE-7A71-41C3-BC2E-E100C8E3A9C2}\MpKsl2f0f6dc0.sys [?]
S1 MpKsl400e64b9;MpKsl400e64b9;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{130D9B46-8D22-4849-B574-F8B8B398D848}\MpKsl400e64b9.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{130D9B46-8D22-4849-B574-F8B8B398D848}\MpKsl400e64b9.sys [?]
S1 MpKsl514a6d66;MpKsl514a6d66;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{07D627A1-F63A-477F-8988-7910252C43FE}\MpKsl514a6d66.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{07D627A1-F63A-477F-8988-7910252C43FE}\MpKsl514a6d66.sys [?]
S1 MpKsl6f298348;MpKsl6f298348;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B4718C7D-A402-4A51-A20D-441AE9D09BDC}\MpKsl6f298348.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{B4718C7D-A402-4A51-A20D-441AE9D09BDC}\MpKsl6f298348.sys [?]
S1 MpKsl89a10f63;MpKsl89a10f63;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3621F66B-2714-4384-AE08-C0A3FB92847C}\MpKsl89a10f63.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{3621F66B-2714-4384-AE08-C0A3FB92847C}\MpKsl89a10f63.sys [?]
S1 MpKsl8a2a4f95;MpKsl8a2a4f95;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E4C43C6-31BD-44C3-B641-1077B66A2F1C}\MpKsl8a2a4f95.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{7E4C43C6-31BD-44C3-B641-1077B66A2F1C}\MpKsl8a2a4f95.sys [?]
S1 MpKsl9bf43ab7;MpKsl9bf43ab7;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{07D627A1-F63A-477F-8988-7910252C43FE}\MpKsl9bf43ab7.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{07D627A1-F63A-477F-8988-7910252C43FE}\MpKsl9bf43ab7.sys [?]
S1 MpKsl9eb04903;MpKsl9eb04903;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{399D6383-A111-4E43-BEED-949F916979CE}\MpKsl9eb04903.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{399D6383-A111-4E43-BEED-949F916979CE}\MpKsl9eb04903.sys [?]
S1 MpKsla06b56cb;MpKsla06b56cb;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0D128381-19A9-4C13-88DD-244B97B0FE97}\MpKsla06b56cb.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{0D128381-19A9-4C13-88DD-244B97B0FE97}\MpKsla06b56cb.sys [?]
S1 MpKslb9ed1b0d;MpKslb9ed1b0d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8F058040-8E14-4FBC-93D5-2517E1158294}\MpKslb9ed1b0d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8F058040-8E14-4FBC-93D5-2517E1158294}\MpKslb9ed1b0d.sys [?]
S1 MpKsld4d333d4;MpKsld4d333d4;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8E0A6123-D1BB-49BF-8097-A6876F478066}\MpKsld4d333d4.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8E0A6123-D1BB-49BF-8097-A6876F478066}\MpKsld4d333d4.sys [?]
S1 MpKsld5dadcea;MpKsld5dadcea;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{326C46C9-CD62-4B1F-8376-D9C7C44B7CBF}\MpKsld5dadcea.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{326C46C9-CD62-4B1F-8376-D9C7C44B7CBF}\MpKsld5dadcea.sys [?]
S1 MpKsldd76f118;MpKsldd76f118;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8C64056C-69DA-48F6-B900-F5DD3E16BCE9}\MpKsldd76f118.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{8C64056C-69DA-48F6-B900-F5DD3E16BCE9}\MpKsldd76f118.sys [?]
S1 MpKslea7f79c4;MpKslea7f79c4;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{482F23D9-41FB-41A2-9AB5-6BAEEC6C9829}\MpKslea7f79c4.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{482F23D9-41FB-41A2-9AB5-6BAEEC6C9829}\MpKslea7f79c4.sys [?]
S1 MpKsleebcea5b;MpKsleebcea5b;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{68E75B6D-2FAA-4395-A774-BAA48866E52A}\MpKsleebcea5b.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{68E75B6D-2FAA-4395-A774-BAA48866E52A}\MpKsleebcea5b.sys [?]
S1 MpKslf60cdccc;MpKslf60cdccc;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D34423CA-B98B-45E0-9C84-41FC70661504}\MpKslf60cdccc.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D34423CA-B98B-45E0-9C84-41FC70661504}\MpKslf60cdccc.sys [?]
S1 MpKslfe459b11;MpKslfe459b11;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{06A17B4C-3083-4B50-8F12-4A23A09DB0B1}\MpKslfe459b11.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{06A17B4C-3083-4B50-8F12-4A23A09DB0B1}\MpKslfe459b11.sys [?]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.2.2010 22:40 135664]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [11.8.2008 13:41 12856]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [24.2.2010 18:46 1691480]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [25.2.2010 22:40 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [8.9.2010 13:28 38224]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SMART SNMP Agent Service;SMART SNMP Agent Service;c:\program files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe [31.7.2008 2:51 1037608]
S3 SMART Web Server;Webový server SMART;c:\program files\SMART Technologies\SMART Board Drivers\WebServer.exe [31.7.2008 2:50 1205544]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 14:37 517096]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-15 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
2011-05-15 c:\windows\Tasks\AdobeAAMUpdater-1.0-OEM-387A462E386-oem.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-03-03 18:28]
.
2011-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 20:40]
.
2011-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-25 20:40]
.
2011-05-15 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]
.
2011-05-15 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
Trusted Zone: mojebanka.cz\www
FF - ProfilePath - c:\documents and settings\oem\Data aplikací\Mozilla\Firefox\Profiles\mxdzg6fn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2536667&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-15 13:27
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-776561741-1993962763-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:e5,d2,0e,33,53,ee,8e,ae,d5,51,e3,0f,37,ad,91,3d,17,99,0b,cb,be,
92,d3,76,c9,e7,18,e8,97,40,b0,a3,6a,5a,c6,8d,19,6d,ad,28,19,17,6b,de,5f,64,\
"rkeysecu"=hex:49,bb,84,3e,80,58,2b,0f,f9,6e,a2,ba,05,5c,e0,2b
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components]
@Denied: (Full) (Everyone)
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
@="IE7 Uninstall Stub"
"ComponentID"="IEUDINIT"
"DontAsk"=dword:00000002
"IsInstalled"=dword:00000001
"Locale"="*"
"StubPath"="c:\\WINDOWS\\system32\\ieudinit.exe"
"Version"="7,0,5730,0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"DontAsk"=dword:00000002
"Version"="11,0,5721,5145"
"IsInstalled"=dword:00000000
"Stubpath"="c:\\WINDOWS\\inf\\unregmp2.exe /ShowWMP"
@="Windows Media Player"
"ComponentID"="WMPACCESS"
"Locale"="*"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
@="Internet Explorer"
"ComponentID"="IEACCESS"
"Dontask"=dword:00000002
"IsInstalled"=dword:00000001
"Locale"="*"
"StubPath"="c:\\WINDOWS\\system32\\ie4uinit.exe -UserIconConfig"
"Version"="6,0,5730,13"
"LocalizedName"="@c:\\WINDOWS\\system32\\ie4uinit.exe,-21"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
@="Browser Customizations"
"ComponentiD"="BRANDING.CAB"
"IsInstalled"=dword:00000001
"Locale"="*"
"LocalizedName"="@c:\\WINDOWS\\system32\\iedkcs32.dll,-3052"
"StubPath"="RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP"
"Version"="6,0,5730,13"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
@="Vlastní nastavení prohlížeče"
"ComponentID"="BRANDING.CAB"
"StubPath"="RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP"
"Version"="6,0,2900,2180"
"Locale"="*"
"IsInstalled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
@="Outlook Express"
"ComponentID"="OEACCESS"
"Dontask"=dword:00000002
"IsInstalled"=dword:00000001
"Locale"="*"
"StubPath"=expand:"%systemroot%\\system32\\shmgrate.exe OCInstallUserConfigOE"
"Version"="2,0,0,0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}]
@="Microsoft VM"
"ComponentID"="JAVAVM"
"IsInstalled"=dword:00000001
"KeyFileName"="c:\\WINDOWS\\system32\\msjava.dll"
"Version"="5,0,3810,0"
"Locale"="EN"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{10072CEC-8CC1-11D1-986E-00A0C955B42F}]
@="Vykreslování vektorové grafiky (VML)"
"ComponentID"="MSVML"
"Version"="6,0,2462,0001"
"IsInstalled"=hex:01,00,00,00
"Locale"="EN"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}]
@=""
"ComponentID"="NetShow"
"IsInstalled"=dword:00000001
"DontAsk"=dword:00000002
"Locale"="CS"
"StubPath"=""
"Version"="11,0,5721,5145"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"ComponentID"="Microsoft Windows Media Player"
"DontAsk"=dword:00000002
"Locale"="CSY"
"StubPath"=""
"IsInstalled"=dword:00000001
@="Microsoft Windows Media Player 6.4"
"Version"="11,0,5721,5145"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{283807B5-2C60-11D0-A31D-00AA00B92C03}]
@="DirectAnimation"
"IsInstalled"=dword:00000001
"Version"="6,0,3,531"
"Locale"="CS"
"ComponentID"="DirectAnimation"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{2A3320D6-C805-4280-B423-B665BDE33D8F}]
"ComponentID"="M979906"
@="Microsoft .NET Framework 1.1 Security Update (KB979906)"
"Version"="1,1,4322"
"Locale"="*"
"IsInstalled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
@="Themes Setup"
"ComponentID"="Theme Component"
"IsInstalled"=dword:00000001
"Locale"="CS"
"StubPath"=expand:"%SystemRoot%\\system32\\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\\system32\\themeui.dll"
"Version"="1,1,1,7"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{2F6EFCE6-10DF-49F9-9E64-9AE3775B2588}]
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="1,1,4322"
"ComponentID"="M2416447"
@="Microsoft .NET Framework 1.1 Security Update (KB2416447)"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{36f8ec70-c29a-11d1-b5c7-0000f8051515}]
@="Datové vazby jazyka DHTML pro jazyk Java"
"ComponentID"="TridataJava"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="4,7,0,0320"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}]
"Version"="7,0,5730,13"
@="Offline Browsing Pack"
"ComponentID"="MobilePk"
"IsInstalled"=dword:00000001
"Locale"="*"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{3bf42070-b3b1-11d1-b5c5-0000f8051515}]
@="Uniscribe"
"ComponentID"="USP10"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="1,397,2406,1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{411EDCF7-755D-414E-A74B-3DCD6583F589}]
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="1,1,4322"
"ComponentID"="S867460"
@="Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{4278c270-a269-11d1-b5bf-0000f8051515}]
@="Vylepšené vytváření obsahu"
"ComponentID"="AdvAuth"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="6,0,2900,2180"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
"Version"="6,0,2900,5512"
@="Microsoft Outlook Express 6"
"IsInstalled"=dword:00000001
"Locale"="cs"
"ComponentID"="MailNews"
"CloneUser"=dword:00000001
"StubPath"=expand:"\"%ProgramFiles%\\Outlook Express\\setup50.exe\" /APP:OE /CALLER:WINNT /user /install"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
@="NetMeeting 3.01"
"ComponentID"="NetMeeting"
"IsInstalled"=hex:01,00,00,00
"Version"="4,4,0,3400"
"Locale"="CS"
"StubPath"="rundll32.exe advpack.dll,LaunchINFSection c:\\WINDOWS\\INF\\msnetmtg.inf,NetMtg.Install.PerUser.NT"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{44BBA848-CC51-11CF-AAFA-00AA00B6015C}]
@="DirectShow"
"ComponentID"="activemovie"
"IsInstalled"=dword:00000001
"DontAsk"=dword:00000002
"Locale"="CS"
"Version"="11,0,5721,5145"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}]
@="DirectDrawEx"
"ComponentID"="DirectDrawEx"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="4,71,1113,0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}]
@="Internet Explorer Help"
"ComponentID"="HelpCont"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="7,0,5730,13"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{4f216970-c90c-11d1-b5c7-0000f8051515}]
@="Třídy DirectAnimation jazyka Java"
"ComponentID"="DAJava"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="6,00,01,0223"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}]
@="Microsoft Windows Script 5.7"
"ComponentID"="MSVBScript"
"IsInstalled"=dword:00000001
"Locale"="CS"
"Version"="5,7,6002,22589"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{5056b317-8d4c-43ee-8543-b9d1e234b8f4}]
@="Aktualizace zabezpečení systému Windows XP (KB923789)"
"IsInstalled"=dword:00000001
"Version"="6,0,88,0"
"ComponentID"="KB923789"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
@="Windows Messenger 4.7"
"ComponentID"="Messenger"
"StubPath"="rundll32.exe advpack.dll,LaunchINFSection c:\\WINDOWS\\INF\\msmsgs.inf,BLC.QuietInstall.PerUser"
"Locale"="CS"
"Version"="4,7,0,3000"
"IsInstalled"=dword:00000001
"KeyFileName"="c:\\Program Files\\Messenger\\msmsgs.exe"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{5A8D6EE0-3E18-11D0-821E-444553540000}]
"(Default)"="Internet Connection Wizard"
"ComponentID"="ICW"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="5,00,2918,1900"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}]
@="Internet Explorer Setup Tools"
"ComponentID"="GenSetup"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="7,0,5730,13"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}]
"Version"="7,0,5730,13"
@="Browsing Enhancements"
"ComponentID"="ExtraPack"
"IsInstalled"=dword:00000001
"Locale"="*"
"KeyFileName"="c:\\WINDOWS\\system32\\msieftp.dll"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
@="Microsoft Windows Media Player"
"ComponentID"="Microsoft Windows Media Player"
"DontAsk"=dword:00000002
"Locale"="CSY"
"StubPath"="rundll32.exe advpack.dll,LaunchINFSection c:\\WINDOWS\\INF\\wmp11.inf,PerUserStub"
"IsInstalled"=dword:00000001
"Version"="11,0,5721,5145"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}]
@="MSN Site Access"
"ComponentID"="MSN_Auth"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="4,9,9,2"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9}]
"Version"="10,0,0,1"
@="Web Folders"
"Locale"="*"
"IsInstalled"=dword:00000001
"ComponentID"="WebFolders"
"StubPath"=""
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
"Version"="6,0,2900,5512"
@="Adresář 6"
"IsInstalled"=dword:00000001
"Locale"="cs"
"ComponentID"="WAB"
"StubPath"=expand:"\"%ProgramFiles%\\Outlook Express\\setup50.exe\" /APP:WAB /CALLER:WINNT /user /install"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
"Version"="6,0,2900,5512"
@="Aktualizace plochy systému Windows"
"ComponentID"="IE4Shell_NT"
"IsInstalled"=dword:00000001
"Locale"="cs"
"StubPath"=expand:"regsvr32.exe /s /n /i:U shell32.dll"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
"Version"="7,0,5730,13"
@="Internet Explorer"
"ComponentID"="BASEIE40_W2K"
"IsInstalled"=dword:00000001
"Locale"="en"
"StubPath"="c:\\WINDOWS\\system32\\ie4uinit.exe -BaseSettings"
"LocalizedName"="@c:\\WINDOWS\\system32\\ie4uinit.exe,-20"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
"DontAsk"=dword:00000002
"StubPath"="c:\\WINDOWS\\system32\\Rundll32.exe c:\\WINDOWS\\system32\\mscories.dll,Install"
"IsInstalled"=dword:00000001
"ComponentID"="DOTNETFRAMEWORKS"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}]
@="Dynamic HTML Data Binding"
"ComponentID"="Tridata"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="7,0,5730,13"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}]
"Locale"=""
"Version"="2,0,50727,0"
"ComponentID"=".NETFramework"
@=".NET Framework"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}]
@="Internet Explorer Core Fonts"
"ComponentID"="Fontcore"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="6,0,5730,13"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]
"Locale"=""
"Version"="1,0,4322,1"
"ComponentID"=".NETFramework"
@=".NET Framework"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{CC2A9BA0-3BDD-11D0-821E-444553540000}]
@="Plánovač úloh"
"ComponentID"="MSTASK"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="4,71,1968,1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{CDD7975E-60F8-41d5-8149-19E51D6F71D0}]
"ComponentID"="Windows Movie Maker v2.0"
"IsInstalled"=hex:01,00,00,00
"Version"="2,0,3312,1"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@="Adobe Flash Player"
"ComponentID"="Flash"
"IsInstalled"=hex:01,00,00,00
"Version"="10.0.45.2"
"Locale"="EN"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}]
@="HTML Help"
"ComponentID"="HTMLHelp"
"IsInstalled"=dword:00000001
"Locale"="*"
"Version"="6,0,5730,13"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}]
@="Active Directory Service Interface"
"ComponentID"="ADSI"
"IsInstalled"=hex:01,00,00,00
"Locale"="EN"
"Version"="5,0,00,0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(904)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Celkový čas: 2011-05-15 13:29:37
ComboFix-quarantined-files.txt 2011-05-15 11:29
.
Před spuštěním: Volných bajtů: 12 018 741 248
Po spuštění: Volných bajtů: 12 896 161 792
.
- - End Of File - - 755C4295C2734B6A1FA13F7E0D78DBED
Obnovu systému jsem již zkoušel k několikerým dřívějším datům, toto nepomáhá. Google Chrome hlásí chybovou hlášku: "Chyba 105(net::ERR_NAME_NOT_RESOLVED): Adresu DNS serveru nelze vyhledat."
Budu vděčný za další radu...
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s připojením k netu
1. Několik infikovaných položek CF smazal, zbytek logu vypadá čistý.
2. Použijte WinsockFix: http://www.spyware.cz/go.php?p=spyware&t=aplikace&id=22 . Utilita reinstaluje protokol TCP/IP. Máte-li parametry sítě zadány ručně, budete je muset po restartu PC znovu zadat.
2. Použijte WinsockFix: http://www.spyware.cz/go.php?p=spyware&t=aplikace&id=22 . Utilita reinstaluje protokol TCP/IP. Máte-li parametry sítě zadány ručně, budete je muset po restartu PC znovu zadat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?