Poprosim preventivne o kontrolu logu.Nejak pomaly mi nacitava stranky v chrome.Dakujem.///////////////////////////////////////////////Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-06-08 13:26:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (25%) free of 8 GB
Total RAM: 511 MB (31% free)
======Scheduled tasks folder======
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GlaryUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\PandaUSBVaccine.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - D:\ANTIVIRY\Avast\aswWebRepIE.dll [2011-05-10 819840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - D:\ANTIVIRY\Avast\aswWebRepIE.dll [2011-05-10 819840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cfp.exe [2011-06-05 2552648]
"avast"=D:\ANTIVIRY\Avast\avastUI.exe [2011-05-10 3459712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"sdCoreService"=2
"sdAuxService"=2
"RasMan"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dwshd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dwshd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoInstrumentation"=1
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\My Download Files\Subory\Skype\Phone\Skype.exe"="D:\My Download Files\Subory\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\My Download Files\Subory\Skype\Plugin Manager\skypePM.exe"="D:\My Download Files\Subory\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\Administrator\Plocha\Skype.exe"="C:\Documents and Settings\Administrator\Plocha\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2011-06-08 13:26:18 ----D---- C:\rsit
2011-06-07 14:29:45 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
2011-06-07 12:45:03 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-06-07 12:45:03 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-06-07 12:44:12 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-06-07 12:44:12 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-06-07 12:44:12 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-06-07 12:44:11 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-06-07 12:44:11 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-06-07 12:44:11 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-06-07 12:43:36 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-06-07 12:43:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-06-05 14:12:30 ----HD---- C:\VritualRoot
2011-06-05 12:38:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo
2011-06-04 13:42:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Auslogics
2011-06-04 13:35:01 ----A---- C:\WINDOWS\system32\drivers\revoflt.sys
2011-06-03 22:20:52 ----HDC---- C:\WINDOWS\ie8
2011-06-03 20:51:50 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
2011-06-03 20:51:04 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-06-03 20:50:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-06-03 20:50:30 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-06-03 13:27:30 ----D---- C:\Documents and Settings\Administrator\Data aplikací\GlarySoft
2011-05-31 17:00:39 ----A---- C:\WINDOWS\ScanSpyware.INI
2011-05-30 15:38:37 ----D---- C:\Program Files\Google
2011-05-30 15:25:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-27 16:04:57 ----HD---- C:\WINDOWS\PIF
2011-05-26 17:11:23 ----D---- C:\Program Files\Trend Micro
2011-05-26 16:51:38 ----SHD---- C:\RECYCLER
2011-05-26 16:47:00 ----D---- C:\WINDOWS\temp
2011-05-26 16:16:14 ----ASH---- C:\pagefile.sys
2011-05-25 17:43:53 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Tific
2011-05-25 16:19:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Panda Security
2011-05-25 12:29:41 ----D---- C:\Program Files\SpaceMonger
2011-05-25 12:26:35 ----D---- C:\Documents and Settings\Administrator\Data aplikací\SpaceMonger
2011-05-23 09:05:15 ----D---- C:\Documents and Settings\Administrator\Data aplikací\CCleanup
2011-05-21 15:19:24 ----A---- C:\WINDOWS\ModemLog_Nokia 6600i slide USB Modem.txt
2011-05-21 14:54:35 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2011-05-20 15:47:27 ----DC---- C:\WINDOWS\$968930Uinstall_KB968930$
2011-05-20 10:42:30 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2011-05-19 16:27:37 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2011-05-19 16:27:35 ----D---- C:\WINDOWS\system32\winrm
2011-05-19 16:22:25 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2011-05-18 17:53:44 ----A---- C:\WINDOWS\system32\gdiplus.dll
2011-05-17 14:01:46 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Business Logic
2011-05-16 17:56:00 ----A---- C:\WINDOWS\UC.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\RAR.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\PKZIP.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\PKUNZIP.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\NOCLOSE.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\LHA.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\ARJ.PIF
2011-05-15 15:34:48 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2011-05-15 12:55:53 ----A---- C:\WINDOWS\system32\drivers\prodigy.sys
2011-05-15 12:20:46 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2011-05-15 12:20:44 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2011-05-15 12:20:42 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011-05-15 12:20:35 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-05-15 12:20:35 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2011-05-15 12:20:35 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2011-05-15 12:20:35 ----A---- C:\WINDOWS\system32\ccdcmbwu.dll
2011-05-12 12:48:37 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2011-05-11 19:54:11 ----D---- C:\WINDOWS\Prefetch
2011-05-11 18:44:40 ----D---- C:\Program Files\Messenger
2011-05-11 18:43:58 ----D---- C:\WINDOWS\l2schemas
2011-05-11 18:43:57 ----D---- C:\WINDOWS\system32\cs
2011-05-11 18:43:56 ----D---- C:\WINDOWS\system32\bits
2011-05-11 18:33:31 ----D---- C:\WINDOWS\network diagnostic
2011-05-11 17:46:23 ----A---- C:\WINDOWS\system32\MRT.exe
2011-05-11 09:03:23 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Software Informer
======List of files/folders modified in the last 1 months======
2011-06-08 13:26:14 ----D---- C:\WINDOWS\system32\CatRoot2
2011-06-07 15:34:25 ----D---- C:\WINDOWS
2011-06-07 14:56:01 ----D---- C:\WINDOWS\system32
2011-06-07 14:46:31 ----SHD---- C:\System Volume Information
2011-06-07 12:45:03 ----D---- C:\WINDOWS\system32\drivers
2011-06-07 12:44:01 ----D---- C:\WINDOWS\WinSxS
2011-06-07 12:43:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-07 12:43:56 ----SHD---- C:\WINDOWS\Installer
2011-06-05 13:07:32 ----A---- C:\WINDOWS\system32\guard32.dll
2011-06-03 22:24:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-03 22:24:53 ----HD---- C:\WINDOWS\inf
2011-06-03 22:24:53 ----D---- C:\WINDOWS\Help
2011-06-03 22:24:53 ----D---- C:\Program Files\Internet Explorer
2011-06-03 22:22:41 ----D---- C:\WINDOWS\WBEM
2011-06-03 22:22:41 ----D---- C:\WINDOWS\system32\cs-CZ
2011-06-03 22:22:30 ----D---- C:\WINDOWS\Media
2011-06-03 22:21:37 ----D---- C:\WINDOWS\system32\CatRoot
2011-06-03 22:14:52 ----D---- C:\WINDOWS\ie8updates
2011-06-03 17:47:43 ----ASH---- C:\boot.ini
2011-06-03 17:47:43 ----A---- C:\WINDOWS\win.ini
2011-06-03 17:47:43 ----A---- C:\WINDOWS\system.ini
2011-06-03 14:49:45 ----SD---- C:\WINDOWS\Tasks
2011-06-03 13:32:50 ----RD---- C:\Program Files
2011-06-03 13:32:46 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-06-02 13:25:02 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-06-01 16:20:12 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Thinstall
2011-06-01 09:12:18 ----D---- C:\WINDOWS\system
2011-06-01 08:12:51 ----D---- C:\Program Files\Common Files
2011-05-31 14:47:04 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-05-31 14:06:24 ----D---- C:\WINDOWS\system32\config
2011-05-31 13:56:59 ----D---- C:\WINDOWS\system32\Restore
2011-05-29 20:39:59 ----D---- C:\WINDOWS\Debug
2011-05-29 20:39:56 ----D---- C:\WINDOWS\Minidump
2011-05-29 16:02:26 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2011-05-28 13:12:18 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
2011-05-26 18:50:54 ----D---- C:\WINDOWS\system32\NtmsData
2011-05-26 18:49:39 ----D---- C:\WINDOWS\Registration
2011-05-26 17:58:39 ----D---- C:\WINDOWS\system32\drivers\etc
2011-05-26 17:32:25 ----D---- C:\WINDOWS\pss
2011-05-26 16:50:22 ----AD---- C:\Qoobox
2011-05-26 16:37:05 ----D---- C:\WINDOWS\AppPatch
2011-05-26 14:36:18 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-05-26 13:28:18 ----HD---- C:\Documents and Settings\All Users\Data aplikací\~0
2011-05-25 15:43:43 ----RSD---- C:\WINDOWS\Fonts
2011-05-24 17:19:41 ----D---- C:\Documents and Settings
2011-05-24 17:02:50 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2011-05-23 09:09:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-05-23 08:58:53 ----D---- C:\WINDOWS\system32\LogFiles
2011-05-21 15:09:00 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-05-21 15:00:41 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-05-21 14:16:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2011-05-21 11:48:14 ----D---- C:\Program Files\WinRAR
2011-05-21 11:46:43 ----D---- C:\Program Files\Windows Media Player
2011-05-21 11:46:04 ----D---- C:\Program Files\Common Files\PAC207
2011-05-21 11:41:08 ----D---- C:\Program Files\Windows NT
2011-05-21 11:27:33 ----D---- C:\Program Files\NetMeeting
2011-05-21 11:23:19 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-05-21 11:20:34 ----D---- C:\Program Files\CCleaner
2011-05-20 15:53:32 ----D---- C:\WINDOWS\system32\wbem
2011-05-20 11:17:36 ----D---- C:\Documents and Settings\Administrator\Data aplikací\TeamViewer
2011-05-20 11:17:34 ----D---- C:\WINDOWS\repair
2011-05-19 16:44:56 ----HD---- C:\WINDOWS\$hf_mig$
2011-05-19 16:28:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-05-19 16:21:17 ----D---- C:\WINDOWS\assembly
2011-05-18 21:54:07 ----D---- C:\WINDOWS\security
2011-05-18 21:52:59 ----D---- C:\WINDOWS\system32\XPSViewer
2011-05-18 21:51:48 ----D---- C:\WINDOWS\system32\mui
2011-05-18 17:31:04 ----A---- C:\Install.log.txt
2011-05-13 15:00:29 ----D---- C:\Program Files\Movie Maker
2011-05-13 14:55:45 ----D---- C:\Program Files\Outlook Express
2011-05-11 19:52:34 ----D---- C:\WINDOWS\system32\Setup
2011-05-11 18:44:39 ----D---- C:\WINDOWS\EHome
2011-05-11 18:44:35 ----D---- C:\WINDOWS\system32\inetsrv
2011-05-11 18:44:34 ----D---- C:\WINDOWS\ime
2011-05-11 18:44:04 ----D---- C:\WINDOWS\system32\usmt
2011-05-11 18:43:56 ----D---- C:\WINDOWS\peernet
2011-05-11 18:36:53 ----D---- C:\WINDOWS\system32\npp
2011-05-11 18:36:49 ----D---- C:\WINDOWS\msagent
2011-05-11 18:36:47 ----D---- C:\WINDOWS\srchasst
2011-05-11 18:36:43 ----D---- C:\WINDOWS\system32\Com
2011-05-11 18:36:32 ----D---- C:\Program Files\Common Files\System
2011-05-11 18:35:57 ----D---- C:\WINDOWS\system32\oobe
2011-05-11 18:30:48 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-05-11 17:55:28 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
2011-05-10 08:41:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-06-05 97504]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-05-10 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-05-10 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-05-10 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-05-10 307928]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-05-10 49240]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-06-05 242472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-06-05 29400]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-05-10 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-05-10 102616]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-03 11868]
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
R3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-05-14 508288]
R3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 S3SAVAGE4;S3SAVAGE4; C:\WINDOWS\system32\DRIVERS\s3savg4m.sys [2000-08-10 84704]
S0 dwshd;dwshd; C:\WINDOWS\system32\drivers\dwshd.sys []
S3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.sys []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\drivers\AmdLLD.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PRODIGY;PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 S3SAVAGE4M;S3SAVAGE4M; C:\WINDOWS\System32\DRIVERS\s3sav4m.sys [2001-08-17 77824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; D:\ANTIVIRY\Avast\AvastSvc.exe [2011-05-10 42184]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-05 1779792]
R2 MBAMService;MBAMService; D:\ANTIVIRY\Mbam\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-30 136176]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
poprosim o preventivku diky.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: poprosim o preventivku diky.
Dobrý den 
hned na to mrknu
hned na to mrknu
Napiš mi: chodnik74@gmail.com nebo 
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| 
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. 
Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni 
Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: poprosim o preventivku diky.
Ok,neponahlam sa.
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: poprosim o preventivku diky.
Celkem malý HDD Odinstalujte Glary + všechny toolbary,pokud máte v systému.. Smazat tyto soubory...
Kód: Vybrat vše
C:\WINDOWS\tasks\GlaryInitialize.job
C:\WINDOWS\tasks\GlaryUpdate.job
C:\WINDOWS\tasks\PandaUSBVaccine.job
TFC
- Stáhneme a spustíme program
- Klikneme na Start a potvrdíme OK
- Program začne uklízet,poté restartuje pc
- po použití program smažte
- Vyčistěte pc dle návodu
- Program používat 1x za 14 dní
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: poprosim o preventivku diky.
Uz je to lepsie ,dakujem.Neviem co je v C:\VritualRoot lebo som ho zmazal.Casom si chcem zvecsit HDD no zatial na to nemam.Inac je PC v poriadku? 
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: poprosim o preventivku diky.
Proveďte všechny kroky,co jsem napsal a nový log z RSIT
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: poprosim o preventivku diky.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2011-06-11 12:42:25
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (24%) free of 8 GB
Total RAM: 511 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:45:47 , on 11.6.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\ANTIVIRY\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
E:\panda\Panda USB Vaccine\USBVaccine.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cfp.exe
D:\ANTIVIRY\Avast\avastUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\ANTIVIRY\Avast\setup\avast.setup
C:\Documents and Settings\Administrator\Plocha\Moje Subory\RSIT.exe
C:\Program Files\Trend Micro\Administrator.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = gmail.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\ANTIVIRY\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avast] "D:\ANTIVIRY\Avast\avastUI.exe" /nogui
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - D:\ANTIVIRY\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
--
End of file - 3029 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\PandaUSBVaccine.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - D:\ANTIVIRY\Avast\aswWebRepIE.dll [2011-05-10 819840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cfp.exe [2011-06-05 2552648]
"avast"=D:\ANTIVIRY\Avast\avastUI.exe [2011-05-10 3459712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"sdCoreService"=2
"sdAuxService"=2
"RasMan"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoInstrumentation"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\My Download Files\Subory\Skype\Phone\Skype.exe"="D:\My Download Files\Subory\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\My Download Files\Subory\Skype\Plugin Manager\skypePM.exe"="D:\My Download Files\Subory\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\Administrator\Plocha\Skype.exe"="C:\Documents and Settings\Administrator\Plocha\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2011-06-08 14:46:52 ----SHD---- C:\RECYCLER
2011-06-08 14:45:09 ----D---- C:\WINDOWS\temp
2011-06-08 14:45:05 ----A---- C:\ComboFix.txt
2011-06-08 14:21:53 ----A---- C:\WINDOWS\zip.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\SWSC.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\SWREG.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\sed.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\PEV.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\NIRCMD.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\MBR.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\grep.exe
2011-06-08 14:21:36 ----D---- C:\WINDOWS\ERDNT
2011-06-08 13:26:18 ----D---- C:\rsit
2011-06-07 14:29:45 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
2011-06-07 12:45:03 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-06-07 12:45:03 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-06-07 12:44:12 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-06-07 12:44:12 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-06-07 12:44:12 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-06-07 12:44:11 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-06-07 12:44:11 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-06-07 12:44:11 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-06-07 12:43:36 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-06-07 12:43:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-06-05 12:38:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo
2011-06-04 13:42:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Auslogics
2011-06-04 13:35:01 ----A---- C:\WINDOWS\system32\drivers\revoflt.sys
2011-06-03 22:20:52 ----HDC---- C:\WINDOWS\ie8
2011-06-03 20:51:50 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
2011-06-03 20:50:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-06-03 13:27:30 ----D---- C:\Documents and Settings\Administrator\Data aplikací\GlarySoft
2011-05-31 17:00:39 ----A---- C:\WINDOWS\ScanSpyware.INI
2011-05-30 15:38:37 ----D---- C:\Program Files\Google
2011-05-30 15:25:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-27 16:04:57 ----HD---- C:\WINDOWS\PIF
2011-05-26 17:11:23 ----D---- C:\Program Files\Trend Micro
2011-05-26 16:16:14 ----ASH---- C:\pagefile.sys
2011-05-25 17:43:53 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Tific
2011-05-25 16:19:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Panda Security
2011-05-25 12:29:41 ----D---- C:\Program Files\SpaceMonger
2011-05-23 09:05:15 ----D---- C:\Documents and Settings\Administrator\Data aplikací\CCleanup
2011-05-21 14:54:35 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2011-05-20 15:47:27 ----DC---- C:\WINDOWS\$968930Uinstall_KB968930$
2011-05-20 10:42:30 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2011-05-19 16:27:37 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2011-05-19 16:27:35 ----D---- C:\WINDOWS\system32\winrm
2011-05-19 16:22:25 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2011-05-18 17:53:44 ----A---- C:\WINDOWS\system32\gdiplus.dll
2011-05-17 14:01:46 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Business Logic
2011-05-16 17:56:00 ----A---- C:\WINDOWS\UC.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\RAR.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\PKZIP.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\PKUNZIP.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\NOCLOSE.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\LHA.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\ARJ.PIF
2011-05-15 15:34:48 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2011-05-15 12:55:53 ----A---- C:\WINDOWS\system32\drivers\prodigy.sys
2011-05-15 12:20:46 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2011-05-15 12:20:44 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2011-05-15 12:20:42 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011-05-15 12:20:35 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-05-15 12:20:35 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2011-05-15 12:20:35 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2011-05-15 12:20:35 ----A---- C:\WINDOWS\system32\ccdcmbwu.dll
2011-05-12 12:48:37 ----A---- C:\WINDOWS\system32\TURegOpt.exe
======List of files/folders modified in the last 1 months======
2011-06-09 22:56:33 ----D---- C:\WINDOWS\system32
2011-06-09 10:32:28 ----D---- C:\WINDOWS
2011-06-09 10:31:03 ----SD---- C:\WINDOWS\Tasks
2011-06-09 10:20:43 ----SHD---- C:\System Volume Information
2011-06-09 09:40:01 ----D---- C:\WINDOWS\system32\drivers\etc
2011-06-09 09:37:36 ----SHD---- C:\WINDOWS\Installer
2011-06-09 09:17:17 ----D---- C:\WINDOWS\system32\CatRoot2
2011-06-09 09:02:28 ----D---- C:\WINDOWS\system32\drivers
2011-06-08 14:45:11 ----AD---- C:\Qoobox
2011-06-08 14:38:44 ----A---- C:\WINDOWS\system.ini
2011-06-08 14:31:06 ----D---- C:\WINDOWS\AppPatch
2011-06-08 14:30:56 ----D---- C:\Program Files\Common Files
2011-06-08 14:21:50 ----D---- C:\WINDOWS\Prefetch
2011-06-07 12:44:01 ----D---- C:\WINDOWS\WinSxS
2011-06-07 12:43:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-05 13:07:32 ----A---- C:\WINDOWS\system32\guard32.dll
2011-06-03 22:24:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-03 22:24:53 ----HD---- C:\WINDOWS\inf
2011-06-03 22:24:53 ----D---- C:\WINDOWS\Help
2011-06-03 22:24:53 ----D---- C:\Program Files\Internet Explorer
2011-06-03 22:22:41 ----D---- C:\WINDOWS\WBEM
2011-06-03 22:22:41 ----D---- C:\WINDOWS\system32\cs-CZ
2011-06-03 22:22:30 ----D---- C:\WINDOWS\Media
2011-06-03 22:21:37 ----D---- C:\WINDOWS\system32\CatRoot
2011-06-03 22:14:52 ----D---- C:\WINDOWS\ie8updates
2011-06-03 17:47:43 ----ASH---- C:\boot.ini
2011-06-03 17:47:43 ----A---- C:\WINDOWS\win.ini
2011-06-03 13:32:50 ----RD---- C:\Program Files
2011-06-03 13:32:46 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-06-02 13:25:02 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-06-01 16:20:12 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Thinstall
2011-06-01 09:12:18 ----D---- C:\WINDOWS\system
2011-05-31 14:47:04 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-05-31 14:06:24 ----D---- C:\WINDOWS\system32\config
2011-05-31 13:56:59 ----D---- C:\WINDOWS\system32\Restore
2011-05-29 20:39:59 ----D---- C:\WINDOWS\Debug
2011-05-29 20:39:56 ----D---- C:\WINDOWS\Minidump
2011-05-29 16:02:26 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2011-05-28 13:12:18 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
2011-05-26 18:50:54 ----D---- C:\WINDOWS\system32\NtmsData
2011-05-26 18:49:39 ----D---- C:\WINDOWS\Registration
2011-05-26 17:32:25 ----D---- C:\WINDOWS\pss
2011-05-26 14:36:18 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-05-26 13:28:18 ----HD---- C:\Documents and Settings\All Users\Data aplikací\~0
2011-05-25 15:43:43 ----RSD---- C:\WINDOWS\Fonts
2011-05-25 11:30:17 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Software Informer
2011-05-24 17:19:41 ----D---- C:\Documents and Settings
2011-05-24 17:02:50 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2011-05-23 09:09:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-05-23 08:58:53 ----D---- C:\WINDOWS\system32\LogFiles
2011-05-21 15:09:00 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-05-21 15:00:41 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-05-21 14:16:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2011-05-21 11:48:14 ----D---- C:\Program Files\WinRAR
2011-05-21 11:46:43 ----D---- C:\Program Files\Windows Media Player
2011-05-21 11:46:04 ----D---- C:\Program Files\Common Files\PAC207
2011-05-21 11:41:08 ----D---- C:\Program Files\Windows NT
2011-05-21 11:27:33 ----D---- C:\Program Files\NetMeeting
2011-05-21 11:23:19 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-05-21 11:22:55 ----D---- C:\Program Files\Messenger
2011-05-21 11:20:34 ----D---- C:\Program Files\CCleaner
2011-05-20 15:53:32 ----D---- C:\WINDOWS\system32\wbem
2011-05-20 11:17:36 ----D---- C:\Documents and Settings\Administrator\Data aplikací\TeamViewer
2011-05-20 11:17:34 ----D---- C:\WINDOWS\repair
2011-05-19 16:44:56 ----HD---- C:\WINDOWS\$hf_mig$
2011-05-19 16:28:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-05-19 16:21:17 ----D---- C:\WINDOWS\assembly
2011-05-18 21:54:07 ----D---- C:\WINDOWS\security
2011-05-18 21:52:59 ----D---- C:\WINDOWS\system32\XPSViewer
2011-05-18 21:51:48 ----D---- C:\WINDOWS\system32\mui
2011-05-18 17:31:04 ----A---- C:\Install.log.txt
2011-05-13 15:00:29 ----D---- C:\Program Files\Movie Maker
2011-05-13 14:55:45 ----D---- C:\Program Files\Outlook Express
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-06-05 97504]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-05-10 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-05-10 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-05-10 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-05-10 307928]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-05-10 49240]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-06-05 242472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-06-05 29400]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-05-10 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-05-10 102616]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-03 11868]
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
R3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
R3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-05-14 508288]
R3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 S3SAVAGE4;S3SAVAGE4; C:\WINDOWS\system32\DRIVERS\s3savg4m.sys [2000-08-10 84704]
S0 dwshd;dwshd; C:\WINDOWS\system32\drivers\dwshd.sys []
S3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.sys []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\drivers\AmdLLD.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PRODIGY;PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 S3SAVAGE4M;S3SAVAGE4M; C:\WINDOWS\System32\DRIVERS\s3sav4m.sys [2001-08-17 77824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; D:\ANTIVIRY\Avast\AvastSvc.exe [2011-05-10 42184]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-05 1779792]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-30 136176]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
-----------------EOF-----------------
Run by Administrator at 2011-06-11 12:42:25
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (24%) free of 8 GB
Total RAM: 511 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:45:47 , on 11.6.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\ANTIVIRY\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
E:\panda\Panda USB Vaccine\USBVaccine.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cfp.exe
D:\ANTIVIRY\Avast\avastUI.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
D:\ANTIVIRY\Avast\setup\avast.setup
C:\Documents and Settings\Administrator\Plocha\Moje Subory\RSIT.exe
C:\Program Files\Trend Micro\Administrator.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = gmail.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\ANTIVIRY\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avast] "D:\ANTIVIRY\Avast\avastUI.exe" /nogui
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - D:\ANTIVIRY\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
--
End of file - 3029 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\PandaUSBVaccine.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - D:\ANTIVIRY\Avast\aswWebRepIE.dll [2011-05-10 819840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cfp.exe [2011-06-05 2552648]
"avast"=D:\ANTIVIRY\Avast\avastUI.exe [2011-05-10 3459712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"sdCoreService"=2
"sdAuxService"=2
"RasMan"=3
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\guard32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoInstrumentation"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\My Download Files\Subory\Skype\Phone\Skype.exe"="D:\My Download Files\Subory\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\My Download Files\Subory\Skype\Plugin Manager\skypePM.exe"="D:\My Download Files\Subory\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\Administrator\Plocha\Skype.exe"="C:\Documents and Settings\Administrator\Plocha\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2011-06-08 14:46:52 ----SHD---- C:\RECYCLER
2011-06-08 14:45:09 ----D---- C:\WINDOWS\temp
2011-06-08 14:45:05 ----A---- C:\ComboFix.txt
2011-06-08 14:21:53 ----A---- C:\WINDOWS\zip.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\SWSC.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\SWREG.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\sed.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\PEV.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\NIRCMD.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\MBR.exe
2011-06-08 14:21:53 ----A---- C:\WINDOWS\grep.exe
2011-06-08 14:21:36 ----D---- C:\WINDOWS\ERDNT
2011-06-08 13:26:18 ----D---- C:\rsit
2011-06-07 14:29:45 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Ashampoo
2011-06-07 12:45:03 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-06-07 12:45:03 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-06-07 12:44:12 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-06-07 12:44:12 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-06-07 12:44:12 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-06-07 12:44:11 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-06-07 12:44:11 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-06-07 12:44:11 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-06-07 12:43:36 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-06-07 12:43:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-06-05 12:38:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo
2011-06-04 13:42:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Auslogics
2011-06-04 13:35:01 ----A---- C:\WINDOWS\system32\drivers\revoflt.sys
2011-06-03 22:20:52 ----HDC---- C:\WINDOWS\ie8
2011-06-03 20:51:50 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
2011-06-03 20:50:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-06-03 13:27:30 ----D---- C:\Documents and Settings\Administrator\Data aplikací\GlarySoft
2011-05-31 17:00:39 ----A---- C:\WINDOWS\ScanSpyware.INI
2011-05-30 15:38:37 ----D---- C:\Program Files\Google
2011-05-30 15:25:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-27 16:04:57 ----HD---- C:\WINDOWS\PIF
2011-05-26 17:11:23 ----D---- C:\Program Files\Trend Micro
2011-05-26 16:16:14 ----ASH---- C:\pagefile.sys
2011-05-25 17:43:53 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Tific
2011-05-25 16:19:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Panda Security
2011-05-25 12:29:41 ----D---- C:\Program Files\SpaceMonger
2011-05-23 09:05:15 ----D---- C:\Documents and Settings\Administrator\Data aplikací\CCleanup
2011-05-21 14:54:35 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2011-05-20 15:47:27 ----DC---- C:\WINDOWS\$968930Uinstall_KB968930$
2011-05-20 10:42:30 ----A---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2011-05-19 16:27:37 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2011-05-19 16:27:35 ----D---- C:\WINDOWS\system32\winrm
2011-05-19 16:22:25 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2011-05-18 17:53:44 ----A---- C:\WINDOWS\system32\gdiplus.dll
2011-05-17 14:01:46 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Business Logic
2011-05-16 17:56:00 ----A---- C:\WINDOWS\UC.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\RAR.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\PKZIP.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\PKUNZIP.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\NOCLOSE.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\LHA.PIF
2011-05-16 17:56:00 ----A---- C:\WINDOWS\ARJ.PIF
2011-05-15 15:34:48 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2011-05-15 12:55:53 ----A---- C:\WINDOWS\system32\drivers\prodigy.sys
2011-05-15 12:20:46 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2011-05-15 12:20:44 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2011-05-15 12:20:42 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011-05-15 12:20:35 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-05-15 12:20:35 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2011-05-15 12:20:35 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2011-05-15 12:20:35 ----A---- C:\WINDOWS\system32\ccdcmbwu.dll
2011-05-12 12:48:37 ----A---- C:\WINDOWS\system32\TURegOpt.exe
======List of files/folders modified in the last 1 months======
2011-06-09 22:56:33 ----D---- C:\WINDOWS\system32
2011-06-09 10:32:28 ----D---- C:\WINDOWS
2011-06-09 10:31:03 ----SD---- C:\WINDOWS\Tasks
2011-06-09 10:20:43 ----SHD---- C:\System Volume Information
2011-06-09 09:40:01 ----D---- C:\WINDOWS\system32\drivers\etc
2011-06-09 09:37:36 ----SHD---- C:\WINDOWS\Installer
2011-06-09 09:17:17 ----D---- C:\WINDOWS\system32\CatRoot2
2011-06-09 09:02:28 ----D---- C:\WINDOWS\system32\drivers
2011-06-08 14:45:11 ----AD---- C:\Qoobox
2011-06-08 14:38:44 ----A---- C:\WINDOWS\system.ini
2011-06-08 14:31:06 ----D---- C:\WINDOWS\AppPatch
2011-06-08 14:30:56 ----D---- C:\Program Files\Common Files
2011-06-08 14:21:50 ----D---- C:\WINDOWS\Prefetch
2011-06-07 12:44:01 ----D---- C:\WINDOWS\WinSxS
2011-06-07 12:43:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-06-05 13:07:32 ----A---- C:\WINDOWS\system32\guard32.dll
2011-06-03 22:24:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-03 22:24:53 ----HD---- C:\WINDOWS\inf
2011-06-03 22:24:53 ----D---- C:\WINDOWS\Help
2011-06-03 22:24:53 ----D---- C:\Program Files\Internet Explorer
2011-06-03 22:22:41 ----D---- C:\WINDOWS\WBEM
2011-06-03 22:22:41 ----D---- C:\WINDOWS\system32\cs-CZ
2011-06-03 22:22:30 ----D---- C:\WINDOWS\Media
2011-06-03 22:21:37 ----D---- C:\WINDOWS\system32\CatRoot
2011-06-03 22:14:52 ----D---- C:\WINDOWS\ie8updates
2011-06-03 17:47:43 ----ASH---- C:\boot.ini
2011-06-03 17:47:43 ----A---- C:\WINDOWS\win.ini
2011-06-03 13:32:50 ----RD---- C:\Program Files
2011-06-03 13:32:46 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-06-02 13:25:02 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2011-06-01 16:20:12 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Thinstall
2011-06-01 09:12:18 ----D---- C:\WINDOWS\system
2011-05-31 14:47:04 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-05-31 14:06:24 ----D---- C:\WINDOWS\system32\config
2011-05-31 13:56:59 ----D---- C:\WINDOWS\system32\Restore
2011-05-29 20:39:59 ----D---- C:\WINDOWS\Debug
2011-05-29 20:39:56 ----D---- C:\WINDOWS\Minidump
2011-05-29 16:02:26 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2011-05-28 13:12:18 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
2011-05-26 18:50:54 ----D---- C:\WINDOWS\system32\NtmsData
2011-05-26 18:49:39 ----D---- C:\WINDOWS\Registration
2011-05-26 17:32:25 ----D---- C:\WINDOWS\pss
2011-05-26 14:36:18 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-05-26 13:28:18 ----HD---- C:\Documents and Settings\All Users\Data aplikací\~0
2011-05-25 15:43:43 ----RSD---- C:\WINDOWS\Fonts
2011-05-25 11:30:17 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Software Informer
2011-05-24 17:19:41 ----D---- C:\Documents and Settings
2011-05-24 17:02:50 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2011-05-23 09:09:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-05-23 08:58:53 ----D---- C:\WINDOWS\system32\LogFiles
2011-05-21 15:09:00 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-05-21 15:00:41 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-05-21 14:16:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2011-05-21 11:48:14 ----D---- C:\Program Files\WinRAR
2011-05-21 11:46:43 ----D---- C:\Program Files\Windows Media Player
2011-05-21 11:46:04 ----D---- C:\Program Files\Common Files\PAC207
2011-05-21 11:41:08 ----D---- C:\Program Files\Windows NT
2011-05-21 11:27:33 ----D---- C:\Program Files\NetMeeting
2011-05-21 11:23:19 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2011-05-21 11:22:55 ----D---- C:\Program Files\Messenger
2011-05-21 11:20:34 ----D---- C:\Program Files\CCleaner
2011-05-20 15:53:32 ----D---- C:\WINDOWS\system32\wbem
2011-05-20 11:17:36 ----D---- C:\Documents and Settings\Administrator\Data aplikací\TeamViewer
2011-05-20 11:17:34 ----D---- C:\WINDOWS\repair
2011-05-19 16:44:56 ----HD---- C:\WINDOWS\$hf_mig$
2011-05-19 16:28:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-05-19 16:21:17 ----D---- C:\WINDOWS\assembly
2011-05-18 21:54:07 ----D---- C:\WINDOWS\security
2011-05-18 21:52:59 ----D---- C:\WINDOWS\system32\XPSViewer
2011-05-18 21:51:48 ----D---- C:\WINDOWS\system32\mui
2011-05-18 17:31:04 ----A---- C:\Install.log.txt
2011-05-13 15:00:29 ----D---- C:\Program Files\Movie Maker
2011-05-13 14:55:45 ----D---- C:\Program Files\Outlook Express
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2011-06-05 97504]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-05-10 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-05-10 25432]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-05-10 441176]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-05-10 307928]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-05-10 49240]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2011-06-05 242472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2011-06-05 29400]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-05-10 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-05-10 102616]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-03 11868]
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
R3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
R3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-05-14 508288]
R3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 S3SAVAGE4;S3SAVAGE4; C:\WINDOWS\system32\DRIVERS\s3savg4m.sys [2000-08-10 84704]
S0 dwshd;dwshd; C:\WINDOWS\system32\drivers\dwshd.sys []
S3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.sys []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\drivers\AmdLLD.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PRODIGY;PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 S3SAVAGE4M;S3SAVAGE4M; C:\WINDOWS\System32\DRIVERS\s3sav4m.sys [2001-08-17 77824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; D:\ANTIVIRY\Avast\AvastSvc.exe [2011-05-10 42184]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\FIREWALLY\Comodo\COMODO\COMODO Internet Security\cmdagent.exe [2011-06-05 1779792]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-30 136176]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
-----------------EOF-----------------
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: poprosim o preventivku diky.
Vše v pořádku Proč se 8.6.2011 spouštěl Combofix? to jste spouštěl sám Otevřeme si Služby 
- Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění. Zkopírujte a vložte sem následujíci text: services.msc a dejte enter
- Otevře se vám okno se službami vašeho pc,najděte následující služby,dvojklikem rozklikněte,klikneme na Zastavit a dále nastavte Typ spuštění:Zakázano
Kód: Vybrat vše
Služba Google Update (gupdate)
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: poprosim o preventivku diky.
Ano ,spustil som Combofix bez odporucania,ale vyma zalo my lmhost.Viem ze sa to nema ze my moze poslat pc do kytek.Uz to viac neurobim. 
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: poprosim o preventivku diky.
Vložte mi sem obsah souboru C:\ComboFix.txt Nebezpeči Combofixu
- Program je primárně určený pro rádce,takže svévolným použitím ztrácíte nárok na pomoc
- Maže stopy po veškeré havěti,takže když ho použijete sami,tak v RSITU nic nejde vidět
- Výsledný log je potřeba doluštit a dočistit,protože Combofix neumí mazat vše
- Combofix může mít chybu,zboří vám systém a pokud nevíte,kam ukládá své zálohy a jak je obnovit,tak vás čeká reinstall systémuu
- Combofix nekontroluje důležité knihovny(například hall.dll)
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: poprosim o preventivku diky.
ComboFix 11-06-07.03 - Administrator 08.06.2011 14:24:34.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.511.265 [GMT 2:00]
Running from: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\lmhosts
.
.
((((((((((((((((((((((((( Files Created from 2011-05-08 to 2011-06-08 )))))))))))))))))))))))))))))))
.
.
2011-06-08 11:26 . 2011-06-08 11:31 -------- d-----w- C:\rsit
2011-06-07 12:29 . 2011-06-07 12:29 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Ashampoo
2011-06-07 10:45 . 2011-05-10 12:03 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-06-07 10:45 . 2011-05-10 11:59 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-07 10:44 . 2011-05-10 12:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-06-07 10:44 . 2011-05-10 12:02 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-06-07 10:44 . 2011-05-10 11:59 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-06-07 10:44 . 2011-05-10 12:02 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-06-07 10:44 . 2011-05-10 12:02 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-06-07 10:44 . 2011-05-10 11:59 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-06-07 10:43 . 2011-05-10 12:10 40112 ----a-w- c:\windows\avastSS.scr
2011-06-07 10:43 . 2011-05-10 12:10 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-06-07 10:43 . 2011-06-07 10:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-06-06 09:43 . 2011-06-08 11:43 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Temp
2011-06-05 12:12 . 2011-06-05 12:12 -------- d-----w- C:\VritualRoot
2011-06-05 10:38 . 2011-06-05 11:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Comodo
2011-06-04 11:42 . 2011-06-04 12:03 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Auslogics
2011-06-04 11:36 . 2011-06-04 11:36 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\VS Revo Group
2011-06-04 11:35 . 2009-12-30 09:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-06-04 11:19 . 2011-06-04 11:59 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Ashampoo
2011-06-03 20:20 . 2011-06-03 20:23 -------- dc-h--w- c:\windows\ie8
2011-06-03 18:51 . 2011-06-03 18:51 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Malwarebytes
2011-06-03 18:51 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-03 18:50 . 2011-06-03 18:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-06-03 18:50 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-03 11:27 . 2011-06-04 10:53 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\GlarySoft
2011-05-30 13:38 . 2011-06-03 11:43 -------- d-----w- c:\program files\Google
2011-05-30 11:17 . 2011-05-30 11:17 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-30 09:34 . 2011-05-30 13:58 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Opera
2011-05-28 11:59 . 2011-05-30 13:46 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google
2011-05-27 14:04 . 2011-05-27 14:04 -------- d--h--w- c:\windows\PIF
2011-05-27 11:32 . 2011-05-30 12:53 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Downloaded Installations
2011-05-26 15:11 . 2011-06-08 11:56 -------- d-----w- c:\program files\Trend Micro
2011-05-26 14:30 . 2011-05-26 14:30 -------- d-----w- c:\documents and settings\All Users\Oblíbené položky
2011-05-25 15:44 . 2011-05-28 11:40 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Tific
2011-05-25 15:43 . 2011-06-01 14:19 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Tific
2011-05-25 15:43 . 2011-05-25 15:43 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Symantec
2011-05-25 14:19 . 2011-05-25 14:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Panda Security
2011-05-25 12:48 . 2009-09-02 08:20 652 ----a-w- c:\windows\FIX.reg
2011-05-25 12:48 . 2008-11-01 11:23 280 ----a-w- c:\windows\reset.reg
2011-05-25 10:29 . 2011-05-25 13:57 -------- d-----w- c:\program files\SpaceMonger
2011-05-25 10:26 . 2011-05-25 10:26 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\SpaceMonger
2011-05-23 12:18 . 2011-05-23 12:18 272 ----a-w- c:\windows\system32\drivers\sfi.dat
2011-05-23 07:05 . 2011-05-23 07:13 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\CCleanup
2011-05-21 12:54 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-05-20 13:47 . 2011-05-20 13:54 -------- dc----w- c:\windows\$968930Uinstall_KB968930$
2011-05-20 08:42 . 2011-05-20 08:42 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-05-20 08:35 . 2011-05-20 08:35 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Sunbelt Software
2011-05-19 14:42 . 2010-10-18 11:10 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-05-19 14:27 . 2011-05-19 14:27 -------- d-----w- c:\windows\system32\winrm
2011-05-18 17:48 . 2011-05-18 17:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\PackageAware
2011-05-18 15:53 . 2011-05-18 15:53 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-05-17 14:27 . 2008-04-13 18:46 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
2011-05-17 14:27 . 2008-04-13 18:36 14208 -c--a-w- c:\windows\system32\dllcache\battc.sys
2011-05-17 14:27 . 2008-04-13 18:46 13696 -c--a-w- c:\windows\system32\dllcache\avcstrm.sys
2011-05-17 14:27 . 2008-04-13 18:46 38912 -c--a-w- c:\windows\system32\dllcache\avc.sys
2011-05-17 14:24 . 2008-04-13 18:46 48128 -c--a-w- c:\windows\system32\dllcache\61883.sys
2011-05-17 14:24 . 2008-04-13 18:40 12288 -c--a-w- c:\windows\system32\dllcache\4mmdat.sys
2011-05-17 14:24 . 2008-04-13 18:46 53376 -c--a-w- c:\windows\system32\dllcache\1394bus.sys
2011-05-17 12:01 . 2011-05-17 12:01 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Business Logic
2011-05-17 11:25 . 2011-05-17 11:25 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\GHISLER
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\UC.PIF
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\RAR.PIF
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\LHA.PIF
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\ARJ.PIF
2011-05-15 13:34 . 2010-07-30 12:17 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2011-05-15 11:27 . 2011-05-15 11:37 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\MediaGet2
2011-05-15 10:55 . 2006-08-29 14:56 32377 ----a-w- c:\windows\system32\drivers\prodigy.sys
2011-05-15 10:40 . 2011-05-15 10:40 -------- d-sh--w- c:\documents and settings\Administrator\Phone Browser
2011-05-15 10:20 . 2010-07-30 12:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-05-15 10:20 . 2010-07-30 12:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-05-15 10:20 . 2010-07-30 12:16 23040 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-05-15 10:20 . 2010-07-30 12:17 111104 ----a-w- c:\windows\system32\ccdcmbwu.dll
2011-05-15 10:20 . 2010-07-30 12:17 604160 ----a-w- c:\windows\system32\nmwcdcocls.dll
2011-05-15 10:20 . 2010-07-30 12:16 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2011-05-15 10:20 . 2010-02-26 12:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-05-12 14:26 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-05-12 14:16 . 2011-02-22 23:08 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-05-12 14:16 . 2011-02-22 23:08 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-05-12 14:16 . 2011-02-22 23:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-05-12 14:16 . 2011-02-22 23:08 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-05-12 14:15 . 2011-02-22 23:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-05-12 14:15 . 2011-02-22 23:08 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-05-12 14:15 . 2011-02-22 23:08 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-05-12 13:55 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-05-12 10:48 . 2009-10-30 13:31 29512 ----a-w- c:\windows\system32\TURegOpt.exe
2011-05-11 17:58 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2011-05-11 17:58 . 2009-03-06 14:23 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2011-05-11 17:58 . 2009-02-09 11:25 111104 -c----w- c:\windows\system32\dllcache\services.exe
2011-05-11 17:58 . 2009-02-09 10:56 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2011-05-11 17:58 . 2009-02-09 10:56 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2011-05-11 17:58 . 2009-02-09 10:56 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-05-11 16:43 . 2011-05-11 16:44 -------- d-----w- c:\windows\l2schemas
2011-05-11 16:43 . 2011-05-11 16:43 -------- d-----w- c:\windows\system32\cs
2011-05-11 16:43 . 2011-05-11 16:43 -------- d-----w- c:\windows\system32\bits
2011-05-11 07:03 . 2011-05-25 09:30 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Software Informer
2011-05-10 06:44 . 2011-05-10 06:44 -------- d-----w- c:\windows\system32\wbem\Repository
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-05 11:07 . 2010-12-28 23:42 284744 ----a-w- c:\windows\system32\guard32.dll
2011-06-05 11:07 . 2011-01-06 15:37 97504 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-06-05 11:07 . 2011-01-06 15:37 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-05 11:07 . 2011-01-06 15:37 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-05 11:07 . 2011-01-06 15:37 242472 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-04-21 07:02 . 2010-09-17 18:18 737280 ----a-w- c:\windows\iun6002.exe
2011-04-13 08:21 . 2011-04-13 08:21 249592 ----a-w- c:\windows\system32\cssdll32.dll
2011-04-05 21:11 . 2010-08-02 15:22 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-11 14:10 . 2002-09-20 18:03 471552 ----a-w- c:\windows\apppatch\aclayers.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- d:\antiviry\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="d:\firewally\Comodo\COMODO\COMODO Internet Security\cfp.exe" [2011-06-05 2552648]
"avast"="d:\antiviry\Avast\avastUI.exe" [2011-05-10 3459712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0ssbtsr
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"sdCoreService"=2 (0x2)
"sdAuxService"=2 (0x2)
"RasMan"=3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SoundMan"=SOUNDMAN.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\My Download Files\\Subory\\Skype\\Phone\\Skype.exe"=
"d:\\My Download Files\\Subory\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Administrator\\Plocha\\Skype.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.6.2011 12:44 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.6.2011 12:45 307928]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [6.1.2011 17:37 242472]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [6.1.2011 17:37 29400]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.6.2011 12:45 19544]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3.6.2011 20:50 22712]
R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.SYS [14.5.2007 10:26 508288]
R3 S3SAVAGE4;S3SAVAGE4;c:\windows\system32\drivers\s3savg4m.sys [10.8.2000 14:03 84704]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [30.5.2011 15:38 136176]
S2 MBAMService;MBAMService;d:\antiviry\Mbam\Malwarebytes' Anti-Malware\mbamservice.exe [3.6.2011 20:51 366640]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [15.5.2011 12:55 32377]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [4.6.2011 13:35 27064]
S3 S3SAVAGE4M;S3SAVAGE4M;c:\windows\system32\drivers\s3sav4m.sys [7.7.2008 18:00 77824]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-08 c:\windows\Tasks\GlaryInitialize.job
- d:\utility\GlaryUtilities\Glary Utilities PRO 2.23.0.923\Glary Utilities\initialize.exe [2011-06-03 08:01]
.
2011-06-03 c:\windows\Tasks\GlaryUpdate.job
- d:\utility\GlaryUtilities\Glary Utilities PRO 2.23.0.923\Glary Utilities\webupdate.exe [2011-06-03 08:03]
.
2011-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-30 13:38]
.
2011-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-30 13:38]
.
2011-06-08 c:\windows\Tasks\PandaUSBVaccine.job
- e:\panda\Panda USB Vaccine\RunInteractiveWin.exe [2011-04-13 14:45]
.
.
------- Supplementary Scan -------
.
uStart Page = gmail.com
mWindow Title = Microsoft Internet Explorer
uInternet Connection Wizard,ShellNext = iexplore
TCP: DhcpNameServer = 192.168.100.1
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\zxr75e5l.default\
FF - prefs.js: browser.startup.homepage - gmail.com
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-dwshd.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-08 14:38
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose, ZwOpenFile
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1957994488-1677128483-854245398-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,57,fe,94,e8,f9,a9,65,49,b0,f4,f4,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,57,fe,94,e8,f9,a9,65,49,b0,f4,f4,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,57,fe,94,e8,f9,a9,65,49,b0,f4,f4,\
.
[HKEY_USERS\S-1-5-21-1957994488-1677128483-854245398-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{08ED0636-64FD-61D9-364E-9A9BBB53EE63}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"jakknfcnnjkcgajdennp"=hex:61,61,00,00
"kakknfcnpibefgiikiapla"=hex:61,61,00,00
"fakknfcncjhc"=hex:66,61,6e,62,63,66,70,64,65,70,70,62,00,9d
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="329D70EB43324576547CAE18148B66458CC20CF9668BE6189C638887621C608986DE056F9444B22EF01C45FE4139B402D9C6CD197C90B8E79E42883A17F6D8344C2EBE915C7A1753C7F6E2A91FE45171BFF72597932A803970B1E049FC5DC7263D05D2D62EBED4E0100F9F6C4C5493AC0E042FBDF7952A68A024550EAEA6CE9AC241C7480D1FE212AF4BE7A1DBEB64134B78DDD469B036946F747B633748A3927E237971F5CE4969C4F5FD28D5B846C5B0C976AC1D8038A0D5DC3EA918620ED1C1519764D6A1282C9E3DF5DF3467CA2B2CCF14963AADD8B3FC00DD44C7B36D6015D527340F12B262C2B3B8AE664D986D5EC3236B5C02D5B8C460FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E6679DB7CE019D40AA5CA6A0AC4980AC7933C2DD959BF4059B6DB07FCA07F22017FDD0CC0D2BF623B49F10C77374AA482F8357D2FBE605310B42E1ABACC4C56D1E52636FF74F4C85650786AE058C3797A5A6AE18AE224E09E48B94AFEBC1CCC02A562E8F73A4E9FB17AE6743BE103F27C49A282B52F8F1CE035CB079DC23BC1DD1E6BC2D9F6839EABCDE84B5B078805A7EAF7B0E043AA208F2ADEE7A47B05EC95EC36D4C917B367A7FBE7F3ADBDDCF5AF5172EC45158A78076585C2AE7550CD1CE13F27552E27196395D518CB6FD929504671FD93DEADC44831D5D836EA1B804D5DA53325F4813EF7BAA45E5A9BB41BC361B7EDA3FADAFA742A025857F4966745A88E91429F6D17A877CFB08959BEBC3CB10CF5A42FC26BF12E73EB132A42EF9766D65AE15607CED560D67384AC934E5B909EE6CA55D55E50360078F92AFBC2FF73CC9177C9A73C69278D1BE8E11D01E28AC852CBB76693ADA573129A08951F2E20F6C6C2C5DAB459DC055E71C650BAE74051636CC92A09C1482410ED1F5C169ECE1774C6405306E87CBE105215D429DAE80F4AC921F50B45B7813D00C5EF47980136CDA5B141C881BE13A69C030E8B21BF14BB43C31DD6C12B2D286AC4C674FBCE91BBFB9AEA2A153B1F86F0FBE847A331094F8EC7EC671CE9382CA04722AD6F28D2CA69B9C0808DECC87721788AEC822F3A2A6BCE19737D95D77BDD4226147AB0A98BE93CCA55121A6A6D3573597AF4A9C1BEE36D9F3F131B65DFED755C3151F50B1BCA4CEE754B19AE9F8418C7F8BBDED7587570B959D062C30B8B9271F7BBDB41857CA5852AE5DE439C83A7F3F7547AC7DAB14BA45F63F2C43131AD6D4FBA86F43CAEFC1F74022A7D0301E9DBED2E182D616D2D56401748ABABC8B485556371D7ED6770803ACB368BEA1381E7C463F7FF38BEE68E301757F916997052D14F3BE683E35CC315BF90FE88FCDD90CB843951ECF3827CC82C02593CFBAB776001DB6F34971D3D3FA"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(736)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(808)
c:\windows\system32\guard32.dll
.
Completion time: 2011-06-08 14:45:03
ComboFix-quarantined-files.txt 2011-06-08 12:44
.
Pre-Run: 2 008 883 200
Post-Run: 1 954 652 160
.
Current=7 Default=7 Failed=3 LastKnownGood=2 Sets=1,2,3,4,5,7
- - End Of File - - 54DE689404316B98DA69F25717B82AE1
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.511.265 [GMT 2:00]
Running from: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\etc\lmhosts
.
.
((((((((((((((((((((((((( Files Created from 2011-05-08 to 2011-06-08 )))))))))))))))))))))))))))))))
.
.
2011-06-08 11:26 . 2011-06-08 11:31 -------- d-----w- C:\rsit
2011-06-07 12:29 . 2011-06-07 12:29 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Ashampoo
2011-06-07 10:45 . 2011-05-10 12:03 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-06-07 10:45 . 2011-05-10 11:59 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-06-07 10:44 . 2011-05-10 12:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-06-07 10:44 . 2011-05-10 12:02 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-06-07 10:44 . 2011-05-10 11:59 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-06-07 10:44 . 2011-05-10 12:02 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-06-07 10:44 . 2011-05-10 12:02 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-06-07 10:44 . 2011-05-10 11:59 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-06-07 10:43 . 2011-05-10 12:10 40112 ----a-w- c:\windows\avastSS.scr
2011-06-07 10:43 . 2011-05-10 12:10 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-06-07 10:43 . 2011-06-07 10:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-06-06 09:43 . 2011-06-08 11:43 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Temp
2011-06-05 12:12 . 2011-06-05 12:12 -------- d-----w- C:\VritualRoot
2011-06-05 10:38 . 2011-06-05 11:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Comodo
2011-06-04 11:42 . 2011-06-04 12:03 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Auslogics
2011-06-04 11:36 . 2011-06-04 11:36 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\VS Revo Group
2011-06-04 11:35 . 2009-12-30 09:20 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-06-04 11:19 . 2011-06-04 11:59 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Ashampoo
2011-06-03 20:20 . 2011-06-03 20:23 -------- dc-h--w- c:\windows\ie8
2011-06-03 18:51 . 2011-06-03 18:51 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Malwarebytes
2011-06-03 18:51 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-03 18:50 . 2011-06-03 18:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-06-03 18:50 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-03 11:27 . 2011-06-04 10:53 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\GlarySoft
2011-05-30 13:38 . 2011-06-03 11:43 -------- d-----w- c:\program files\Google
2011-05-30 11:17 . 2011-05-30 11:17 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-30 09:34 . 2011-05-30 13:58 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Opera
2011-05-28 11:59 . 2011-05-30 13:46 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google
2011-05-27 14:04 . 2011-05-27 14:04 -------- d--h--w- c:\windows\PIF
2011-05-27 11:32 . 2011-05-30 12:53 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Downloaded Installations
2011-05-26 15:11 . 2011-06-08 11:56 -------- d-----w- c:\program files\Trend Micro
2011-05-26 14:30 . 2011-05-26 14:30 -------- d-----w- c:\documents and settings\All Users\Oblíbené položky
2011-05-25 15:44 . 2011-05-28 11:40 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Tific
2011-05-25 15:43 . 2011-06-01 14:19 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Tific
2011-05-25 15:43 . 2011-05-25 15:43 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Symantec
2011-05-25 14:19 . 2011-05-25 14:19 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Panda Security
2011-05-25 12:48 . 2009-09-02 08:20 652 ----a-w- c:\windows\FIX.reg
2011-05-25 12:48 . 2008-11-01 11:23 280 ----a-w- c:\windows\reset.reg
2011-05-25 10:29 . 2011-05-25 13:57 -------- d-----w- c:\program files\SpaceMonger
2011-05-25 10:26 . 2011-05-25 10:26 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\SpaceMonger
2011-05-23 12:18 . 2011-05-23 12:18 272 ----a-w- c:\windows\system32\drivers\sfi.dat
2011-05-23 07:05 . 2011-05-23 07:13 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\CCleanup
2011-05-21 12:54 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2011-05-20 13:47 . 2011-05-20 13:54 -------- dc----w- c:\windows\$968930Uinstall_KB968930$
2011-05-20 08:42 . 2011-05-20 08:42 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-05-20 08:35 . 2011-05-20 08:35 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Sunbelt Software
2011-05-19 14:42 . 2010-10-18 11:10 7680 -c----w- c:\windows\system32\dllcache\iecompat.dll
2011-05-19 14:27 . 2011-05-19 14:27 -------- d-----w- c:\windows\system32\winrm
2011-05-18 17:48 . 2011-05-18 17:48 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\PackageAware
2011-05-18 15:53 . 2011-05-18 15:53 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-05-17 14:27 . 2008-04-13 18:46 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
2011-05-17 14:27 . 2008-04-13 18:36 14208 -c--a-w- c:\windows\system32\dllcache\battc.sys
2011-05-17 14:27 . 2008-04-13 18:46 13696 -c--a-w- c:\windows\system32\dllcache\avcstrm.sys
2011-05-17 14:27 . 2008-04-13 18:46 38912 -c--a-w- c:\windows\system32\dllcache\avc.sys
2011-05-17 14:24 . 2008-04-13 18:46 48128 -c--a-w- c:\windows\system32\dllcache\61883.sys
2011-05-17 14:24 . 2008-04-13 18:40 12288 -c--a-w- c:\windows\system32\dllcache\4mmdat.sys
2011-05-17 14:24 . 2008-04-13 18:46 53376 -c--a-w- c:\windows\system32\dllcache\1394bus.sys
2011-05-17 12:01 . 2011-05-17 12:01 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Business Logic
2011-05-17 11:25 . 2011-05-17 11:25 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\GHISLER
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\UC.PIF
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\RAR.PIF
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\LHA.PIF
2011-05-16 15:56 . 2010-12-17 05:56 545 ----a-w- c:\windows\ARJ.PIF
2011-05-15 13:34 . 2010-07-30 12:17 75264 ----a-w- c:\windows\system32\nmwcdcls.dll
2011-05-15 11:27 . 2011-05-15 11:37 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\MediaGet2
2011-05-15 10:55 . 2006-08-29 14:56 32377 ----a-w- c:\windows\system32\drivers\prodigy.sys
2011-05-15 10:40 . 2011-05-15 10:40 -------- d-sh--w- c:\documents and settings\Administrator\Phone Browser
2011-05-15 10:20 . 2010-07-30 12:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-05-15 10:20 . 2010-07-30 12:16 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-05-15 10:20 . 2010-07-30 12:16 23040 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-05-15 10:20 . 2010-07-30 12:17 111104 ----a-w- c:\windows\system32\ccdcmbwu.dll
2011-05-15 10:20 . 2010-07-30 12:17 604160 ----a-w- c:\windows\system32\nmwcdcocls.dll
2011-05-15 10:20 . 2010-07-30 12:16 18048 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2011-05-15 10:20 . 2010-02-26 12:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2011-05-12 14:26 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-05-12 14:16 . 2011-02-22 23:08 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-05-12 14:16 . 2011-02-22 23:08 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-05-12 14:16 . 2011-02-22 23:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-05-12 14:16 . 2011-02-22 23:08 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-05-12 14:15 . 2011-02-22 23:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-05-12 14:15 . 2011-02-22 23:08 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-05-12 14:15 . 2011-02-22 23:08 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-05-12 13:55 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-05-12 10:48 . 2009-10-30 13:31 29512 ----a-w- c:\windows\system32\TURegOpt.exe
2011-05-11 17:58 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2011-05-11 17:58 . 2009-03-06 14:23 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2011-05-11 17:58 . 2009-02-09 11:25 111104 -c----w- c:\windows\system32\dllcache\services.exe
2011-05-11 17:58 . 2009-02-09 10:56 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2011-05-11 17:58 . 2009-02-09 10:56 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2011-05-11 17:58 . 2009-02-09 10:56 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-05-11 16:43 . 2011-05-11 16:44 -------- d-----w- c:\windows\l2schemas
2011-05-11 16:43 . 2011-05-11 16:43 -------- d-----w- c:\windows\system32\cs
2011-05-11 16:43 . 2011-05-11 16:43 -------- d-----w- c:\windows\system32\bits
2011-05-11 07:03 . 2011-05-25 09:30 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Software Informer
2011-05-10 06:44 . 2011-05-10 06:44 -------- d-----w- c:\windows\system32\wbem\Repository
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-05 11:07 . 2010-12-28 23:42 284744 ----a-w- c:\windows\system32\guard32.dll
2011-06-05 11:07 . 2011-01-06 15:37 97504 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-06-05 11:07 . 2011-01-06 15:37 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-06-05 11:07 . 2011-01-06 15:37 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys
2011-06-05 11:07 . 2011-01-06 15:37 242472 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-04-21 07:02 . 2010-09-17 18:18 737280 ----a-w- c:\windows\iun6002.exe
2011-04-13 08:21 . 2011-04-13 08:21 249592 ----a-w- c:\windows\system32\cssdll32.dll
2011-04-05 21:11 . 2010-08-02 15:22 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-11 14:10 . 2002-09-20 18:03 471552 ----a-w- c:\windows\apppatch\aclayers.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- d:\antiviry\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="d:\firewally\Comodo\COMODO\COMODO Internet Security\cfp.exe" [2011-06-05 2552648]
"avast"="d:\antiviry\Avast\avastUI.exe" [2011-05-10 3459712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0ssbtsr
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"sdCoreService"=2 (0x2)
"sdAuxService"=2 (0x2)
"RasMan"=3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SoundMan"=SOUNDMAN.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\My Download Files\\Subory\\Skype\\Phone\\Skype.exe"=
"d:\\My Download Files\\Subory\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Administrator\\Plocha\\Skype.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7.6.2011 12:44 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7.6.2011 12:45 307928]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [6.1.2011 17:37 242472]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [6.1.2011 17:37 29400]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7.6.2011 12:45 19544]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3.6.2011 20:50 22712]
R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.SYS [14.5.2007 10:26 508288]
R3 S3SAVAGE4;S3SAVAGE4;c:\windows\system32\drivers\s3savg4m.sys [10.8.2000 14:03 84704]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [30.5.2011 15:38 136176]
S2 MBAMService;MBAMService;d:\antiviry\Mbam\Malwarebytes' Anti-Malware\mbamservice.exe [3.6.2011 20:51 366640]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [15.5.2011 12:55 32377]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [4.6.2011 13:35 27064]
S3 S3SAVAGE4M;S3SAVAGE4M;c:\windows\system32\drivers\s3sav4m.sys [7.7.2008 18:00 77824]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-08 c:\windows\Tasks\GlaryInitialize.job
- d:\utility\GlaryUtilities\Glary Utilities PRO 2.23.0.923\Glary Utilities\initialize.exe [2011-06-03 08:01]
.
2011-06-03 c:\windows\Tasks\GlaryUpdate.job
- d:\utility\GlaryUtilities\Glary Utilities PRO 2.23.0.923\Glary Utilities\webupdate.exe [2011-06-03 08:03]
.
2011-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-30 13:38]
.
2011-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-05-30 13:38]
.
2011-06-08 c:\windows\Tasks\PandaUSBVaccine.job
- e:\panda\Panda USB Vaccine\RunInteractiveWin.exe [2011-04-13 14:45]
.
.
------- Supplementary Scan -------
.
uStart Page = gmail.com
mWindow Title = Microsoft Internet Explorer
uInternet Connection Wizard,ShellNext = iexplore
TCP: DhcpNameServer = 192.168.100.1
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\zxr75e5l.default\
FF - prefs.js: browser.startup.homepage - gmail.com
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-dwshd.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-06-08 14:38
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose, ZwOpenFile
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1957994488-1677128483-854245398-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,57,fe,94,e8,f9,a9,65,49,b0,f4,f4,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,57,fe,94,e8,f9,a9,65,49,b0,f4,f4,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,57,fe,94,e8,f9,a9,65,49,b0,f4,f4,\
.
[HKEY_USERS\S-1-5-21-1957994488-1677128483-854245398-500\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{08ED0636-64FD-61D9-364E-9A9BBB53EE63}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"jakknfcnnjkcgajdennp"=hex:61,61,00,00
"kakknfcnpibefgiikiapla"=hex:61,61,00,00
"fakknfcncjhc"=hex:66,61,6e,62,63,66,70,64,65,70,70,62,00,9d
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="329D70EB43324576547CAE18148B66458CC20CF9668BE6189C638887621C608986DE056F9444B22EF01C45FE4139B402D9C6CD197C90B8E79E42883A17F6D8344C2EBE915C7A1753C7F6E2A91FE45171BFF72597932A803970B1E049FC5DC7263D05D2D62EBED4E0100F9F6C4C5493AC0E042FBDF7952A68A024550EAEA6CE9AC241C7480D1FE212AF4BE7A1DBEB64134B78DDD469B036946F747B633748A3927E237971F5CE4969C4F5FD28D5B846C5B0C976AC1D8038A0D5DC3EA918620ED1C1519764D6A1282C9E3DF5DF3467CA2B2CCF14963AADD8B3FC00DD44C7B36D6015D527340F12B262C2B3B8AE664D986D5EC3236B5C02D5B8C460FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E6679DB7CE019D40AA5CA6A0AC4980AC7933C2DD959BF4059B6DB07FCA07F22017FDD0CC0D2BF623B49F10C77374AA482F8357D2FBE605310B42E1ABACC4C56D1E52636FF74F4C85650786AE058C3797A5A6AE18AE224E09E48B94AFEBC1CCC02A562E8F73A4E9FB17AE6743BE103F27C49A282B52F8F1CE035CB079DC23BC1DD1E6BC2D9F6839EABCDE84B5B078805A7EAF7B0E043AA208F2ADEE7A47B05EC95EC36D4C917B367A7FBE7F3ADBDDCF5AF5172EC45158A78076585C2AE7550CD1CE13F27552E27196395D518CB6FD929504671FD93DEADC44831D5D836EA1B804D5DA53325F4813EF7BAA45E5A9BB41BC361B7EDA3FADAFA742A025857F4966745A88E91429F6D17A877CFB08959BEBC3CB10CF5A42FC26BF12E73EB132A42EF9766D65AE15607CED560D67384AC934E5B909EE6CA55D55E50360078F92AFBC2FF73CC9177C9A73C69278D1BE8E11D01E28AC852CBB76693ADA573129A08951F2E20F6C6C2C5DAB459DC055E71C650BAE74051636CC92A09C1482410ED1F5C169ECE1774C6405306E87CBE105215D429DAE80F4AC921F50B45B7813D00C5EF47980136CDA5B141C881BE13A69C030E8B21BF14BB43C31DD6C12B2D286AC4C674FBCE91BBFB9AEA2A153B1F86F0FBE847A331094F8EC7EC671CE9382CA04722AD6F28D2CA69B9C0808DECC87721788AEC822F3A2A6BCE19737D95D77BDD4226147AB0A98BE93CCA55121A6A6D3573597AF4A9C1BEE36D9F3F131B65DFED755C3151F50B1BCA4CEE754B19AE9F8418C7F8BBDED7587570B959D062C30B8B9271F7BBDB41857CA5852AE5DE439C83A7F3F7547AC7DAB14BA45F63F2C43131AD6D4FBA86F43CAEFC1F74022A7D0301E9DBED2E182D616D2D56401748ABABC8B485556371D7ED6770803ACB368BEA1381E7C463F7FF38BEE68E301757F916997052D14F3BE683E35CC315BF90FE88FCDD90CB843951ECF3827CC82C02593CFBAB776001DB6F34971D3D3FA"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(736)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'lsass.exe'(808)
c:\windows\system32\guard32.dll
.
Completion time: 2011-06-08 14:45:03
ComboFix-quarantined-files.txt 2011-06-08 12:44
.
Pre-Run: 2 008 883 200
Post-Run: 1 954 652 160
.
Current=7 Default=7 Failed=3 LastKnownGood=2 Sets=1,2,3,4,5,7
- - End Of File - - 54DE689404316B98DA69F25717B82AE1
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: poprosim o preventivku diky.
Vše v pořádku,příště ale nespouštějte sám!! pokud jste ještě CF neodinstaloval,tak..
Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění a zkopírujte a vložte sem následujíci text: Combofix /Uninstall a dejte enter
Jak se PC chová
Stiskněte klávesovou kombinaci WIN+R( nebo start-spustit ),čímž se vám otevře okno pro zadání příkazu pro spuštění a zkopírujte a vložte sem následujíci text: Combofix /Uninstall a dejte enterJak se PC chová
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: poprosim o preventivku diky.
pocitac sa chova na svoje pomery dobre,diky. 
-
chodnik74
- Přítel fóra
- Příspěvky: 4975
- Registrován: 13 zář 2010 21:30
- Bydliště: Napajedla
- Kontaktovat uživatele:
Re: poprosim o preventivku diky.
Maličkost na závěr a přeji hezký zbytek dne 
rádo se stalo
Údržba PC:
1)Čištění dočasných složek + neplatné registry
Ccleaner
Defraggler
FileHippo.com Update Checker
rádo se stalo Údržba PC:
1)Čištění dočasných složek + neplatné registry
- Stáhneme a nainstalujeme program
- Spustíme program
-
ČISTIČ
Windows zde necháme vše jak je (pokud používáme IE,tak odškrkneme jeho položky) a zaškrkneme položky Start Menu zástupci a Zástupci na ploše
Aplikace - necháme jak je,ale pokud používáme nějaký prohlížeč (Google chrome,Firefox,Opera..) tak odškrkneme jeho položky
>Stiskeneme tlačítko Analyzovat a poté Spustit Cleaner - Registry
>Stiskneme tlačítko Hledej problémy,program začne hledat neplatné registry..podé zvolíme Opravit vybrané problémy..
>Program se zeptá,zda chceme vytvořit zálohu registrů,zvolíme ano a uložíme si někde zálohu(kdyby byli po opravení registru s něčím problémy,tak zálohu
obnovíme tak,že spustíme uloženou zálohu a potvrdíme ano),dále zvolíme Opravit všechny problémy a Zavřít
>opakujte dokud nebude registr bez problémů - Program používáme 1x 14dní (záleží na používání pc,můžeme i jednou týdně)
Defraggler
- Stáhneme a nainstalujeme program
- Spustíme program
- Vybereme disk ( C:,D:..prostě který používáme)
- Pokud je ve sloupci Fragmentace více než 5% dejte Defragmentovat
- Proveďte se všemi používanými disky
- Provádíme 1x za měsíc
FileHippo.com Update Checker
- Stáhneme a nainstalujeme program(Při instalaci odškrkneme volbu Run at Startup )
- Spustíme program
- Program vyhledá nainstalované programy v PC a zjistí dostupné aktualizace
- Poté se vám otevře internetová stránka,kde budou nabídnuté aplikace k aktualizování
>X Updates Detected..to jsou dostupné aktualizace..
> klikneme na zelenou šipečku a stáhneme program,poté nainstalujeme jeho aktuální verzi
> X Beta Updates Detected..tyto aktualizace nestahujte,jedná se o betaverze,které jsou ve vývoji a jsou nestabilní - Provádíme 1x za 14 dní nebo jednou za měsíc
Napiš mi: chodnik74@gmail.com nebo
>RSIT<>MBAM<>VirusTotal
Doporučuji: |
Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce!
Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!
Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.
Pravidla fora: č.1 a č.2
>RSIT<>MBAM<>VirusTotal
Doporučuji:
| Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce! Jste s naší pomocí spokojeni Neváhejte a podpořte forum ZDE.Pravidla fora: č.1 a č.2
Re: poprosim o preventivku diky.
ked som chcel spustit Update Checker ukazalo mi toto [IMG=http://img709.imageshack.us/img709/1270/beznzvudq.th.png][/IMG]
Uploaded with ImageShack.us a [IMG=http://img84.imageshack.us/img84/8981/beznzvuau.th.jpg][/IMG]
Uploaded with ImageShack.us
Uploaded with ImageShack.us a [IMG=http://img84.imageshack.us/img84/8981/beznzvuau.th.jpg][/IMG]
Uploaded with ImageShack.us
Přispějete na provoz fóra?
![[IMG=http://img709.imageshack.us/img709/1270/beznzvudq.th.png][/IMG]](http://imageshack.us/photo/my-images/709/beznzvudq.png/){kind=link}
![[IMG=http://img84.imageshack.us/img84/8981/beznzvuau.th.jpg][/IMG]](http://imageshack.us/photo/my-images/84/beznzvuau.jpg/){kind=link}