Ahoj, tak tady je ten log. jiank pc se chová lépe. hlavně nabíhá rychleji.
Logfile of random's system information tool 1.08 (written by random/random)
Run by pupca at 2010-10-12 16:06:48
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 11 GB (28%) free of 41 GB
Total RAM: 1023 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:07:02, on 12.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ZyXEL\ZyWALL VPN Client\IPSecMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\2433ILZ0\RSIT[1].exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\trend micro\pupca.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O4 - Global Startup: ZyWALL VPN Client.lnk = C:\Program Files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{624DA39F-2171-46ED-8F41-80873E19B95C}: NameServer = 193.179.143.3,193.179.143.5
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: SafeNet Monitor Service (IPSECMON) - SafeNet - C:\Program Files\ZyXEL\ZyWALL VPN Client\IPSecMon.exe
O23 - Service: SafeNet IKE Service (IreIKE) - SafeNet - C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
--
End of file - 9879 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-06-17 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - D:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-18 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-10-04 842296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-18 278192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-10-30 16269312]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2007-05-21 124512]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"snpstd3"=C:\WINDOWS\vsnpstd3.exe [2005-01-14 339968]
"DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2010-09-24 40368]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
ZyWALL VPN Client.lnk - C:\Program Files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-10-04 90112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\hry\age of mythology\aom.exe"="D:\hry\age of mythology\aom.exe:*:Enabled:Age of Mythology"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\programy\pinnacle 12\Programs\RM.exe"="D:\programy\pinnacle 12\Programs\RM.exe:*:Enabled:Render Manager"
"D:\programy\pinnacle 12\Programs\Studio.exe"="D:\programy\pinnacle 12\Programs\Studio.exe:*:Enabled:Studio"
"D:\programy\pinnacle 12\Programs\umi.exe"="D:\programy\pinnacle 12\Programs\umi.exe:*:Enabled:umi"
"D:\hry\plne\EA GAMES\The Battle for Middle-earth (tm)\game.dat"="D:\hry\plne\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"D:\program files\Internet TV\Internet TV.exe"="D:\program files\Internet TV\Internet TV.exe:*:Enabled:Internet TV"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\hry\plne\Modern Warfare 2\iw4mp.exe"="D:\hry\plne\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe:*:Enabled:IreIke"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\ViewLog.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\CmonApp.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\vpn.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe:*:Enabled:IreIke"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\ViewLog.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\CmonApp.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\vpn.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager"
======List of files/folders created in the last 1 months======
2010-10-12 16:03:23 ----D---- C:\WINDOWS\pss
2010-10-11 16:15:38 ----D---- C:\rsit
2010-10-11 15:19:07 ----D---- C:\Program Files\ICQ7.2
2010-10-11 15:14:06 ----SHD---- C:\RECYCLER
2010-10-10 20:14:51 ----A---- C:\Boot.bak
2010-10-10 20:14:48 ----RASHD---- C:\cmdcons
2010-10-10 20:12:20 ----D---- C:\WINDOWS\ERDNT
2010-10-10 11:14:25 ----D---- C:\Documents and Settings\pupca\Data aplikací\Malwarebytes
2010-10-10 11:14:14 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-10-10 11:14:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-10-10 11:14:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-10-10 11:14:12 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-10-10 10:24:27 ----D---- C:\Program Files\trend micro
2010-10-10 10:15:51 ----D---- C:\Config.Msi
2010-10-04 21:25:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2010-09-26 15:07:10 ----A---- C:\WINDOWS\wininit.ini
2010-09-26 14:19:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-09-26 13:54:44 ----D---- C:\Documents and Settings\pupca\Data aplikací\TrojanHunter
2010-09-26 13:44:32 ----R---- C:\WINDOWS\system32\streamhlp.dll
2010-09-26 13:44:31 ----D---- C:\Program Files\TrojanHunter 5.3
2010-09-26 10:09:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-09-23 21:17:57 ----D---- C:\Program Files\ESET
2010-09-16 20:56:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-09-16 20:56:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-09-16 20:56:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-09-16 20:56:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-09-16 20:56:16 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$
2010-09-16 20:55:55 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-09-16 20:53:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
======List of files/folders modified in the last 1 months======
2010-10-12 16:04:51 ----D---- C:\Documents and Settings\pupca\Data aplikací\skypePM
2010-10-12 16:03:23 ----D---- C:\WINDOWS
2010-10-12 16:01:47 ----SHD---- C:\WINDOWS\Installer
2010-10-12 16:01:20 ----D---- C:\WINDOWS\system32
2010-10-12 15:55:01 ----D---- C:\WINDOWS\Temp
2010-10-12 15:55:00 ----D---- C:\Documents and Settings\pupca\Data aplikací\Skype
2010-10-12 15:52:55 ----D---- C:\WINDOWS\system32\CatRoot2
2010-10-12 15:52:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-10-12 15:50:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-12 15:50:31 ----D---- C:\WINDOWS\system32\VITrans
2010-10-12 15:50:23 ----RD---- C:\Program Files
2010-10-12 15:50:22 ----D---- C:\WINDOWS\Cursors
2010-10-12 15:50:21 ----D---- C:\WINDOWS\Media
2010-10-11 17:31:24 ----D---- C:\Program Files\Google
2010-10-11 17:26:58 ----D---- C:\Documents and Settings\pupca\Data aplikací\JLC's Software
2010-10-11 17:26:00 ----D---- C:\Program Files\RealArcade
2010-10-11 15:30:16 ----D---- C:\WINDOWS\Debug
2010-10-11 15:30:15 ----D---- C:\WINDOWS\Minidump
2010-10-11 15:19:39 ----D---- C:\Program Files\ICQ6Toolbar
2010-10-11 15:19:35 ----HD---- C:\Program Files\InstallShield Installation Information
2010-10-11 15:19:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-10-11 15:19:33 ----D---- C:\Documents and Settings\pupca\Data aplikací\ICQ
2010-10-11 15:12:44 ----D---- C:\WINDOWS\system32\Restore
2010-10-10 21:41:44 ----RSD---- C:\WINDOWS\assembly
2010-10-10 21:39:52 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-10 21:27:48 ----D---- C:\WINDOWS\system32\drivers
2010-10-10 21:22:54 ----A---- C:\WINDOWS\system.ini
2010-10-10 21:22:44 ----D---- C:\WINDOWS\system32\drivers\etc
2010-10-10 21:21:09 ----D---- C:\WINDOWS\system32\config
2010-10-10 21:20:36 ----SD---- C:\WINDOWS\Tasks
2010-10-10 21:19:24 ----D---- C:\WINDOWS\AppPatch
2010-10-10 21:19:21 ----D---- C:\Program Files\Common Files
2010-10-10 20:14:51 ----RASH---- C:\boot.ini
2010-10-10 20:11:32 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-10-10 10:19:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-10 10:19:06 ----D---- C:\WINDOWS\WinSxS
2010-10-10 10:07:54 ----D---- C:\Program Files\Microsoft Silverlight
2010-10-04 21:25:08 ----HD---- C:\WINDOWS\inf
2010-09-23 21:18:00 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-09-23 19:31:04 ----D---- C:\WINDOWS\system32\wbem
2010-09-16 20:56:55 ----A---- C:\WINDOWS\win.ini
2010-09-16 20:56:33 ----HD---- C:\WINDOWS\$hf_mig$
2010-09-16 20:54:32 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-01-08 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-08-17 26944]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-08-17 51376]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-08-17 94160]
R2 Crypto;Crypto; C:\WINDOWS\system32\drivers\Crypto.sys [2004-07-30 521786]
R2 IPSECDRV;SafeNet IPSec Plugin; \??\C:\WINDOWS\system32\Drivers\IPSECDRV.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-08-17 23152]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-10-04 1754624]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2003-09-05 139604]
R3 DniVap;SafeNet WAN Miniport (VA); C:\WINDOWS\system32\DRIVERS\vap.sys [2001-12-14 36188]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-03 4394496]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-05-23 245248]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2005-06-22 498432]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-10-04 425984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 IPSECMON;SafeNet Monitor Service; C:\Program Files\ZyXEL\ZyWALL VPN Client\IPSecMon.exe [2004-08-11 57398]
R2 IreIKE;SafeNet IKE Service; C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe [2004-08-11 319538]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-02-08 66872]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-10-03 520192]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-17 182768]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
nejdou mi odstranit trojské koně a jiná havěť
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: nejdou mi odstranit trojské koně a jiná havěť
Pokud tam máš ještě Spybot S&D - odinstaluj známým způsobem (REVO)(vidím jen nějaké pozůstatky)
OTM scriptStáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe
Spusť program „OTM.exe“
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“
Klikni na červené „Moveit!“
Do své odpovědi vlož obsah zeleného okna
Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\
Kód: Vybrat vše
:Processes
explorer.exe
:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
:Services
WSearch
:Commands
[PURITY]
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[REBOOT]
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: nejdou mi odstranit trojské koně a jiná havěť
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP168.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP217.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP241.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI37.tmp moved successfully.
C:\WINDOWS\Installer\MSI42.tmp moved successfully.
C:\WINDOWS\Installer\MSI9B.tmp moved successfully.
========== SERVICES/DRIVERS ==========
Service WSearch stopped successfully!
Service WSearch deleted successfully!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: pupca
->Temp folder emptied: 15960566 bytes
->Temporary Internet Files folder emptied: 12154279 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 689 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 98304 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3232 bytes
Total Files Cleaned = 27,00 mb
Restore points cleared and new OTM Restore Point set!
OTM by OldTimer - Version 3.1.16.1 log created on 10122010_192715
Files moved on Reboot...
C:\Documents and Settings\pupca\Local Settings\Temp\Google Toolbar\GoogleToolbarWelcome.log moved successfully.
File C:\Documents and Settings\pupca\Local Settings\Temp\~DFE4DE.tmp not found!
File C:\Documents and Settings\pupca\Local Settings\Temp\~DFE4EC.tmp not found!
File C:\Documents and Settings\pupca\Local Settings\Temp\~DFE549.tmp not found!
File C:\Documents and Settings\pupca\Local Settings\Temp\~DFE555.tmp not found!
File C:\Documents and Settings\pupca\Local Settings\Temp\~DFE58E.tmp not found!
File C:\Documents and Settings\pupca\Local Settings\Temp\~DFE59A.tmp not found!
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\JUHRXBXU\176679-hokej-on-line-boleslav-otocila-skore-v-plzni-budejovice-hraji-se-spartou-bez-branek[1].html moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\85TEAP4D\213942-u-nizozemska-se-srazily-lode[1].html moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\85TEAP4D\context[1].htm moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\85TEAP4D\default[1].htm moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\2433ILZ0\afr[1].htm moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\2433ILZ0\controller[1].htm moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\2433ILZ0\viewtopic[1].htm moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
File C:\WINDOWS\temp\Perflib_Perfdata_114.dat not found!
Registry entries deleted on Reboot...
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53707962-6F74-2D53-2644-206D7942484F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP168.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP217.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP241.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP24D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP26A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI37.tmp moved successfully.
C:\WINDOWS\Installer\MSI42.tmp moved successfully.
C:\WINDOWS\Installer\MSI9B.tmp moved successfully.
========== SERVICES/DRIVERS ==========
Service WSearch stopped successfully!
Service WSearch deleted successfully!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: pupca
->Temp folder emptied: 15960566 bytes
->Temporary Internet Files folder emptied: 12154279 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 689 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 98304 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3232 bytes
Total Files Cleaned = 27,00 mb
Restore points cleared and new OTM Restore Point set!
OTM by OldTimer - Version 3.1.16.1 log created on 10122010_192715
Files moved on Reboot...
C:\Documents and Settings\pupca\Local Settings\Temp\Google Toolbar\GoogleToolbarWelcome.log moved successfully.
File C:\Documents and Settings\pupca\Local Settings\Temp\~DFE4DE.tmp not found!
File C:\Documents and Settings\pupca\Local Settings\Temp\~DFE4EC.tmp not found!
File C:\Documents and Settings\pupca\Local Settings\Temp\~DFE549.tmp not found!
File C:\Documents and Settings\pupca\Local Settings\Temp\~DFE555.tmp not found!
File C:\Documents and Settings\pupca\Local Settings\Temp\~DFE58E.tmp not found!
File C:\Documents and Settings\pupca\Local Settings\Temp\~DFE59A.tmp not found!
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\JUHRXBXU\176679-hokej-on-line-boleslav-otocila-skore-v-plzni-budejovice-hraji-se-spartou-bez-branek[1].html moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\85TEAP4D\213942-u-nizozemska-se-srazily-lode[1].html moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\85TEAP4D\context[1].htm moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\85TEAP4D\default[1].htm moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\2433ILZ0\afr[1].htm moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\2433ILZ0\controller[1].htm moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\Content.IE5\2433ILZ0\viewtopic[1].htm moved successfully.
C:\Documents and Settings\pupca\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File C:\WINDOWS\temp\_avast4_\Webshlock.txt not found!
File C:\WINDOWS\temp\Perflib_Perfdata_114.dat not found!
Registry entries deleted on Reboot...
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: nejdou mi odstranit trojské koně a jiná havěť
Spusť opět OTM -> CleanUp! - odinstaluje a vyčistí po sobě. Jestli nemáš s PC problémy, tak můžeme končit Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: nejdou mi odstranit trojské koně a jiná havěť
ahoj s pc už problémy nejsou. můžeme se vrhnout na ten noťas. poslal bych ti log
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: nejdou mi odstranit trojské koně a jiná havěť
šup sem s ním 
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: nejdou mi odstranit trojské koně a jiná havěť
TAK TADY JE 
Logfile of random's system information tool 1.08 (written by random/random)
Run by veronika pupáková at 2010-10-12 19:47:52
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 48 GB (68%) free of 71 GB
Total RAM: 2046 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:48:01, on 12.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\ZyXEL\ZyWALL VPN Client\IPSecMon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\program files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\NetSoftware\NetSoftware.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\DOCUME~1\VERONI~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Program Files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\veronika pupáková\Local Settings\Temporary Internet Files\Content.IE5\CBO5ZFVN\RSIT[1].exe
C:\Program Files\trend micro\veronika pupáková.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [NetSoftware] "C:\Program Files\NetSoftware\Starter.exe" /path="C:\Program Files\NetSoftware"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "D:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O4 - Global Startup: ZyWALL VPN Client (2).lnk = C:\Program Files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se5483.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6238709078
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab2.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/4 ... oader4.cab
O16 - DPF: {CEEFE929-741C-4323-B7FE-C17CA6DA3A01} (WebCamX Control) - http://88.146.134.61:5550/WebCamX.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.popcap.com/webgames/popcaploader_v10.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E856DFC-29E7-4896-8D1B-1A93BDDFA514}: NameServer = 192.168.8.151
O17 - HKLM\System\CCS\Services\Tcpip\..\{26F722D9-46BA-452F-BCD3-1B3DB143DD6F}: NameServer = 192.168.2.151,192.168.2.155
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1ca5978ae08787e) (gupdate1ca5978ae08787e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: SafeNet Monitor Service (IPSECMON) - SafeNet - C:\Program Files\ZyXEL\ZyWALL VPN Client\IPSecMon.exe
O23 - Service: SafeNet IKE Service (IREIKE) - SafeNet - C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\program files\Spyware Terminator\sp_rsser.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: XAudioService - Unknown owner - C:\WINDOWS\system32\DRIVERS\xaudio.exe (file missing)
--
End of file - 15106 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-09-20 1241552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-28 814648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-03-18 1361208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-03-18 1361208]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-09-20 1241552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-09-10 16384512]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2006-09-10 69632]
"AzMixerSel"=C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe [2006-09-10 53248]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-07-08 8433664]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-07-08 81920]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2007-05-21 124512]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe []
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-02-13 30192]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2010-04-19 106496]
"NetSoftware"=C:\Program Files\NetSoftware\Starter.exe [2010-07-11 139264]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ISUSPM"=C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-07-12 226904]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
"SpywareTerminatorUpdate"=D:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-10-10 3037696]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
ZyWALL VPN Client (2).lnk - C:\Program Files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableProfileQuota"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\hry\TrackMania Nations ESWC\TmNationsESWC.exe"="D:\hry\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"D:\hry\TmNationsForever\TmForever.exe"="D:\hry\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"D:\hry\age of mythology\aom.exe"="D:\hry\age of mythology\aom.exe:*:Enabled:Age of Mythology"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe:*:Enabled:IreIke"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\ViewLog.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\CmonApp.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\vpn.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe:*:Enabled:IreIke"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\ViewLog.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\CmonApp.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\vpn.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager"
======List of files/folders created in the last 1 months======
2010-10-12 19:47:52 ----D---- C:\rsit
2010-10-12 19:47:52 ----D---- C:\Program Files\trend micro
2010-10-12 18:19:11 ----D---- C:\WINDOWS\system32\VIRepair
2010-10-12 18:18:45 ----A---- C:\WINDOWS\system32\pskill.exe
2010-10-10 20:50:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Playrix Entertainment
2010-10-10 20:50:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
2010-10-10 20:49:48 ----D---- C:\Program Files\Hry.cz
2010-10-10 07:13:58 ----D---- C:\Program Files\Crawler
2010-10-10 07:13:55 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2010-10-10 07:13:53 ----D---- C:\Documents and Settings\veronika pupáková\Data aplikací\Spyware Terminator
2010-10-10 07:13:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-09-30 14:57:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2010-09-26 13:57:46 ----D---- C:\Program Files\PC Tools Security
2010-09-26 13:54:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Tools
2010-09-26 13:51:34 ----D---- C:\Documents and Settings\veronika pupáková\Data aplikací\TrojanHunter
2010-09-26 13:04:43 ----R---- C:\WINDOWS\system32\streamhlp.dll
2010-09-26 13:04:43 ----D---- C:\Program Files\TrojanHunter 5.3
2010-09-24 20:30:33 ----A---- C:\WINDOWS\system32\javaws.exe
2010-09-24 20:30:33 ----A---- C:\WINDOWS\system32\javaw.exe
2010-09-24 20:30:33 ----A---- C:\WINDOWS\system32\java.exe
2010-09-15 22:48:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-09-15 22:48:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-09-15 22:48:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-09-15 22:48:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-09-15 22:48:16 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$
2010-09-15 22:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-09-15 22:37:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2010-09-14 17:58:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alawar Stargaze
======List of files/folders modified in the last 1 months======
2010-10-12 19:48:01 ----D---- C:\WINDOWS\Prefetch
2010-10-12 19:47:52 ----RD---- C:\Program Files
2010-10-12 19:47:10 ----D---- C:\Documents and Settings\veronika pupáková\Data aplikací\Skype
2010-10-12 18:24:32 ----D---- C:\WINDOWS\Temp
2010-10-12 18:21:50 ----D---- C:\Program Files\NetSoftware
2010-10-12 18:21:03 ----D---- C:\WINDOWS\system32\VITrans
2010-10-12 18:21:03 ----D---- C:\WINDOWS\system32\Restore
2010-10-12 18:21:03 ----D---- C:\WINDOWS\system32
2010-10-12 18:21:03 ----D---- C:\Program Files\Windows Media Player
2010-10-12 18:21:03 ----AD---- C:\WINDOWS
2010-10-12 18:21:02 ----D---- C:\Program Files\Outlook Express
2010-10-12 18:21:02 ----D---- C:\Program Files\Internet Explorer
2010-10-12 18:19:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-12 18:18:55 ----D---- C:\Program Files\TrueTransparency
2010-10-12 18:18:52 ----D---- C:\WINDOWS\system32\CatRoot2
2010-10-12 18:18:52 ----D---- C:\WINDOWS\Cursors
2010-10-12 18:18:51 ----D---- C:\WINDOWS\Media
2010-10-12 16:08:32 ----D---- C:\Documents and Settings\veronika pupáková\Data aplikací\skypePM
2010-10-11 21:50:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-10-10 22:41:35 ----D---- C:\Documents and Settings\veronika pupáková\Data aplikací\ICQ
2010-10-10 07:13:55 ----D---- C:\WINDOWS\system32\drivers
2010-10-02 11:25:10 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-02 11:25:08 ----RSD---- C:\WINDOWS\assembly
2010-10-02 06:59:13 ----SHD---- C:\WINDOWS\Installer
2010-10-02 06:59:13 ----SHD---- C:\Config.Msi
2010-10-02 06:58:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-02 06:58:07 ----D---- C:\WINDOWS\WinSxS
2010-10-01 19:27:02 ----A---- C:\WINDOWS\AVerText.ini
2010-09-30 18:55:12 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-30 14:57:54 ----HD---- C:\WINDOWS\inf
2010-09-30 14:57:48 ----D---- C:\WINDOWS\system32\CatRoot
2010-09-28 15:24:40 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-09-26 18:34:05 ----SHD---- C:\System Volume Information
2010-09-26 18:34:05 ----D---- C:\Program Files\Common Files
2010-09-26 14:24:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\NetSoftware
2010-09-26 13:57:54 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-09-24 20:30:56 ----D---- C:\Program Files\Common Files\Java
2010-09-24 20:30:32 ----D---- C:\Program Files\Java
2010-09-23 14:24:37 ----D---- C:\Program Files\Google
2010-09-15 22:53:05 ----A---- C:\WINDOWS\win.ini
2010-09-15 22:48:40 ----A---- C:\WINDOWS\imsins.BAK
2010-09-15 22:48:37 ----HD---- C:\WINDOWS\$hf_mig$
2010-09-15 22:42:15 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-07-31 82380]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-09-22 5632]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 Crypto;Crypto; C:\WINDOWS\system32\drivers\Crypto.sys [2004-07-30 521786]
R2 IPSECDRV;SafeNet IPSec Plugin; \??\C:\WINDOWS\system32\Drivers\IPSECDRV.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-15 34064]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 AVerBDA6x;AVerBDA6x service; C:\WINDOWS\system32\DRIVERS\AVerBDA716x.sys [2008-03-13 932864]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2008-07-08 539072]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-07-08 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-07-08 876384]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2003-09-05 139604]
R3 DniVap;SafeNet WAN Miniport (VA); C:\WINDOWS\system32\DRIVERS\vap.sys [2001-12-14 36188]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-03-01 988032]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-03-01 210688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-09-10 4608000]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2008-07-08 2203520]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-07-08 6349696]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-03-01 731136]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-08 149123]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-07-08 55352]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-07-08 37280]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-07-08 67960]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-04-07 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-04-07 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-04-07 21456]
S3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-28 101120]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2008-04-08 348160]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-04-08 393216]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-04-01 273256]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
R2 IPSECMON;SafeNet Monitor Service; C:\Program Files\ZyXEL\ZyWALL VPN Client\IPSecMon.exe [2004-08-11 57398]
R2 IREIKE;SafeNet IKE Service; C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe [2004-08-11 319538]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-07-08 163908]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; D:\program files\Spyware Terminator\sp_rsser.exe [2010-10-10 488960]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 gupdate1ca5978ae08787e;Služba Google Update (gupdate1ca5978ae08787e); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-30 133104]
S2 XAudioService;XAudioService; C:\WINDOWS\system32\DRIVERS\xaudio.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-02-13 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-28 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-04-07 65795]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by veronika pupáková at 2010-10-12 19:47:52
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 48 GB (68%) free of 71 GB
Total RAM: 2046 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:48:01, on 12.10.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\ZyXEL\ZyWALL VPN Client\IPSecMon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\program files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\NetSoftware\NetSoftware.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\DOCUME~1\VERONI~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Program Files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\veronika pupáková\Local Settings\Temporary Internet Files\Content.IE5\CBO5ZFVN\RSIT[1].exe
C:\Program Files\trend micro\veronika pupáková.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [NetSoftware] "C:\Program Files\NetSoftware\Starter.exe" /path="C:\Program Files\NetSoftware"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "D:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O4 - Global Startup: ZyWALL VPN Client (2).lnk = C:\Program Files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se5483.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6238709078
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab2.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/4 ... oader4.cab
O16 - DPF: {CEEFE929-741C-4323-B7FE-C17CA6DA3A01} (WebCamX Control) - http://88.146.134.61:5550/WebCamX.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.popcap.com/webgames/popcaploader_v10.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E856DFC-29E7-4896-8D1B-1A93BDDFA514}: NameServer = 192.168.8.151
O17 - HKLM\System\CCS\Services\Tcpip\..\{26F722D9-46BA-452F-BCD3-1B3DB143DD6F}: NameServer = 192.168.2.151,192.168.2.155
O18 - Protocol: skyline - {3A4F9195-65A8-11D5-85C1-0001023952C1} - C:\Program Files\Skyline\TerraExplorer\TerraExplorerX.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1ca5978ae08787e) (gupdate1ca5978ae08787e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: SafeNet Monitor Service (IPSECMON) - SafeNet - C:\Program Files\ZyXEL\ZyWALL VPN Client\IPSecMon.exe
O23 - Service: SafeNet IKE Service (IREIKE) - SafeNet - C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\program files\Spyware Terminator\sp_rsser.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
O23 - Service: XAudioService - Unknown owner - C:\WINDOWS\system32\DRIVERS\xaudio.exe (file missing)
--
End of file - 15106 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-09-20 1241552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-05-28 814648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-08-04 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-03-18 1361208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-03-18 1361208]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-14 278192]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-09-20 1241552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-09-10 16384512]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2006-09-10 69632]
"AzMixerSel"=C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe [2006-09-10 53248]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-07-08 8433664]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-07-08 81920]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"IJNetworkScanUtility"=C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [2007-05-21 124512]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"DrvIcon"=C:\Program Files\Vista Drive Icon\DrvIcon.exe []
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-02-13 30192]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2010-04-19 106496]
"NetSoftware"=C:\Program Files\NetSoftware\Starter.exe [2010-07-11 139264]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"ISUSPM"=C:\Documents and Settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-07-12 226904]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
"SpywareTerminatorUpdate"=D:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-10-10 3037696]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
ZyWALL VPN Client (2).lnk - C:\Program Files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableProfileQuota"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\hry\TrackMania Nations ESWC\TmNationsESWC.exe"="D:\hry\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"D:\hry\TmNationsForever\TmForever.exe"="D:\hry\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"D:\hry\age of mythology\aom.exe"="D:\hry\age of mythology\aom.exe:*:Enabled:Age of Mythology"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe:*:Enabled:IreIke"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\ViewLog.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\CmonApp.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\vpn.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe:*:Enabled:IreIke"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\ViewLog.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\CmonApp.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp"
"C:\Program Files\ZyXEL\ZyWALL VPN Client\vpn.exe"="C:\Program Files\ZyXEL\ZyWALL VPN Client\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager"
======List of files/folders created in the last 1 months======
2010-10-12 19:47:52 ----D---- C:\rsit
2010-10-12 19:47:52 ----D---- C:\Program Files\trend micro
2010-10-12 18:19:11 ----D---- C:\WINDOWS\system32\VIRepair
2010-10-12 18:18:45 ----A---- C:\WINDOWS\system32\pskill.exe
2010-10-10 20:50:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Playrix Entertainment
2010-10-10 20:50:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
2010-10-10 20:49:48 ----D---- C:\Program Files\Hry.cz
2010-10-10 07:13:58 ----D---- C:\Program Files\Crawler
2010-10-10 07:13:55 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2010-10-10 07:13:53 ----D---- C:\Documents and Settings\veronika pupáková\Data aplikací\Spyware Terminator
2010-10-10 07:13:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-09-30 14:57:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2010-09-26 13:57:46 ----D---- C:\Program Files\PC Tools Security
2010-09-26 13:54:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Tools
2010-09-26 13:51:34 ----D---- C:\Documents and Settings\veronika pupáková\Data aplikací\TrojanHunter
2010-09-26 13:04:43 ----R---- C:\WINDOWS\system32\streamhlp.dll
2010-09-26 13:04:43 ----D---- C:\Program Files\TrojanHunter 5.3
2010-09-24 20:30:33 ----A---- C:\WINDOWS\system32\javaws.exe
2010-09-24 20:30:33 ----A---- C:\WINDOWS\system32\javaw.exe
2010-09-24 20:30:33 ----A---- C:\WINDOWS\system32\java.exe
2010-09-15 22:48:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-09-15 22:48:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-09-15 22:48:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-09-15 22:48:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-09-15 22:48:16 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$
2010-09-15 22:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-09-15 22:37:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2010-09-14 17:58:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alawar Stargaze
======List of files/folders modified in the last 1 months======
2010-10-12 19:48:01 ----D---- C:\WINDOWS\Prefetch
2010-10-12 19:47:52 ----RD---- C:\Program Files
2010-10-12 19:47:10 ----D---- C:\Documents and Settings\veronika pupáková\Data aplikací\Skype
2010-10-12 18:24:32 ----D---- C:\WINDOWS\Temp
2010-10-12 18:21:50 ----D---- C:\Program Files\NetSoftware
2010-10-12 18:21:03 ----D---- C:\WINDOWS\system32\VITrans
2010-10-12 18:21:03 ----D---- C:\WINDOWS\system32\Restore
2010-10-12 18:21:03 ----D---- C:\WINDOWS\system32
2010-10-12 18:21:03 ----D---- C:\Program Files\Windows Media Player
2010-10-12 18:21:03 ----AD---- C:\WINDOWS
2010-10-12 18:21:02 ----D---- C:\Program Files\Outlook Express
2010-10-12 18:21:02 ----D---- C:\Program Files\Internet Explorer
2010-10-12 18:19:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-10-12 18:18:55 ----D---- C:\Program Files\TrueTransparency
2010-10-12 18:18:52 ----D---- C:\WINDOWS\system32\CatRoot2
2010-10-12 18:18:52 ----D---- C:\WINDOWS\Cursors
2010-10-12 18:18:51 ----D---- C:\WINDOWS\Media
2010-10-12 16:08:32 ----D---- C:\Documents and Settings\veronika pupáková\Data aplikací\skypePM
2010-10-11 21:50:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-10-10 22:41:35 ----D---- C:\Documents and Settings\veronika pupáková\Data aplikací\ICQ
2010-10-10 07:13:55 ----D---- C:\WINDOWS\system32\drivers
2010-10-02 11:25:10 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-02 11:25:08 ----RSD---- C:\WINDOWS\assembly
2010-10-02 06:59:13 ----SHD---- C:\WINDOWS\Installer
2010-10-02 06:59:13 ----SHD---- C:\Config.Msi
2010-10-02 06:58:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-02 06:58:07 ----D---- C:\WINDOWS\WinSxS
2010-10-01 19:27:02 ----A---- C:\WINDOWS\AVerText.ini
2010-09-30 18:55:12 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-30 14:57:54 ----HD---- C:\WINDOWS\inf
2010-09-30 14:57:48 ----D---- C:\WINDOWS\system32\CatRoot
2010-09-28 15:24:40 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-09-26 18:34:05 ----SHD---- C:\System Volume Information
2010-09-26 18:34:05 ----D---- C:\Program Files\Common Files
2010-09-26 14:24:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\NetSoftware
2010-09-26 13:57:54 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-09-24 20:30:56 ----D---- C:\Program Files\Common Files\Java
2010-09-24 20:30:32 ----D---- C:\Program Files\Java
2010-09-23 14:24:37 ----D---- C:\Program Files\Google
2010-09-15 22:53:05 ----A---- C:\WINDOWS\win.ini
2010-09-15 22:48:40 ----A---- C:\WINDOWS\imsins.BAK
2010-09-15 22:48:37 ----HD---- C:\WINDOWS\$hf_mig$
2010-09-15 22:42:15 ----A---- C:\WINDOWS\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2008-07-31 82380]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-09-22 5632]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 Crypto;Crypto; C:\WINDOWS\system32\drivers\Crypto.sys [2004-07-30 521786]
R2 IPSECDRV;SafeNet IPSec Plugin; \??\C:\WINDOWS\system32\Drivers\IPSECDRV.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-15 34064]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 AVerBDA6x;AVerBDA6x service; C:\WINDOWS\system32\DRIVERS\AVerBDA716x.sys [2008-03-13 932864]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2008-07-08 539072]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-07-08 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-07-08 876384]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2003-09-05 139604]
R3 DniVap;SafeNet WAN Miniport (VA); C:\WINDOWS\system32\DRIVERS\vap.sys [2001-12-14 36188]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-03-01 988032]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-03-01 210688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-09-10 4608000]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2008-07-08 2203520]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-07-08 6349696]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-03-02 5888]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-03-01 731136]
S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-08 149123]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-07-08 55352]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2008-07-08 37280]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-07-08 67960]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-04-07 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-04-07 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-04-07 21456]
S3 HSXHWAZL;HSXHWAZL; C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-28 101120]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-14 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2008-04-08 348160]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-04-08 393216]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-04-01 273256]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
R2 IPSECMON;SafeNet Monitor Service; C:\Program Files\ZyXEL\ZyWALL VPN Client\IPSecMon.exe [2004-08-11 57398]
R2 IREIKE;SafeNet IKE Service; C:\Program Files\ZyXEL\ZyWALL VPN Client\IreIKE.exe [2004-08-11 319538]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-07-08 163908]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; D:\program files\Spyware Terminator\sp_rsser.exe [2010-10-10 488960]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 gupdate1ca5978ae08787e;Služba Google Update (gupdate1ca5978ae08787e); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-30 133104]
S2 XAudioService;XAudioService; C:\WINDOWS\system32\DRIVERS\xaudio.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-02-13 30192]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-28 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-04-07 65795]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: nejdou mi odstranit trojské koně a jiná havěť
začneme zlehka
Klikni na https://www.virustotal.com/cs/
klik "Procházet" > do zadávacího pole zkopíruj:
C:\Program Files\NetSoftware\Starter.exe
"Odeslat soubor" (pokud byl již testován, nech testovat znovu - Reanalyse)
Trpělivě vyčkej dokončení scanu dokud se neobjeví konečný výsledek např.0/41
Do fóra zkopíruj výsledný log. nebo link na stránku.
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: nejdou mi odstranit trojské koně a jiná havěť
stačí to tak ?
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: Starter.exe
Submission date: 2010-10-12 18:05:17 (UTC)
Current status: queued queued analysing finished
Result: 0/ 42 (0.0%)
VT Community
not reviewed
Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2010.10.12.02 2010.10.12 -
AntiVir 7.10.12.193 2010.10.12 -
Antiy-AVL 2.0.3.7 2010.10.12 -
Authentium 5.2.0.5 2010.10.12 -
Avast 4.8.1351.0 2010.10.12 -
Avast5 5.0.594.0 2010.10.12 -
AVG 9.0.0.851 2010.10.12 -
BitDefender 7.2 2010.10.12 -
CAT-QuickHeal 11.00 2010.10.12 -
ClamAV 0.96.2.0-git 2010.10.12 -
Comodo 6366 2010.10.12 -
DrWeb 5.0.2.03300 2010.10.12 -
eSafe 7.0.17.0 2010.10.12 -
eTrust-Vet 36.1.7906 2010.10.12 -
F-Prot 4.6.2.117 2010.10.11 -
F-Secure 9.0.15370.0 2010.10.12 -
Fortinet 4.2.249.0 2010.10.12 -
GData 21 2010.10.12 -
Ikarus T3.1.1.90.0 2010.10.12 -
Jiangmin 13.0.900 2010.10.12 -
K7AntiVirus 9.65.2733 2010.10.12 -
Kaspersky 7.0.0.125 2010.10.12 -
McAfee 5.400.0.1158 2010.10.12 -
McAfee-GW-Edition 2010.1C 2010.10.12 -
Microsoft 1.6201 2010.10.12 -
NOD32 5525 2010.10.12 -
Norman 6.06.07 2010.10.12 -
nProtect 2010-10-12.01 2010.10.12 -
Panda 10.0.2.7 2010.10.12 -
PCTools 7.0.3.5 2010.10.12 -
Prevx 3.0 2010.10.12 -
Rising 22.69.01.04 2010.10.12 -
Sophos 4.58.0 2010.10.12 -
Sunbelt 7044 2010.10.12 -
SUPERAntiSpyware 4.40.0.1006 2010.10.12 -
Symantec 20101.2.0.161 2010.10.12 -
TheHacker 6.7.0.1.055 2010.10.12 -
TrendMicro 9.120.0.1004 2010.10.12 -
TrendMicro-HouseCall 9.120.0.1004 2010.10.12 -
VBA32 3.12.14.1 2010.10.12 -
ViRobot 2010.9.25.4060 2010.10.12 -
VirusBuster 12.67.14.0 2010.10.12 -
Additional informationShow all
MD5 : 8bf33aca054db9729878fa830484b6e0
SHA1 : 54e075f2cd420013b332bf7d1b81eb1b4173e505
SHA256: 7dc68b01b8a7ea755483539bc25a32587a037bdc62695f6332f15d32b441eb6b
ssdeep: 1536:Lunc5EA/kItprtwtztCwAyqqYyuDy7d/tZKPk2L/O623F8IIMnz63tPWRj:LuYkSPaBCwA
yAqqL/ZMnzMteRj
File size : 139264 bytes
First seen: 2010-03-12 14:21:59
Last seen : 2010-10-12 18:05:17
TrID:
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: Gemius SA
copyright....: Copyright (C) 2010 Gemius SA
product......: Internet Panel
description..: Internet Panel Service Launcher
original name: Starter.exe
internal name: n/a
file version.: 1, 57, 0, 1
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information
[[ basic data ]]
entrypointaddress: 0x9022
timedatestamp....: 0x4B8F833B (Thu Mar 04 09:54:03 2010)
machinetype......: 0x14c (I386)
[[ 4 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x171C4, 0x18000, 6.59, cf1dbc7806db9b3b6d9d0a5a4b4413c2
.rdata, 0x19000, 0x46CC, 0x5000, 5.14, 6c37104b0fcae378dba0fb050e5c4f69
.data, 0x1E000, 0x45A8, 0x3000, 2.72, 3e991ef55aee0c6af37c654f7df11b0e
.rsrc, 0x23000, 0x42C, 0x1000, 3.83, fcea674c3771d8eeba881127cac7f403
[[ 3 import(s) ]]
KERNEL32.dll: CloseHandle, TerminateProcess, OpenProcess, GetVersionExA, FreeLibrary, LoadLibraryA, GetModuleHandleA, GetProcAddress, GetLastError, WideCharToMultiByte, InterlockedIncrement, InterlockedDecrement, InterlockedExchange, MultiByteToWideChar, InitializeCriticalSection, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, RaiseException, RtlUnwind, MoveFileA, GetCommandLineA, HeapFree, HeapAlloc, GetProcessHeap, GetStartupInfoA, GetSystemTimeAsFileTime, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, LCMapStringA, LCMapStringW, GetCPInfo, WriteFile, Sleep, GetConsoleMode, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetCurrentThreadId, ExitProcess, GetStdHandle, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetACP, GetOEMCP, IsValidCodePage, VirtualAlloc, HeapReAlloc, ReadFile, FlushFileBuffers, SetFilePointer, GetLocaleInfoA, GetStringTypeA, GetStringTypeW, HeapSize, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, CreateFileA, SetEndOfFile, SetCurrentDirectoryA, FindFirstFileA, FindClose, GetConsoleCP, DeleteFileA
SHELL32.dll: ShellExecuteA
ADVAPI32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 98304
CompanyName: Gemius SA
EntryPoint: 0x9022
FileDescription: Internet Panel Service Launcher
FileFlagsMask: 0x0017
FileOS: Win32
FileSize: 136 kB
FileSubtype: 0
FileType: Win32 EXE
FileVersion: 1, 57, 0, 1
FileVersionNumber: 1.57.0.1
ImageVersion: 0.0
InitializedDataSize: 36864
LanguageCode: English (U.S.)
LegalCopyright: Copyright (C) 2010 Gemius SA
LinkerVersion: 8.0
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 4.0
ObjectFileType: Executable application
OriginalFilename: Starter.exe
PEType: PE32
ProductName: Internet Panel
ProductVersion: 1, 57, 0, 1
ProductVersionNumber: 1.57.0.1
Subsystem: Windows GUI
SubsystemVersion: 4.0
TimeStamp: 2010:03:04 10:54:03+01:00
UninitializedDataSize: 0
VT Community
0
This file has never been reviewed by any VT Community member. Be the first one to comment on it!
VirusTotal Team
Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
You can add basic styles to your comments using the following accepted bbcode tags:
text -- bold
text -- italics
text -- underline
[s]text[/s] -- strikethrough -- preformatted text
You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.
Goodware Malware Spam attachment/link
P2P download Propagating via IM Network worm
Drive-by-download
Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.
Preview commentEdit comment Post comment Posting comment...
Comment successfully posted
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: Starter.exe
Submission date: 2010-10-12 18:05:17 (UTC)
Current status: queued queued analysing finished
Result: 0/ 42 (0.0%)
VT Community
not reviewed
Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2010.10.12.02 2010.10.12 -
AntiVir 7.10.12.193 2010.10.12 -
Antiy-AVL 2.0.3.7 2010.10.12 -
Authentium 5.2.0.5 2010.10.12 -
Avast 4.8.1351.0 2010.10.12 -
Avast5 5.0.594.0 2010.10.12 -
AVG 9.0.0.851 2010.10.12 -
BitDefender 7.2 2010.10.12 -
CAT-QuickHeal 11.00 2010.10.12 -
ClamAV 0.96.2.0-git 2010.10.12 -
Comodo 6366 2010.10.12 -
DrWeb 5.0.2.03300 2010.10.12 -
eSafe 7.0.17.0 2010.10.12 -
eTrust-Vet 36.1.7906 2010.10.12 -
F-Prot 4.6.2.117 2010.10.11 -
F-Secure 9.0.15370.0 2010.10.12 -
Fortinet 4.2.249.0 2010.10.12 -
GData 21 2010.10.12 -
Ikarus T3.1.1.90.0 2010.10.12 -
Jiangmin 13.0.900 2010.10.12 -
K7AntiVirus 9.65.2733 2010.10.12 -
Kaspersky 7.0.0.125 2010.10.12 -
McAfee 5.400.0.1158 2010.10.12 -
McAfee-GW-Edition 2010.1C 2010.10.12 -
Microsoft 1.6201 2010.10.12 -
NOD32 5525 2010.10.12 -
Norman 6.06.07 2010.10.12 -
nProtect 2010-10-12.01 2010.10.12 -
Panda 10.0.2.7 2010.10.12 -
PCTools 7.0.3.5 2010.10.12 -
Prevx 3.0 2010.10.12 -
Rising 22.69.01.04 2010.10.12 -
Sophos 4.58.0 2010.10.12 -
Sunbelt 7044 2010.10.12 -
SUPERAntiSpyware 4.40.0.1006 2010.10.12 -
Symantec 20101.2.0.161 2010.10.12 -
TheHacker 6.7.0.1.055 2010.10.12 -
TrendMicro 9.120.0.1004 2010.10.12 -
TrendMicro-HouseCall 9.120.0.1004 2010.10.12 -
VBA32 3.12.14.1 2010.10.12 -
ViRobot 2010.9.25.4060 2010.10.12 -
VirusBuster 12.67.14.0 2010.10.12 -
Additional informationShow all
MD5 : 8bf33aca054db9729878fa830484b6e0
SHA1 : 54e075f2cd420013b332bf7d1b81eb1b4173e505
SHA256: 7dc68b01b8a7ea755483539bc25a32587a037bdc62695f6332f15d32b441eb6b
ssdeep: 1536:Lunc5EA/kItprtwtztCwAyqqYyuDy7d/tZKPk2L/O623F8IIMnz63tPWRj:LuYkSPaBCwA
yAqqL/ZMnzMteRj
File size : 139264 bytes
First seen: 2010-03-12 14:21:59
Last seen : 2010-10-12 18:05:17
TrID:
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: Gemius SA
copyright....: Copyright (C) 2010 Gemius SA
product......: Internet Panel
description..: Internet Panel Service Launcher
original name: Starter.exe
internal name: n/a
file version.: 1, 57, 0, 1
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information
[[ basic data ]]
entrypointaddress: 0x9022
timedatestamp....: 0x4B8F833B (Thu Mar 04 09:54:03 2010)
machinetype......: 0x14c (I386)
[[ 4 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x171C4, 0x18000, 6.59, cf1dbc7806db9b3b6d9d0a5a4b4413c2
.rdata, 0x19000, 0x46CC, 0x5000, 5.14, 6c37104b0fcae378dba0fb050e5c4f69
.data, 0x1E000, 0x45A8, 0x3000, 2.72, 3e991ef55aee0c6af37c654f7df11b0e
.rsrc, 0x23000, 0x42C, 0x1000, 3.83, fcea674c3771d8eeba881127cac7f403
[[ 3 import(s) ]]
KERNEL32.dll: CloseHandle, TerminateProcess, OpenProcess, GetVersionExA, FreeLibrary, LoadLibraryA, GetModuleHandleA, GetProcAddress, GetLastError, WideCharToMultiByte, InterlockedIncrement, InterlockedDecrement, InterlockedExchange, MultiByteToWideChar, InitializeCriticalSection, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, RaiseException, RtlUnwind, MoveFileA, GetCommandLineA, HeapFree, HeapAlloc, GetProcessHeap, GetStartupInfoA, GetSystemTimeAsFileTime, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, LCMapStringA, LCMapStringW, GetCPInfo, WriteFile, Sleep, GetConsoleMode, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetCurrentThreadId, ExitProcess, GetStdHandle, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, HeapDestroy, HeapCreate, VirtualFree, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetACP, GetOEMCP, IsValidCodePage, VirtualAlloc, HeapReAlloc, ReadFile, FlushFileBuffers, SetFilePointer, GetLocaleInfoA, GetStringTypeA, GetStringTypeW, HeapSize, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, CreateFileA, SetEndOfFile, SetCurrentDirectoryA, FindFirstFileA, FindClose, GetConsoleCP, DeleteFileA
SHELL32.dll: ShellExecuteA
ADVAPI32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 98304
CompanyName: Gemius SA
EntryPoint: 0x9022
FileDescription: Internet Panel Service Launcher
FileFlagsMask: 0x0017
FileOS: Win32
FileSize: 136 kB
FileSubtype: 0
FileType: Win32 EXE
FileVersion: 1, 57, 0, 1
FileVersionNumber: 1.57.0.1
ImageVersion: 0.0
InitializedDataSize: 36864
LanguageCode: English (U.S.)
LegalCopyright: Copyright (C) 2010 Gemius SA
LinkerVersion: 8.0
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 4.0
ObjectFileType: Executable application
OriginalFilename: Starter.exe
PEType: PE32
ProductName: Internet Panel
ProductVersion: 1, 57, 0, 1
ProductVersionNumber: 1.57.0.1
Subsystem: Windows GUI
SubsystemVersion: 4.0
TimeStamp: 2010:03:04 10:54:03+01:00
UninitializedDataSize: 0
VT Community
0
This file has never been reviewed by any VT Community member. Be the first one to comment on it!
VirusTotal Team
Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
You can add basic styles to your comments using the following accepted bbcode tags:
text -- bold
text -- italics
text -- underline
[s]text[/s] -- strikethrough
Kód: Vybrat vše
textYou can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.
Goodware Malware Spam attachment/link
P2P download Propagating via IM Network worm
Drive-by-download
Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.
Preview commentEdit comment Post comment Posting comment...
Comment successfully posted
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: nejdou mi odstranit trojské koně a jiná havěť
Tak ten je OK.
Jinak promiň, mohu se ti věnovat až ráno - nehlášené povinnosti
Prožeň tam zatím MBAM
Jinak promiň, mohu se ti věnovat až ráno - nehlášené povinnosti
Prožeň tam zatím MBAM
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: nejdou mi odstranit trojské koně a jiná havěť
já tu budu až v 15:00 tak se potom ozvu. jinak jsem na pc spustil avast a trojské koně jsou tam pořád. přidám výpis. zatím díky a čau
Re: nejdou mi odstranit trojské koně a jiná havěť
tak tady je log z noťasu
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4805
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12.10.2010 20:59:52
mbam-log-2010-10-12 (20-59-52).txt
Typ skenu: Rychlý sken
Skenované objekty: 169091
Uplynulý čas: 10 minuta(y), 41 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 6
Infikované hodnoty registru: 2
Infikované datové položky registru: 0
Infikované složky: 2
Infikované soubory: 5
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> No action taken.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rlist (Malware.Trace) -> No action taken.
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
C:\Documents and Settings\All Users\Data aplikací\89430630 (Rogue.Multiple) -> No action taken.
C:\WINDOWS\system32\lowsec (Stolen.data) -> No action taken.
Infikované soubory:
C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> No action taken.
C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> No action taken.
C:\WINDOWS\system32\lowsec\user.ds.lll (Stolen.data) -> No action taken.
C:\Documents and Settings\veronika pupáková\Data aplikací\wiaservg.log (Malware.Trace) -> No action taken.
C:\Documents and Settings\veronika pupáková\Nabídka Start\Programy\Security Tool.LNK (Rogue.SecurityTool) -> No action taken.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4805
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12.10.2010 20:59:52
mbam-log-2010-10-12 (20-59-52).txt
Typ skenu: Rychlý sken
Skenované objekty: 169091
Uplynulý čas: 10 minuta(y), 41 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 6
Infikované hodnoty registru: 2
Infikované datové položky registru: 0
Infikované složky: 2
Infikované soubory: 5
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> No action taken.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\uid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rlist (Malware.Trace) -> No action taken.
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
C:\Documents and Settings\All Users\Data aplikací\89430630 (Rogue.Multiple) -> No action taken.
C:\WINDOWS\system32\lowsec (Stolen.data) -> No action taken.
Infikované soubory:
C:\WINDOWS\system32\lowsec\local.ds (Stolen.data) -> No action taken.
C:\WINDOWS\system32\lowsec\user.ds (Stolen.data) -> No action taken.
C:\WINDOWS\system32\lowsec\user.ds.lll (Stolen.data) -> No action taken.
C:\Documents and Settings\veronika pupáková\Data aplikací\wiaservg.log (Malware.Trace) -> No action taken.
C:\Documents and Settings\veronika pupáková\Nabídka Start\Programy\Security Tool.LNK (Rogue.SecurityTool) -> No action taken.
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: nejdou mi odstranit trojské koně a jiná havěť
NTB
1 - nález MBAM nech "Odstranit vše"
2 -
PC
Avast - výpis (nebo screen) Virové truhly
1 - nález MBAM nech "Odstranit vše"
2 -
3 -
- Start -> Spustit -> napiš "notepad" -> OK
Zkopíruj a vlož zelený textSoubor ulož jako oprava.regKód: Vybrat vše
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "UserInit"="C:\WINDOWS\system32\userinit.exe,"
Při ukládání dej uložit jako typ Všechny soubory (nastavení je uvedeno na obrázku níže)
Zavři notepad a spusť dvojklikem oprava.reg
Dotaz na změnu registru potvrdit
Okno jen problikne a opraví registry - soubor můžeš smazat
Stáhni si
a ulož ho na plochu.
Ukonči všechna aktivní okna,vypni Antispy a Antivir a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna a nic nespouštěj
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Kdyby ti po použití ComboFixu systém nenaběhl - při restartu F8 a poslední známá funkční konfigurace
PC
Avast - výpis (nebo screen) Virové truhly
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Re: nejdou mi odstranit trojské koně a jiná havěť
TADY JE LOG Z NTB
ComboFix 10-10-12.03 - veronika pupáková 13.10.2010 16:00:43.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1371 [GMT 2:00]
Spuštěný z: c:\documents and settings\veronika pupáková\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 101013-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
ADS - WINDOWS: deleted 48 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\WinPCap
c:\program files\WinPCap\rpcapd.exe
c:\windows\Downloaded Program Files\popcaploader.inf
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
D:\Autorun.inf
c:\windows\system32\proquota.exe chyběl.
Obnovena kopie z - c:\windows\ServicePackFiles\i386\proquota.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_npf
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-13 do 2010-10-13 )))))))))))))))))))))))))))))))
.
2010-10-13 14:04 . 2008-04-14 06:52 50176 -c--a-w- c:\windows\system32\dllcache\proquota.exe
2010-10-13 14:04 . 2008-04-14 06:52 50176 ----a-w- c:\windows\system32\proquota.exe
2010-10-12 18:47 . 2010-10-12 18:47 -------- d-----w- c:\documents and settings\veronika pupáková\Data aplikací\Malwarebytes
2010-10-12 18:46 . 2010-10-12 18:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-10-12 18:46 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-12 18:46 . 2010-10-12 18:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-12 18:46 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-12 17:47 . 2010-10-12 17:48 -------- d-----w- C:\rsit
2010-10-12 17:47 . 2010-10-12 17:48 -------- d-----w- c:\program files\trend micro
2010-10-12 16:19 . 2010-10-12 16:19 -------- d-----w- c:\windows\system32\VIRepair
2010-10-12 16:18 . 2004-11-27 17:00 94208 ----a-w- c:\windows\system32\pskill.exe
2010-10-10 18:50 . 2010-10-10 18:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Playrix Entertainment
2010-10-10 18:50 . 2010-10-12 17:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AlawarWrapper
2010-10-10 18:49 . 2010-10-10 18:49 -------- d-----w- c:\program files\Hry.cz
2010-10-10 05:13 . 2010-10-10 05:14 -------- d-----w- c:\program files\Crawler
2010-10-10 05:13 . 2010-10-10 05:13 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-10-10 05:13 . 2010-10-10 05:17 -------- d-----w- c:\documents and settings\veronika pupáková\Data aplikací\Spyware Terminator
2010-10-10 05:13 . 2010-10-13 13:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2010-09-26 11:57 . 2010-09-26 16:34 -------- d-----w- c:\program files\PC Tools Security
2010-09-26 11:54 . 2010-09-26 15:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC Tools
2010-09-26 11:51 . 2010-09-26 11:51 -------- d-----w- c:\documents and settings\veronika pupáková\Data aplikací\TrojanHunter
2010-09-26 11:04 . 2010-09-26 15:12 -------- d-----w- c:\program files\TrojanHunter 5.3
2010-09-14 15:58 . 2010-09-14 15:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Alawar Stargaze
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2010-03-18 14:06 1361208 ----a-r- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-03-18 1361208]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-03-18 1361208]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\documents and settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-03-09 26100520]
"SpywareTerminatorUpdate"="d:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-10-10 3037696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-09-10 16384512]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-09-10 53248]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-08 8433664]
"nwiz"="nwiz.exe" [2008-07-08 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-08 81920]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-20 124512]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-02-13 30192]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2010-04-19 106496]
"NetSoftware"="c:\program files\NetSoftware\Starter.exe" [2010-07-11 139264]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2057536]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]
ZyWALL VPN Client (2).lnk - c:\program files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe [2008-7-17 65588]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\ZyXEL\\ZyWALL VPN Client\\IreIKE.exe"=
"c:\program files\ZyXEL\ZyWALL VPN Client\ViewLog.exe"= c:\program files\ZyXEL\ZyWALL VPN Client\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog
"c:\program files\ZyXEL\ZyWALL VPN Client\CmonApp.exe"= c:\program files\ZyXEL\ZyWALL VPN Client\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp
"c:\program files\ZyXEL\ZyWALL VPN Client\vpn.exe"= c:\program files\ZyXEL\ZyWALL VPN Client\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [10.7.2008 21:00 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [10.10.2010 7:13 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10.7.2008 21:00 20560]
R2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [8.9.2008 14:12 348160]
R2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [8.9.2008 14:12 393216]
R2 Crypto;Crypto;c:\windows\system32\drivers\Crypto.sys [17.7.2008 12:50 521786]
R2 IPSECDRV;SafeNet IPSec Plugin;c:\windows\system32\drivers\IpSecDrv.sys [17.7.2008 12:50 119864]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [21.1.2010 16:24 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 AVerBDA6x;AVerBDA6x service;c:\windows\system32\drivers\AVerBDA716x.sys [8.9.2008 14:14 932864]
R3 DniVap;SafeNet WAN Miniport (VA);c:\windows\system32\drivers\vap.sys [17.7.2008 12:48 36188]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 gupdate1ca5978ae08787e;Služba Google Update (gupdate1ca5978ae08787e);c:\program files\Google\Update\GoogleUpdate.exe [30.10.2009 17:50 133104]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [13.2.2010 17:03 30192]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [8.9.2010 18:59 11520]
.
Obsah adresáře 'Naplánované úlohy'
2010-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-30 15:50]
2010-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-30 15:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
mStart Page = hxxp://home.sweetim.com
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
TCP: {1E856DFC-29E7-4896-8D1B-1A93BDDFA514} = 192.168.8.151
TCP: {26F722D9-46BA-452F-BCD3-1B3DB143DD6F} = 192.168.2.151,192.168.2.155
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
DPF: {CEEFE929-741C-4323-B7FE-C17CA6DA3A01} - hxxp://88.146.134.61:5550/WebCamX.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-DrvIcon - c:\program files\Vista Drive Icon\DrvIcon.exe
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(2232)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSCS.DLL
c:\windows\system32\nvwddi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\ZyXEL\ZyWALL VPN Client\IreIKE.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\ZyXEL\ZyWALL VPN Client\IPSecMon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
d:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\rundll32.exe
c:\program files\NetSoftware\NetSoftware.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\docume~1\VERONI~1\LOCALS~1\Temp\RtkBtMnt.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Celkový čas: 2010-10-13 16:13:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-10-13 14:13
Před spuštěním: Volných bajtů: 50 491 764 736
Po spuštění: Volných bajtů: 51 748 917 248
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - 6A265DC631E28CF21FB7FA6428B01504
ComboFix 10-10-12.03 - veronika pupáková 13.10.2010 16:00:43.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1371 [GMT 2:00]
Spuštěný z: c:\documents and settings\veronika pupáková\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 101013-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
ADS - WINDOWS: deleted 48 bytes in 1 streams.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\WinPCap
c:\program files\WinPCap\rpcapd.exe
c:\windows\Downloaded Program Files\popcaploader.inf
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll
D:\Autorun.inf
c:\windows\system32\proquota.exe chyběl.
Obnovena kopie z - c:\windows\ServicePackFiles\i386\proquota.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
-------\Service_npf
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-13 do 2010-10-13 )))))))))))))))))))))))))))))))
.
2010-10-13 14:04 . 2008-04-14 06:52 50176 -c--a-w- c:\windows\system32\dllcache\proquota.exe
2010-10-13 14:04 . 2008-04-14 06:52 50176 ----a-w- c:\windows\system32\proquota.exe
2010-10-12 18:47 . 2010-10-12 18:47 -------- d-----w- c:\documents and settings\veronika pupáková\Data aplikací\Malwarebytes
2010-10-12 18:46 . 2010-10-12 18:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-10-12 18:46 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-12 18:46 . 2010-10-12 18:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-12 18:46 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-12 17:47 . 2010-10-12 17:48 -------- d-----w- C:\rsit
2010-10-12 17:47 . 2010-10-12 17:48 -------- d-----w- c:\program files\trend micro
2010-10-12 16:19 . 2010-10-12 16:19 -------- d-----w- c:\windows\system32\VIRepair
2010-10-12 16:18 . 2004-11-27 17:00 94208 ----a-w- c:\windows\system32\pskill.exe
2010-10-10 18:50 . 2010-10-10 18:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Playrix Entertainment
2010-10-10 18:50 . 2010-10-12 17:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AlawarWrapper
2010-10-10 18:49 . 2010-10-10 18:49 -------- d-----w- c:\program files\Hry.cz
2010-10-10 05:13 . 2010-10-10 05:14 -------- d-----w- c:\program files\Crawler
2010-10-10 05:13 . 2010-10-10 05:13 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-10-10 05:13 . 2010-10-10 05:17 -------- d-----w- c:\documents and settings\veronika pupáková\Data aplikací\Spyware Terminator
2010-10-10 05:13 . 2010-10-13 13:21 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spyware Terminator
2010-09-26 11:57 . 2010-09-26 16:34 -------- d-----w- c:\program files\PC Tools Security
2010-09-26 11:54 . 2010-09-26 15:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC Tools
2010-09-26 11:51 . 2010-09-26 11:51 -------- d-----w- c:\documents and settings\veronika pupáková\Data aplikací\TrojanHunter
2010-09-26 11:04 . 2010-09-26 15:12 -------- d-----w- c:\program files\TrojanHunter 5.3
2010-09-14 15:58 . 2010-09-14 15:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Alawar Stargaze
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2010-03-18 14:06 1361208 ----a-r- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-03-18 1361208]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-03-18 1361208]
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\documents and settings\All Users\Data aplikací\Macrovision\FLEXnet Connect\6\ISUSPM.exe" [2007-07-12 226904]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-03-09 26100520]
"SpywareTerminatorUpdate"="d:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-10-10 3037696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-09-10 16384512]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-09-10 53248]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-08 8433664]
"nwiz"="nwiz.exe" [2008-07-08 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-08 81920]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-20 124512]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-02-13 30192]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2010-04-19 106496]
"NetSoftware"="c:\program files\NetSoftware\Starter.exe" [2010-07-11 139264]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2057536]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]
ZyWALL VPN Client (2).lnk - c:\program files\ZyXEL\ZyWALL VPN Client\SafeCfg.exe [2008-7-17 65588]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\ZyXEL\\ZyWALL VPN Client\\IreIKE.exe"=
"c:\program files\ZyXEL\ZyWALL VPN Client\ViewLog.exe"= c:\program files\ZyXEL\ZyWALL VPN Client\ViewLog.exe:127.0.0.1/255.255.255.255:Enabled:ViewLog
"c:\program files\ZyXEL\ZyWALL VPN Client\CmonApp.exe"= c:\program files\ZyXEL\ZyWALL VPN Client\CmonApp.exe:127.0.0.1/255.255.255.255:Enabled:CMonApp
"c:\program files\ZyXEL\ZyWALL VPN Client\vpn.exe"= c:\program files\ZyXEL\ZyWALL VPN Client\vpn.exe:127.0.0.1/255.255.255.255:Enabled:VPN Connection Manager
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [10.7.2008 21:00 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [10.10.2010 7:13 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [10.7.2008 21:00 20560]
R2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [8.9.2008 14:12 348160]
R2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [8.9.2008 14:12 393216]
R2 Crypto;Crypto;c:\windows\system32\drivers\Crypto.sys [17.7.2008 12:50 521786]
R2 IPSECDRV;SafeNet IPSec Plugin;c:\windows\system32\drivers\IpSecDrv.sys [17.7.2008 12:50 119864]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [21.1.2010 16:24 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]
R3 AVerBDA6x;AVerBDA6x service;c:\windows\system32\drivers\AVerBDA716x.sys [8.9.2008 14:14 932864]
R3 DniVap;SafeNet WAN Miniport (VA);c:\windows\system32\drivers\vap.sys [17.7.2008 12:48 36188]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 gupdate1ca5978ae08787e;Služba Google Update (gupdate1ca5978ae08787e);c:\program files\Google\Update\GoogleUpdate.exe [30.10.2009 17:50 133104]
S3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [13.2.2010 17:03 30192]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [8.9.2010 18:59 11520]
.
Obsah adresáře 'Naplánované úlohy'
2010-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-30 15:50]
2010-10-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-30 15:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
mStart Page = hxxp://home.sweetim.com
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
TCP: {1E856DFC-29E7-4896-8D1B-1A93BDDFA514} = 192.168.8.151
TCP: {26F722D9-46BA-452F-BCD3-1B3DB143DD6F} = 192.168.2.151,192.168.2.155
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
DPF: {CEEFE929-741C-4323-B7FE-C17CA6DA3A01} - hxxp://88.146.134.61:5550/WebCamX.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-DrvIcon - c:\program files\Vista Drive Icon\DrvIcon.exe
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,79,00,73,00,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(2232)
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSCS.DLL
c:\windows\system32\nvwddi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\ZyXEL\ZyWALL VPN Client\IreIKE.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\ZyXEL\ZyWALL VPN Client\IPSecMon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
d:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\rundll32.exe
c:\program files\NetSoftware\NetSoftware.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\docume~1\VERONI~1\LOCALS~1\Temp\RtkBtMnt.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
.
**************************************************************************
.
Celkový čas: 2010-10-13 16:13:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-10-13 14:13
Před spuštěním: Volných bajtů: 50 491 764 736
Po spuštění: Volných bajtů: 51 748 917 248
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - 6A265DC631E28CF21FB7FA6428B01504
-
cernohous13
- VIP in memoriam
- Příspěvky: 8721
- Registrován: 09 pro 2006 06:19
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: nejdou mi odstranit trojské koně a jiná havěť
NTB
ComboFix nám udělal dost slušnou práci.
Pro moje vzdělání - nač se používá c:\program files\NetSoftware\Starter.exe ?
nevygooglil jsem žádnou relevantní informaci
doporučil bych odinstalaci (REVO) těchto programů:
c:\program files\PC Tools Security
c:\program files\TrojanHunter 5.3
pro možný konflikt s Avastem
jsou ještě nějaké problémy?
PC
jak je to s nálezy Avastu?
ComboFix nám udělal dost slušnou práci. Pro moje vzdělání - nač se používá c:\program files\NetSoftware\Starter.exe ?nevygooglil jsem žádnou relevantní informaci
doporučil bych odinstalaci (REVO) těchto programů:c:\program files\PC Tools Security
c:\program files\TrojanHunter 5.3
pro možný konflikt s Avastem
jsou ještě nějaké problémy?PC
jak je to s nálezy Avastu?
Doporučení:
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
V průběhu léčení prováděj nové instalace a odinstalace jen na můj pokyn.
Důkladně prostuduj a proveď celou operaci podle mé odpovědi.
V případě nejasností se zeptej - vysvětlím
-------------------------------------------------------------------------------------------------
> Podpora fóra <
Přispějete na provoz fóra?