Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 23 pro 2009 23:47
Drivery jsem již nainstaloval. Má spustit "RSIT" a dát sem log? Snad už je to čisté ale chtěl bych mít jistotu.
VIRY.CZ
Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/
zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Stránka 2 z 4
Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 23 pro 2009 23:47
Poprosím o nový log ze Rsitu a napište, jak to vypadá s počítačem
Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 23 pro 2009 23:55
Já jsem debil ... možná je to tím že mám hrečku, ale uklikl jsem se a spustil jsem opět combofix... to asi nejde zastavit že? Radši na to nebudu chytat, nestane se nic tím že jsem ho spustil znova?
Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 23 pro 2009 23:57
radši ho nezastavujte.
No uvidíme, jestli opět smaže drivery
, pak Vás poprosím o log z něj 
No uvidíme, jestli opět smaže drivery
, pak Vás poprosím o log z něj Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 23 pro 2009 23:58
Moc se omlouvám ... blbej den 
Dám sem log z něj. Vydržíte tu prosím ještě?
Dám sem log z něj. Vydržíte tu prosím ještě?Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 24 pro 2009 00:04
Drivery zůstaly. Mám udělat log i z rsit?
Zde je log z combofix:
ComboFix 09-12-22.09 - Petr 23.12.2009 23:53:04.3.1 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.509 [GMT 1:00]
Spuštěný z: c:\documents and settings\Petr\Plocha\ComboFix.exe
AV: Eset NOD32 Antivirus 2.50 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-23 do 2009-12-23 )))))))))))))))))))))))))))))))
.
2009-12-23 22:42 . 2003-03-07 17:49 30208 ----a-w- c:\windows\system32\drivers\wbms.sys
2009-12-23 22:42 . 2002-12-19 18:42 25600 ----a-w- c:\windows\system32\drivers\wbsd.sys
2009-12-23 22:31 . 2003-07-14 15:33 111168 ----a-w- c:\windows\system32\drivers\cwawdm.sys
2009-12-23 22:29 . 2009-12-23 22:29 142 ----a-w- c:\windows\system32\fjhdyfhsn.bat
2009-12-23 22:17 . 2003-02-14 09:59 88107 ----a-w- c:\windows\AGRSMMSG.exe
2009-12-23 22:17 . 2003-02-13 12:13 59392 ----a-w- c:\windows\agrsmdel.exe
2009-12-23 22:17 . 2003-02-14 09:59 1169792 ----a-w- c:\windows\system32\drivers\AGRSM.sys
2009-12-23 22:16 . 2001-10-24 10:44 35840 ----a-w- c:\windows\system32\drivers\isapnp.sys
2009-12-23 22:16 . 2004-08-03 21:59 25088 ----a-w- c:\windows\system32\drivers\pciidex.sys
2009-12-23 22:16 . 2004-08-03 21:59 95360 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-12-23 22:16 . 2001-10-24 10:52 3328 ----a-w- c:\windows\system32\drivers\pciide.sys
2009-12-23 22:15 . 2004-08-03 22:08 57600 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-12-23 22:15 . 2004-08-03 22:08 142976 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-12-23 22:15 . 2004-08-03 22:08 20480 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2009-12-23 22:15 . 2004-08-17 14:49 75264 ----a-w- c:\windows\system32\usbui.dll
2009-12-23 22:15 . 2004-08-17 14:43 68736 ----a-w- c:\windows\system32\drivers\pci.sys
2009-12-23 22:15 . 2009-12-23 22:15 -------- d-----w- C:\fsc.tmp
2009-12-23 20:08 . 2009-12-23 20:08 -------- d-----w- C:\rsit
2009-12-17 10:00 . 2009-12-17 10:00 -------- d-----w- c:\documents and settings\Petr\geokuk
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-19 14:27 . 2001-10-25 13:00 70324 ----a-w- c:\windows\system32\perfc005.dat
2009-12-19 14:27 . 2001-10-25 13:00 392860 ----a-w- c:\windows\system32\perfh005.dat
2009-12-18 08:39 . 2009-06-24 20:19 730 ----a-w- c:\windows\NView09.dat
2009-10-31 16:45 . 2008-11-07 12:00 2944 ----a-w- c:\windows\system32\WSSPOOL.TMP
2009-10-29 05:48 . 2004-08-17 12:49 663040 ------w- c:\windows\system32\wininet.dll
2009-10-21 06:03 . 2004-08-17 12:49 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:03 . 2004-08-17 12:49 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 14:58 . 2004-08-03 20:00 263552 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:53 . 2004-08-17 12:49 267776 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:54 . 2004-08-17 12:49 112640 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:54 . 2004-08-17 12:49 69632 ----a-w- c:\windows\system32\raschap.dll
2009-10-08 15:12 . 2009-09-28 10:31 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-09-28 10:32 . 2009-09-28 10:31 249856 ------w- c:\windows\Setup1.exe
2009-09-25 06:58 . 2004-08-17 12:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-17 14:26 . 2009-09-17 14:26 459 ----a-w- c:\program files\Uninstall Mp3 Codec.lnk
1999-06-26 09:44 . 2009-09-17 14:26 6649 ----a-w- c:\program files\rdmp3faq.txt
1999-06-26 09:32 . 2009-09-17 14:26 6193 ----a-w- c:\program files\radium.nfo
1999-06-23 23:47 . 2009-09-17 14:26 19968 ----a-w- c:\program files\RaMp3Cfg.exe
1998-09-05 12:36 . 2009-09-17 14:26 14728 ----a-w- c:\program files\performance-graph.GIF
2006-12-07 15:04 . 2006-12-07 15:04 18 --sh--w- c:\windows\WINPROD.DLL
.
((((((((((((((((((((((((((((( SnapShot@2009-12-23_21.11.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-12-23 22:49 . 2009-12-23 22:49 16384 c:\windows\Temp\Perflib_Perfdata_afc.dat
+ 2009-12-23 22:49 . 2009-12-23 22:49 16384 c:\windows\Temp\Perflib_Perfdata_930.dat
- 2008-09-11 11:14 . 2004-08-17 14:49 75264 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbui.dll
+ 2009-12-23 22:21 . 2004-08-17 14:49 75264 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbui.dll
- 2008-09-11 11:14 . 2004-08-03 22:08 20480 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbuhci.sys
+ 2009-12-23 22:21 . 2004-08-03 22:08 20480 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbuhci.sys
- 2008-09-11 11:14 . 2004-08-03 22:08 57600 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbhub.sys
+ 2009-12-23 22:21 . 2004-08-03 22:08 57600 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbhub.sys
+ 2009-12-23 22:20 . 2004-08-17 14:49 75264 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\usbui.dll
+ 2009-12-23 22:20 . 2004-08-03 22:08 20480 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\usbuhci.sys
+ 2009-12-23 22:20 . 2004-08-03 22:08 57600 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\usbhub.sys
+ 2009-12-23 22:21 . 2001-10-24 10:44 35840 c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys
+ 2009-12-23 22:20 . 2004-08-17 14:43 68736 c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\pci.sys
+ 2009-12-23 22:21 . 2004-08-03 21:59 25088 c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\pciidex.sys
+ 2009-12-23 22:21 . 2004-08-03 21:59 95360 c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
+ 2009-12-23 22:20 . 2004-08-17 14:49 75264 c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\usbui.dll
+ 2009-12-23 22:20 . 2004-08-03 22:08 20480 c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\usbuhci.sys
+ 2009-12-23 22:20 . 2004-08-03 22:08 57600 c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\usbhub.sys
+ 2006-09-25 22:25 . 2009-12-23 22:29 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2006-09-25 22:25 . 2009-12-23 19:03 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2006-09-25 22:25 . 2009-12-23 19:03 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2006-09-25 22:25 . 2009-12-23 22:29 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-12-23 22:29 . 2009-12-23 22:29 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2006-09-25 22:25 . 2009-12-23 19:03 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2006-09-26 00:12 . 2003-02-13 12:13 59392 c:\windows\system32\agrsmdel.exe
- 2006-09-26 00:12 . 2003-02-13 12:13 59392 c:\windows\system32\agrsmdel.exe
+ 2009-12-23 22:21 . 2001-10-24 10:52 3328 c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\pciide.sys
+ 2009-12-23 22:21 . 2004-08-03 22:08 142976 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbport.sys
- 2008-09-11 11:14 . 2004-08-03 22:08 142976 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbport.sys
+ 2009-12-23 22:20 . 2004-08-03 22:08 142976 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\usbport.sys
+ 2009-12-23 22:20 . 2004-08-03 22:08 142976 c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\usbport.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ServUTrayIcon"="c:\program files\Serv-U\ServUTray.exe" [2002-02-03 68608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2003-04-24 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2003-04-24 610304]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2006-09-25 917504]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2002-12-02 32768]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2003-01-09 57418]
"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2002-10-23 163840]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2003-01-09 53248]
"OdTray.exe"="c:\program files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\OdTray.exe" [2003-12-16 626746]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-26 98304]
"CloneCDTray"="c:\program files\CloneCD\CloneCDTray.exe" [2004-12-27 57344]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"snpstd3"="c:\windows\vsnpstd3.exe" [2005-09-05 339968]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-02-09 1165680]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-02-09 1945960]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-02-09 149024]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-10-30 136600]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"AGRSMMSG"="AGRSMMSG.exe" [2003-02-14 88107]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2002-11-25 172032]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2008-11-7 25214]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\System32\\java.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Serv-U\\ServUDaemon.exe"=
"c:\\Program Files\\xwinlogon\\XWin.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe"=
"c:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe"=
"c:\\WINDOWS\\System32\\dplaysvr.exe"=
"c:\\Program Files\\ASUS\\Wireless Router Utilities\\DiscoveryR.exe"=
"c:\\Program Files\\KN_StrongDC\\StrongDC.exe"=
"c:\\Program Files\\Java\\JRE6\\launch4j-tmp\\JDownloader.exe"=
"c:\\Program Files\\MoZiGo\\MoZiGo.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\DreamCom\\DreamCom.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R2 PWSYSDRV;PWSYSDRV;c:\windows\system32\drivers\pwsysdrv.sys [7.11.2008 12:30 17072]
R3 WBMS;Winbond Memory Stick Storage (MS) Device Driver;c:\windows\system32\drivers\wbms.sys [23.12.2009 23:42 30208]
R3 WBSD;Winbond Secure Digital Storage (SD/MMC) Device Driver;c:\windows\system32\drivers\wbsd.sys [23.12.2009 23:42 25600]
S1 mailKmd;mailKmd; [x]
S2 gupdate1c90bc12c0fd2c0;Google Update Service (gupdate1c90bc12c0fd2c0);c:\program files\Google\Update\GoogleUpdate.exe [1.9.2008 01:27 133104]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [29.7.2007 16:18 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [29.7.2007 16:18 64896]
S3 ASINDIS5;ASINDIS5 Protocol Driver;c:\windows\system32\asindis5.sys [17.3.2008 14:16 16302]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [29.6.2007 01:01 42512]
S3 RTCore32;RTCore32; [x]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.9.2006 01:48 642560]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\program files\pctranslator\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\program files\pctranslator\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\program files\pctranslator\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\program files\pctranslator\WEBIE.DLL
LSP: c:\program files\NetLimiter\nl_lsp.dll
DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} - hxxp://gen.din.cz/RtspVaPgDec.cab
DPF: {575A6BF1-1460-4907-9157-BECB7DCAC655} - hxxp://nadatel.truecam.net/rel/webViewer.cab
DPF: {73FDD716-9BCE-42F7-8B13-DB4F7587B8D1} - hxxp://ns.standalone4ch.com/webview2/webview.cab
DPF: {8FEED82A-42A6-4117-A803-7EC3EB9339E0} - hxxp://192.168.0.99/plugin/client.cab
FF - ProfilePath - c:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\djdntahk.default\
FF - prefs.js: browser.search.selectedEngine - Geocaching - Quicksearch
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - component: c:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\djdntahk.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: c:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\djdntahk.default\extensions\{DD43485F-44CC-4452-A6C6-69356A7E33DA}\platform\WINNT_x86-msvc\components\ahWinUtils_32.dll
FF - component: c:\program files\Google\Google Gears\Firefox\lib\ff35\gears.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-24 00:00
Windows 5.1.2600 Service Pack 2 FAT NTAPI
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1432)
c:\program files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odLogin.dll
- - - - - - - > 'lsass.exe'(1496)
c:\windows\system32\relog_ap.dll
c:\program files\NetLimiter\nl_lsp.dll
c:\windows\system32\nl_msgc.dll
- - - - - - - > 'explorer.exe'(3816)
c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
c:\program files\TortoiseSVN\bin\TortoiseStub.dll
c:\program files\TortoiseSVN\bin\TortoiseSVN.dll
c:\program files\TortoiseSVN\bin\intl3_tsvn.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\Audiodev.dll
c:\windows\system32\WMVCore.DLL
c:\windows\system32\WMASF.DLL
.
Celkový čas: 2009-12-24 00:02:14
ComboFix-quarantined-files.txt 2009-12-23 23:02
ComboFix2.txt 2009-12-23 21:16
Před spuštěním: 7 003 168 768
Po spuštění: 6 986 858 496
- - End Of File - - 775F400828564DF1E80CDFA8F1697131
Zde je log z combofix:
ComboFix 09-12-22.09 - Petr 23.12.2009 23:53:04.3.1 - FAT32x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1014.509 [GMT 1:00]
Spuštěný z: c:\documents and settings\Petr\Plocha\ComboFix.exe
AV: Eset NOD32 Antivirus 2.50 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-23 do 2009-12-23 )))))))))))))))))))))))))))))))
.
2009-12-23 22:42 . 2003-03-07 17:49 30208 ----a-w- c:\windows\system32\drivers\wbms.sys
2009-12-23 22:42 . 2002-12-19 18:42 25600 ----a-w- c:\windows\system32\drivers\wbsd.sys
2009-12-23 22:31 . 2003-07-14 15:33 111168 ----a-w- c:\windows\system32\drivers\cwawdm.sys
2009-12-23 22:29 . 2009-12-23 22:29 142 ----a-w- c:\windows\system32\fjhdyfhsn.bat
2009-12-23 22:17 . 2003-02-14 09:59 88107 ----a-w- c:\windows\AGRSMMSG.exe
2009-12-23 22:17 . 2003-02-13 12:13 59392 ----a-w- c:\windows\agrsmdel.exe
2009-12-23 22:17 . 2003-02-14 09:59 1169792 ----a-w- c:\windows\system32\drivers\AGRSM.sys
2009-12-23 22:16 . 2001-10-24 10:44 35840 ----a-w- c:\windows\system32\drivers\isapnp.sys
2009-12-23 22:16 . 2004-08-03 21:59 25088 ----a-w- c:\windows\system32\drivers\pciidex.sys
2009-12-23 22:16 . 2004-08-03 21:59 95360 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-12-23 22:16 . 2001-10-24 10:52 3328 ----a-w- c:\windows\system32\drivers\pciide.sys
2009-12-23 22:15 . 2004-08-03 22:08 57600 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-12-23 22:15 . 2004-08-03 22:08 142976 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-12-23 22:15 . 2004-08-03 22:08 20480 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2009-12-23 22:15 . 2004-08-17 14:49 75264 ----a-w- c:\windows\system32\usbui.dll
2009-12-23 22:15 . 2004-08-17 14:43 68736 ----a-w- c:\windows\system32\drivers\pci.sys
2009-12-23 22:15 . 2009-12-23 22:15 -------- d-----w- C:\fsc.tmp
2009-12-23 20:08 . 2009-12-23 20:08 -------- d-----w- C:\rsit
2009-12-17 10:00 . 2009-12-17 10:00 -------- d-----w- c:\documents and settings\Petr\geokuk
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-19 14:27 . 2001-10-25 13:00 70324 ----a-w- c:\windows\system32\perfc005.dat
2009-12-19 14:27 . 2001-10-25 13:00 392860 ----a-w- c:\windows\system32\perfh005.dat
2009-12-18 08:39 . 2009-06-24 20:19 730 ----a-w- c:\windows\NView09.dat
2009-10-31 16:45 . 2008-11-07 12:00 2944 ----a-w- c:\windows\system32\WSSPOOL.TMP
2009-10-29 05:48 . 2004-08-17 12:49 663040 ------w- c:\windows\system32\wininet.dll
2009-10-21 06:03 . 2004-08-17 12:49 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 06:03 . 2004-08-17 12:49 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 14:58 . 2004-08-03 20:00 263552 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:53 . 2004-08-17 12:49 267776 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:54 . 2004-08-17 12:49 112640 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:54 . 2004-08-17 12:49 69632 ----a-w- c:\windows\system32\raschap.dll
2009-10-08 15:12 . 2009-09-28 10:31 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-09-28 10:32 . 2009-09-28 10:31 249856 ------w- c:\windows\Setup1.exe
2009-09-25 06:58 . 2004-08-17 12:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-17 14:26 . 2009-09-17 14:26 459 ----a-w- c:\program files\Uninstall Mp3 Codec.lnk
1999-06-26 09:44 . 2009-09-17 14:26 6649 ----a-w- c:\program files\rdmp3faq.txt
1999-06-26 09:32 . 2009-09-17 14:26 6193 ----a-w- c:\program files\radium.nfo
1999-06-23 23:47 . 2009-09-17 14:26 19968 ----a-w- c:\program files\RaMp3Cfg.exe
1998-09-05 12:36 . 2009-09-17 14:26 14728 ----a-w- c:\program files\performance-graph.GIF
2006-12-07 15:04 . 2006-12-07 15:04 18 --sh--w- c:\windows\WINPROD.DLL
.
((((((((((((((((((((((((((((( SnapShot@2009-12-23_21.11.30 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-12-23 22:49 . 2009-12-23 22:49 16384 c:\windows\Temp\Perflib_Perfdata_afc.dat
+ 2009-12-23 22:49 . 2009-12-23 22:49 16384 c:\windows\Temp\Perflib_Perfdata_930.dat
- 2008-09-11 11:14 . 2004-08-17 14:49 75264 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbui.dll
+ 2009-12-23 22:21 . 2004-08-17 14:49 75264 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbui.dll
- 2008-09-11 11:14 . 2004-08-03 22:08 20480 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbuhci.sys
+ 2009-12-23 22:21 . 2004-08-03 22:08 20480 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbuhci.sys
- 2008-09-11 11:14 . 2004-08-03 22:08 57600 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbhub.sys
+ 2009-12-23 22:21 . 2004-08-03 22:08 57600 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbhub.sys
+ 2009-12-23 22:20 . 2004-08-17 14:49 75264 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\usbui.dll
+ 2009-12-23 22:20 . 2004-08-03 22:08 20480 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\usbuhci.sys
+ 2009-12-23 22:20 . 2004-08-03 22:08 57600 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\usbhub.sys
+ 2009-12-23 22:21 . 2001-10-24 10:44 35840 c:\windows\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys
+ 2009-12-23 22:20 . 2004-08-17 14:43 68736 c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\pci.sys
+ 2009-12-23 22:21 . 2004-08-03 21:59 25088 c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\pciidex.sys
+ 2009-12-23 22:21 . 2004-08-03 21:59 95360 c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys
+ 2009-12-23 22:20 . 2004-08-17 14:49 75264 c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\usbui.dll
+ 2009-12-23 22:20 . 2004-08-03 22:08 20480 c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\usbuhci.sys
+ 2009-12-23 22:20 . 2004-08-03 22:08 57600 c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\usbhub.sys
+ 2006-09-25 22:25 . 2009-12-23 22:29 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2006-09-25 22:25 . 2009-12-23 19:03 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2006-09-25 22:25 . 2009-12-23 19:03 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2006-09-25 22:25 . 2009-12-23 22:29 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-12-23 22:29 . 2009-12-23 22:29 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2006-09-25 22:25 . 2009-12-23 19:03 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2006-09-26 00:12 . 2003-02-13 12:13 59392 c:\windows\system32\agrsmdel.exe
- 2006-09-26 00:12 . 2003-02-13 12:13 59392 c:\windows\system32\agrsmdel.exe
+ 2009-12-23 22:21 . 2001-10-24 10:52 3328 c:\windows\system32\ReinstallBackups\0002\DriverFiles\i386\pciide.sys
+ 2009-12-23 22:21 . 2004-08-03 22:08 142976 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbport.sys
- 2008-09-11 11:14 . 2004-08-03 22:08 142976 c:\windows\system32\ReinstallBackups\0012\DriverFiles\i386\usbport.sys
+ 2009-12-23 22:20 . 2004-08-03 22:08 142976 c:\windows\system32\ReinstallBackups\0010\DriverFiles\i386\usbport.sys
+ 2009-12-23 22:20 . 2004-08-03 22:08 142976 c:\windows\system32\ReinstallBackups\0001\DriverFiles\i386\usbport.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 16:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ServUTrayIcon"="c:\program files\Serv-U\ServUTray.exe" [2002-02-03 68608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2003-04-24 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2003-04-24 610304]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2006-09-25 917504]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2002-12-02 32768]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2003-01-09 57418]
"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2002-10-23 163840]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2003-01-09 53248]
"OdTray.exe"="c:\program files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\OdTray.exe" [2003-12-16 626746]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-26 98304]
"CloneCDTray"="c:\program files\CloneCD\CloneCDTray.exe" [2004-12-27 57344]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
"snpstd3"="c:\windows\vsnpstd3.exe" [2005-09-05 339968]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-02-09 1165680]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-02-09 1945960]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-02-09 149024]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-10-30 136600]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"AGRSMMSG"="AGRSMMSG.exe" [2003-02-14 88107]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2002-11-25 172032]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2008-11-7 25214]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\System32\\java.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Serv-U\\ServUDaemon.exe"=
"c:\\Program Files\\xwinlogon\\XWin.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Reallusion\\CrazyTalk for Skype\\CT4Skype.exe"=
"c:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe"=
"c:\\WINDOWS\\System32\\dplaysvr.exe"=
"c:\\Program Files\\ASUS\\Wireless Router Utilities\\DiscoveryR.exe"=
"c:\\Program Files\\KN_StrongDC\\StrongDC.exe"=
"c:\\Program Files\\Java\\JRE6\\launch4j-tmp\\JDownloader.exe"=
"c:\\Program Files\\MoZiGo\\MoZiGo.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\DreamCom\\DreamCom.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R2 PWSYSDRV;PWSYSDRV;c:\windows\system32\drivers\pwsysdrv.sys [7.11.2008 12:30 17072]
R3 WBMS;Winbond Memory Stick Storage (MS) Device Driver;c:\windows\system32\drivers\wbms.sys [23.12.2009 23:42 30208]
R3 WBSD;Winbond Secure Digital Storage (SD/MMC) Device Driver;c:\windows\system32\drivers\wbsd.sys [23.12.2009 23:42 25600]
S1 mailKmd;mailKmd; [x]
S2 gupdate1c90bc12c0fd2c0;Google Update Service (gupdate1c90bc12c0fd2c0);c:\program files\Google\Update\GoogleUpdate.exe [1.9.2008 01:27 133104]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501);c:\windows\system32\drivers\adusbmdm65.sys [29.7.2007 16:18 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501);c:\windows\system32\drivers\adusbser65.sys [29.7.2007 16:18 64896]
S3 ASINDIS5;ASINDIS5 Protocol Driver;c:\windows\system32\asindis5.sys [17.3.2008 14:16 16302]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [29.6.2007 01:01 42512]
S3 RTCore32;RTCore32; [x]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.9.2006 01:48 642560]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\program files\pctranslator\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\program files\pctranslator\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\program files\pctranslator\WEBIE.DLL
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\program files\pctranslator\WEBIE.DLL
LSP: c:\program files\NetLimiter\nl_lsp.dll
DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} - hxxp://gen.din.cz/RtspVaPgDec.cab
DPF: {575A6BF1-1460-4907-9157-BECB7DCAC655} - hxxp://nadatel.truecam.net/rel/webViewer.cab
DPF: {73FDD716-9BCE-42F7-8B13-DB4F7587B8D1} - hxxp://ns.standalone4ch.com/webview2/webview.cab
DPF: {8FEED82A-42A6-4117-A803-7EC3EB9339E0} - hxxp://192.168.0.99/plugin/client.cab
FF - ProfilePath - c:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\djdntahk.default\
FF - prefs.js: browser.search.selectedEngine - Geocaching - Quicksearch
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - component: c:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\djdntahk.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc.dll
FF - component: c:\documents and settings\Petr\Data aplikací\Mozilla\Firefox\Profiles\djdntahk.default\extensions\{DD43485F-44CC-4452-A6C6-69356A7E33DA}\platform\WINNT_x86-msvc\components\ahWinUtils_32.dll
FF - component: c:\program files\Google\Google Gears\Firefox\lib\ff35\gears.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-24 00:00
Windows 5.1.2600 Service Pack 2 FAT NTAPI
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1432)
c:\program files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odLogin.dll
- - - - - - - > 'lsass.exe'(1496)
c:\windows\system32\relog_ap.dll
c:\program files\NetLimiter\nl_lsp.dll
c:\windows\system32\nl_msgc.dll
- - - - - - - > 'explorer.exe'(3816)
c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
c:\program files\TortoiseSVN\bin\TortoiseStub.dll
c:\program files\TortoiseSVN\bin\TortoiseSVN.dll
c:\program files\TortoiseSVN\bin\intl3_tsvn.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\Audiodev.dll
c:\windows\system32\WMVCore.DLL
c:\windows\system32\WMASF.DLL
.
Celkový čas: 2009-12-24 00:02:14
ComboFix-quarantined-files.txt 2009-12-23 23:02
ComboFix2.txt 2009-12-23 21:16
Před spuštěním: 7 003 168 768
Po spuštění: 6 986 858 496
- - End Of File - - 775F400828564DF1E80CDFA8F1697131
Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 24 pro 2009 00:09
Najděte a smažtec:\windows\system32\fjhdyfhsn.bat
C:\fsc.tmp
Odinstalujte combofix přesStart >> Spustit zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
Stáhněte T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
Stahněte TFC a použijteTFC (http://oldtimer.geekstogo.com/TFC.exe)
Stáhněte Ccleaner,viz můj podpis-nainstalujte a vyčištěte dočasné soubory, i registry
Vložte nový log ze RSIT a řekněte co počítač,jak se chová,už je vše v pořádku?Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 24 pro 2009 00:14
Provedu. Počítač se zdá se chová normálně. 6ádné podezřelé procesy ani vytížení na 100%. Zvláštní je, že tu dávku bat jsem už dnes jednou mazal (ještě než jsem se obrátil na forumú.
Take jsou v system32 s dnesnim date 2 soubory "YUPOMUQW" bez pripony majici 32 MB a "wpa.dbl" majici 2.1 Kb. Maje otestovat virustotalem?
Take jsou v system32 s dnesnim date 2 soubory "YUPOMUQW" bez pripony majici 32 MB a "wpa.dbl" majici 2.1 Kb. Maje otestovat virustotalem?
Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 24 pro 2009 00:18
Ten druhý by měl být ok, ale pro jistotu oba otestujte na virustotalu.
Pro jistotu, až budete mít čas, ráda bych viděla log z gmeru a Avptoolu, pořád se mi tam něco nezdá
Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte
-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.
Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179
-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky
Pro jistotu, až budete mít čas, ráda bych viděla log z gmeru a Avptoolu, pořád se mi tam něco nezdá
Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte
-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.
Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky
Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 24 pro 2009 00:38
Tak teprve jsem dokončil ty kroky z Vašeho minulého příspěvku.
Zde je log z RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Petr at 2009-12-24 00:36:02
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (18%) free of 40 GB
Total RAM: 1014 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:36:24, on 24.12.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odClientService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\OdTray.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Serv-U\ServUTray.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\CoolMon\CoolMon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Petr\Plocha\RSIT.exe
C:\Program Files\trend micro\Petr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\pctranslator\WEBIE.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\pctranslator\WEBIE.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [OdTray.exe] "C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\OdTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKCU\..\Run: [ServUTrayIcon] C:\Program Files\Serv-U\ServUTray.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Myš.lnk = ?
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Startup: CoolMon.lnk = C:\Program Files\CoolMon\CoolMon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} (RtspVaPgCtrl Class) - http://gen.din.cz/RtspVaPgDec.cab
O16 - DPF: {575A6BF1-1460-4907-9157-BECB7DCAC655} (TVSLiveControl Class) - http://nadatel.truecam.net/rel/webViewer.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {73FDD716-9BCE-42F7-8B13-DB4F7587B8D1} (WViewCtl Class) - http://ns.standalone4ch.com/webview2/webview.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-be ... canner.cab
O16 - DPF: {8FEED82A-42A6-4117-A803-7EC3EB9339E0} (ClientControl Class) - http://192.168.0.99/plugin/client.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://192.168.0.99/plugin/h263ctrl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Google Update Service (gupdate1c90bc12c0fd2c0) (gupdate1c90bc12c0fd2c0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Odyssey Client (odClientService) - Funk Software, Inc. - C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odClientService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
--
End of file - 12323 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Program Files\pctranslator\WEBIE.DLL [2006-10-01 360448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-10-30 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-10-30 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll [2009-10-16 2101248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-10-30 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Program Files\pctranslator\WEBIE.DLL [2006-10-01 360448]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-04-24 110592]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2003-04-24 610304]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2006-09-26 917504]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2002-12-02 32768]
"HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2003-01-09 57418]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2002-10-23 163840]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2003-01-09 53248]
"OdTray.exe"=C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\OdTray.exe [2003-12-16 626746]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-26 98304]
"CloneCDTray"=C:\Program Files\CloneCD\CloneCDTray.exe [2004-12-27 57344]
"PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2004-03-10 406016]
"snpstd3"=C:\WINDOWS\vsnpstd3.exe [2005-09-05 339968]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-02-09 1165680]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-02-09 1945960]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2007-02-09 149024]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-07-19 94208]
"igfxhkcmd"=C:\WINDOWS\system32\h [2008-11-07 1592]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-07-19 114688]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-10-30 136600]
"Acrobat Assistant 7.0"=C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2008-04-23 483328]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2003-02-14 88107]
"LtMoh"=C:\Program Files\ltmoh\Ltmoh.exe [2002-11-25 172032]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ServUTrayIcon"=C:\Program Files\Serv-U\ServUTray.exe [2002-02-03 68608]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění
Myš.lnk -
Rainlendar.lnk - C:\Program Files\Rainlendar\Rainlendar.exe
CoolMon.lnk - C:\Program Files\CoolMon\CoolMon.exe
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-07-19 135168]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\WINDOWS\System32\java.exe"="C:\WINDOWS\System32\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Trillian\trillian.exe"="C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Program Files\Serv-U\ServUDaemon.exe"="C:\Program Files\Serv-U\ServUDaemon.exe:*:Enabled:ServUDaemon.exe"
"C:\Program Files\xwinlogon\XWin.exe"="C:\Program Files\xwinlogon\XWin.exe:*:Enabled:XWin"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe"="C:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe:*:Enabled:CrazyTalk"
"C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe"="C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe:*:Enabled:FreeCall"
"C:\WINDOWS\System32\dplaysvr.exe"="C:\WINDOWS\System32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\ASUS\Wireless Router Utilities\DiscoveryR.exe"="C:\Program Files\ASUS\Wireless Router Utilities\DiscoveryR.exe:*:Enabled:ASUS Device Discovery Application"
"C:\Program Files\KN_StrongDC\StrongDC.exe"="C:\Program Files\KN_StrongDC\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Java\JRE6\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\JRE6\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\MoZiGo\MoZiGo.exe"="C:\Program Files\MoZiGo\MoZiGo.exe:*:Enabled:Pomôcka geokešera"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\Program Files\DreamCom\DreamCom.exe"="C:\Program Files\DreamCom\DreamCom.exe:*:Disabled:DreamCom"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2009-12-24 00:36:02 ----D---- C:\rsit
2009-12-24 00:36:02 ----D---- C:\Program Files\trend micro
2009-12-24 00:26:41 ----D---- C:\Program Files\CCleaner
2009-12-24 00:05:32 ----SHD---- C:\Recycled
2009-12-23 23:17:37 ----A---- C:\WINDOWS\AGRSMMSG.exe
2009-12-23 23:17:37 ----A---- C:\WINDOWS\agrsmdel.exe
2009-12-23 23:15:49 ----A---- C:\WINDOWS\system32\usbui.dll
2009-12-11 10:35:06 ----HD---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-11 10:34:39 ----HD---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-11 10:33:34 ----HD---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-11 10:32:53 ----HD---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-11 10:32:35 ----HD---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-11 10:32:19 ----HD---- C:\WINDOWS\$NtUninstallKB971737$
2009-11-25 08:10:05 ----HD---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 08:09:45 ----HD---- C:\WINDOWS\$NtUninstallKB973687$
======List of files/folders modified in the last 1 months======
2009-12-24 00:35:00 ----A---- C:\WINDOWS\TRNCOM.INI
2009-12-24 00:20:22 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-12-24 00:16:58 ----A---- C:\WINDOWS\wincmd.ini
2009-12-24 00:00:22 ----A---- C:\WINDOWS\system.ini
2009-12-23 23:12:58 ----A---- C:\WINDOWS\wcx_ftp.ini
2009-12-21 23:43:34 ----A---- C:\WINDOWS\system32\PWWSGDI.INI
2009-12-21 01:08:58 ----A---- C:\WINDOWS\WTRAN32.INI
2009-12-19 15:27:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2002-10-29 8843]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys [2002-10-23 2920]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-11 4736]
R2 GIVEIO;giveio; \??\C:\WINDOWS\giveio.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\Drivers\hcmon.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 PWSYSDRV;PWSYSDRV; \??\C:\WINDOWS\system32\drivers\PWSYSDRV.sys []
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-04-21 32768]
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2006-08-04 23296]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 VMparport;VMware VMparport; \??\C:\WINDOWS\system32\Drivers\VMparport.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2002-12-17 42368]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 cs429x;Cirrus Logic WDM Audio Codec Driver; C:\WINDOWS\system32\drivers\cwawdm.sys [2003-07-14 111168]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-04-18 27392]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-07-19 1049180]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-06-21 78976]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
R3 odysseyIM3;Odyssey Network Services Miniport; C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys [2003-12-16 62673]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-08-11 14604]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2003-04-24 270448]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-09-12 3298432]
R3 WBMS;Winbond Memory Stick Storage (MS) Device Driver; C:\WINDOWS\System32\Drivers\WBMS.SYS [2003-03-07 30208]
R3 WBSD;Winbond Secure Digital Storage (SD/MMC) Device Driver; C:\WINDOWS\System32\Drivers\WBSD.SYS [2002-12-19 25600]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2003-02-14 1169792]
S3 ASINDIS5;ASINDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASINDIS5.SYS []
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\Drivers\CO_Mon.sys []
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-09-26 223128]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2008-03-13 57536]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2008-03-13 72000]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2008-10-27 8320]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2007-12-16 25280]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys [2007-06-29 42512]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-03 28672]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS []
S3 RTCore32;RTCore32; C:\WINDOWS\system32\drivers\RTCore32.sys []
S3 Ser2pl;Prolific2 Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2005-07-25 48640]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SNPSTD3;StarCam Clip; C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2005-12-08 8718848]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2006-08-04 9600]
S3 vmusb;VMware USB Client Driver; C:\WINDOWS\System32\Drivers\vmusb.sys [2006-08-04 21888]
S3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-10 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2006-09-26 642560]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2007-02-09 407072]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-10-30 152984]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2006-09-26 495616]
R2 odClientService;Odyssey Client; C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odClientService.exe [2003-12-16 131072]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2006-08-04 217088]
R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2006-08-04 106496]
R2 vmount2;VMware Virtual Mount Manager Extended; C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe [2006-08-04 262144]
R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2006-08-04 135168]
S2 gupdate1c90bc12c0fd2c0;Google Update Service (gupdate1c90bc12c0fd2c0); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-08-31 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-09-30 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2008-04-22 68096]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-06-29 92792]
-----------------EOF-----------------
Zde je log z RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Petr at 2009-12-24 00:36:02
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (18%) free of 40 GB
Total RAM: 1014 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:36:24, on 24.12.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odClientService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\OdTray.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Serv-U\ServUTray.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\CoolMon\CoolMon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Petr\Plocha\RSIT.exe
C:\Program Files\trend micro\Petr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\pctranslator\WEBIE.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\pctranslator\WEBIE.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [OdTray.exe] "C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\OdTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKCU\..\Run: [ServUTrayIcon] C:\Program Files\Serv-U\ServUTray.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Myš.lnk = ?
O4 - Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 - Startup: CoolMon.lnk = C:\Program Files\CoolMon\CoolMon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra 'Tools' menuitem: Nastavení aplikace &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\pctranslator\WEBIE.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {361E6B79-4A69-4376-B0F2-3D1EBEE9D7E2} (RtspVaPgCtrl Class) - http://gen.din.cz/RtspVaPgDec.cab
O16 - DPF: {575A6BF1-1460-4907-9157-BECB7DCAC655} (TVSLiveControl Class) - http://nadatel.truecam.net/rel/webViewer.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {73FDD716-9BCE-42F7-8B13-DB4F7587B8D1} (WViewCtl Class) - http://ns.standalone4ch.com/webview2/webview.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-be ... canner.cab
O16 - DPF: {8FEED82A-42A6-4117-A803-7EC3EB9339E0} (ClientControl Class) - http://192.168.0.99/plugin/client.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://192.168.0.99/plugin/h263ctrl.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Google Update Service (gupdate1c90bc12c0fd2c0) (gupdate1c90bc12c0fd2c0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Odyssey Client (odClientService) - Funk Software, Inc. - C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odClientService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
--
End of file - 12323 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Program Files\pctranslator\WEBIE.DLL [2006-10-01 360448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-10-30 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-10-30 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll [2009-10-16 2101248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-10-30 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Program Files\pctranslator\WEBIE.DLL [2006-10-01 360448]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2006-12-18 231160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2003-04-24 110592]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2003-04-24 610304]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2006-09-26 917504]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2002-12-02 32768]
"HotkeyApp"=C:\Program Files\Launch Manager\HotkeyApp.exe [2003-01-09 57418]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2002-10-23 163840]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2003-01-09 53248]
"OdTray.exe"=C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\OdTray.exe [2003-12-16 626746]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-26 98304]
"CloneCDTray"=C:\Program Files\CloneCD\CloneCDTray.exe [2004-12-27 57344]
"PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2004-03-10 406016]
"snpstd3"=C:\WINDOWS\vsnpstd3.exe [2005-09-05 339968]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-02-09 1165680]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-02-09 1945960]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2007-02-09 149024]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-07-19 94208]
"igfxhkcmd"=C:\WINDOWS\system32\h [2008-11-07 1592]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-07-19 114688]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-10-30 136600]
"Acrobat Assistant 7.0"=C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2008-04-23 483328]
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2003-02-14 88107]
"LtMoh"=C:\Program Files\ltmoh\Ltmoh.exe [2002-11-25 172032]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ServUTrayIcon"=C:\Program Files\Serv-U\ServUTray.exe [2002-02-03 68608]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe
C:\Documents and Settings\Petr\Nabídka Start\Programy\Po spuštění
Myš.lnk -
Rainlendar.lnk - C:\Program Files\Rainlendar\Rainlendar.exe
CoolMon.lnk - C:\Program Files\CoolMon\CoolMon.exe
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-07-19 135168]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\WINDOWS\System32\java.exe"="C:\WINDOWS\System32\java.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Trillian\trillian.exe"="C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Program Files\Serv-U\ServUDaemon.exe"="C:\Program Files\Serv-U\ServUDaemon.exe:*:Enabled:ServUDaemon.exe"
"C:\Program Files\xwinlogon\XWin.exe"="C:\Program Files\xwinlogon\XWin.exe:*:Enabled:XWin"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe"="C:\Program Files\Reallusion\CrazyTalk for Skype\CT4Skype.exe:*:Enabled:CrazyTalk"
"C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe"="C:\Program Files\FreeCall.com\FreeCall\FreeCall.exe:*:Enabled:FreeCall"
"C:\WINDOWS\System32\dplaysvr.exe"="C:\WINDOWS\System32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\ASUS\Wireless Router Utilities\DiscoveryR.exe"="C:\Program Files\ASUS\Wireless Router Utilities\DiscoveryR.exe:*:Enabled:ASUS Device Discovery Application"
"C:\Program Files\KN_StrongDC\StrongDC.exe"="C:\Program Files\KN_StrongDC\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Java\JRE6\launch4j-tmp\JDownloader.exe"="C:\Program Files\Java\JRE6\launch4j-tmp\JDownloader.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\MoZiGo\MoZiGo.exe"="C:\Program Files\MoZiGo\MoZiGo.exe:*:Enabled:Pomôcka geokešera"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\Program Files\DreamCom\DreamCom.exe"="C:\Program Files\DreamCom\DreamCom.exe:*:Disabled:DreamCom"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2009-12-24 00:36:02 ----D---- C:\rsit
2009-12-24 00:36:02 ----D---- C:\Program Files\trend micro
2009-12-24 00:26:41 ----D---- C:\Program Files\CCleaner
2009-12-24 00:05:32 ----SHD---- C:\Recycled
2009-12-23 23:17:37 ----A---- C:\WINDOWS\AGRSMMSG.exe
2009-12-23 23:17:37 ----A---- C:\WINDOWS\agrsmdel.exe
2009-12-23 23:15:49 ----A---- C:\WINDOWS\system32\usbui.dll
2009-12-11 10:35:06 ----HD---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-11 10:34:39 ----HD---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-11 10:33:34 ----HD---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-11 10:32:53 ----HD---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-11 10:32:35 ----HD---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-11 10:32:19 ----HD---- C:\WINDOWS\$NtUninstallKB971737$
2009-11-25 08:10:05 ----HD---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-11-25 08:09:45 ----HD---- C:\WINDOWS\$NtUninstallKB973687$
======List of files/folders modified in the last 1 months======
2009-12-24 00:35:00 ----A---- C:\WINDOWS\TRNCOM.INI
2009-12-24 00:20:22 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-12-24 00:16:58 ----A---- C:\WINDOWS\wincmd.ini
2009-12-24 00:00:22 ----A---- C:\WINDOWS\system.ini
2009-12-23 23:12:58 ----A---- C:\WINDOWS\wcx_ftp.ini
2009-12-21 23:43:34 ----A---- C:\WINDOWS\system32\PWWSGDI.INI
2009-12-21 01:08:58 ----A---- C:\WINDOWS\WTRAN32.INI
2009-12-19 15:27:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2002-10-29 8843]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys [2002-10-23 2920]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-11 4736]
R2 GIVEIO;giveio; \??\C:\WINDOWS\giveio.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\Drivers\hcmon.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]
R2 PWSYSDRV;PWSYSDRV; \??\C:\WINDOWS\system32\drivers\PWSYSDRV.sys []
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2007-04-21 32768]
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2006-08-04 23296]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 VMparport;VMware VMparport; \??\C:\WINDOWS\system32\Drivers\VMparport.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2002-12-17 42368]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 cs429x;Cirrus Logic WDM Audio Codec Driver; C:\WINDOWS\system32\drivers\cwawdm.sys [2003-07-14 111168]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2005-04-18 27392]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-07-19 1049180]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2004-06-21 78976]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
R3 odysseyIM3;Odyssey Network Services Miniport; C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys [2003-12-16 62673]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-08-11 14604]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2003-04-24 270448]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 w29n51;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2005-09-12 3298432]
R3 WBMS;Winbond Memory Stick Storage (MS) Device Driver; C:\WINDOWS\System32\Drivers\WBMS.SYS [2003-03-07 30208]
R3 WBSD;Winbond Secure Digital Storage (SD/MMC) Device Driver; C:\WINDOWS\System32\Drivers\WBSD.SYS [2002-12-19 25600]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2004-08-03 48128]
S3 adusbmdm6501;AnyDATA CDMA USB Modem Driver (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbmdm65.sys [2005-05-02 64896]
S3 adusbser6501;AnyDATA CDMA USB Serial Port (PID 6501); C:\WINDOWS\system32\DRIVERS\adusbser65.sys [2005-05-02 64896]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2003-02-14 1169792]
S3 ASINDIS5;ASINDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASINDIS5.SYS []
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2004-08-03 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\Drivers\CO_Mon.sys []
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2006-09-26 223128]
S3 FTDIBUS;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2008-03-13 57536]
S3 FTSER2K;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2008-03-13 72000]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2008-10-27 8320]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2007-12-16 25280]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-02-11 55216]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-08-03 51328]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 NPF;WinPcap Packet Driver (NPF); C:\WINDOWS\system32\drivers\NPF.sys [2007-06-29 42512]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-03 28672]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS []
S3 RTCore32;RTCore32; C:\WINDOWS\system32\drivers\RTCore32.sys []
S3 Ser2pl;Prolific2 Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2005-07-25 48640]
S3 sermouse;Ovladač sériové myši; C:\WINDOWS\system32\DRIVERS\sermouse.sys [2001-10-24 17664]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SNPSTD3;StarCam Clip; C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2005-12-08 8718848]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2006-08-04 9600]
S3 vmusb;VMware USB Client Driver; C:\WINDOWS\System32\Drivers\vmusb.sys [2006-08-04 21888]
S3 WinDriver6;WinDriver6; C:\WINDOWS\system32\drivers\windrvr6.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-10 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2006-09-26 642560]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2007-02-09 407072]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-10-30 152984]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2006-09-26 495616]
R2 odClientService;Odyssey Client; C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odClientService.exe [2003-12-16 131072]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2006-08-04 217088]
R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2006-08-04 106496]
R2 vmount2;VMware Virtual Mount Manager Extended; C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe [2006-08-04 262144]
R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2006-08-04 135168]
S2 gupdate1c90bc12c0fd2c0;Google Update Service (gupdate1c90bc12c0fd2c0); C:\Program Files\Google\Update\GoogleUpdate.exe [2008-08-31 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-09-30 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Macromedia Licensing Service;Macromedia Licensing Service; C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [2008-04-22 68096]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-06-29 92792]
-----------------EOF-----------------
Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 24 pro 2009 00:40
Ještě otestujte na www.virustotal.com
C:\WINDOWS\system32\h
C:\WINDOWS\system32\h
Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 24 pro 2009 00:55
Virustotal hlásí Výsledek: 0/41 (0%)
Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 24 pro 2009 00:57
A testoval jste skutečně tento soubor?
Můžete mi zkopírovat link k výsledku?
Můžete mi zkopírovat link k výsledku?
Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 24 pro 2009 01:01
Ano ten. Udělal jsem to znova a výsledek je zde
Re: zavirované PC, svchost.exe vytěžuje CPU, siszyd32.exe
Napsal: 24 pro 2009 01:12
Je možné že máte v pc ještě rootkita, psal jste něco ještě o jednom souboru a ten podvrhnul čistý soubor na otestování. Nelíbí se mi to 
, uvidíme co najde Gmer a Avptool.
Já Vás jen poprosím o trpělivost, ted přes svátky tu budu pravděpodobně jen večer a to ještě na chvilku, ale určitě to spolu doděláme
Já už dnes končím, dobrou noc
, uvidíme co najde Gmer a Avptool.Já Vás jen poprosím o trpělivost, ted přes svátky tu budu pravděpodobně jen večer a to ještě na chvilku, ale určitě to spolu doděláme
Já už dnes končím, dobrou noc