DDS (Ver_09-12-01.01) - NTFSx86
Run by já at 18:57:40,54 on po 22.02.2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_18
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1476 [GMT 1:00]
AV: avast! antivirus 4.8.1368 [VPS 100222-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
============== Running Processes ===============
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AirLive\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Opera\opera.exe
C:\dds.pif
============== Pseudo HJT Report ===============
uSearch Page = hxxp://
www.google.com
uSearch Bar = hxxp://
www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://
www.google.com/ie
uSearchURL,(Default) = hxxp://
www.google.com/search?q=%s
BHO: Podpora odkazu pro Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: WebTransBHO Class: {2db66063-bb98-466a-aa0d-3e7acf5ed853} - c:\windows\WebIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: WebTranslator: {bfc32e1d-ee75-4a48-bc60-104e11ee2431} - c:\windows\WebIE.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [OEXPRESS]
uRun: [<NO NAME>]
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\j1ea6~1\nabdka~1\programy\posput~1\_unins~1.lnk - c:\documents and settings\já\local settings\temp\_uninst_setup_9.0.0.722_19.02.2010_22-03.exe.bat
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\airlive\bluetooth software\btsendto_ie_ctx.htm
IE: Stáhnout pomocí BitSpiritu - c:\program files\bitspirit\bsurl.htm
IE: WikiKomentáře Google... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: ÓñČĚŘľ«ÁéĎÂÔŘ(&B)
IE: {BFC32E1D-EE75-4A48-BC60-104E11EE2431}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\airlive\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://download.macromedia.com/pub/shockwave/cabs/authorware/awswaxd.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://
www.nvidia.com/content/DriverDownload/s ... eqlab3.cab
DPF: {33564D57-0000-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://
www.nvidia.com/content/DriverDownload/n ... rtScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} - hxxp://driveragent.com/files/driveragent.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\j1ea6~1\dataap~1\mozilla\firefox\profiles\opgh91vc.default\
FF - prefs.js: browser.startup.homepage - About:Blank
FF - prefs.js: network.proxy.type - 2
FF - component: c:\documents and settings\já\data aplikací\mozilla\firefox\profiles\opgh91vc.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\winnt_x86-msvc\components\ipc.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\opera\program\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.jit.chrome", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("security.checkloaduri", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("bidi.characterset", 1);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\channel-prefs.js - pref("app.update.channel", "release");
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
============= SERVICES / DRIVERS ===============
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2007-11-24 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2007-11-24 5248]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-1-3 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-1-3 20560]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2006-3-2 69120]
R3 YiRuanUSB;YiRuan device driver for 4d;c:\windows\system32\drivers\yrtumdriver.sys [2007-11-24 5760]
S3 utm0ndi2;AVZ Kernel Driver;c:\windows\system32\drivers\utm0ndi2.sys [2010-2-20 7168]
=============== Created Last 30 ================
2010-02-22 17:56:27 524288 ----a-w- C:\dds.pif
2010-02-20 04:22:32 7168 ----a-w- c:\windows\system32\drivers\utm0ndi2.sys
2010-02-16 00:36:29 2147328 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-14 21:14:37 0 d-----w- c:\docume~1\j1ea6~1\dataap~1\Mael
2010-02-14 20:45:12 0 d-----w- c:\program files\HxD
2010-02-14 19:37:57 293376 ----a-w- C:\gmer.exe
2010-02-14 19:03:23 0 d-sha-r- C:\cmdcons
2010-02-14 19:02:48 98816 ----a-w- c:\windows\sed.exe
2010-02-14 19:02:48 77312 ----a-w- c:\windows\MBR.exe
2010-02-14 19:02:48 261632 ----a-w- c:\windows\PEV.exe
2010-02-14 19:02:48 161792 ----a-w- c:\windows\SWREG.exe
2010-02-14 18:55:06 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-14 17:38:10 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-14 17:18:54 0 d-----w- c:\docume~1\j1ea6~1\dataap~1\Malwarebytes
2010-02-14 17:18:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-14 17:18:44 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-14 17:18:44 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-14 17:18:44 0 d-----w- c:\docume~1\alluse~1\dataap~1\Malwarebytes
2010-02-14 16:22:22 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-02-14 16:22:22 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-02-14 16:19:19 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-02-14 16:19:19 8576 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-02-14 16:14:53 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-02-14 16:14:53 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2010-02-14 15:41:41 0 d-----w- c:\program files\iPod
2010-02-14 15:41:38 0 d-----w- c:\program files\iTunes
2010-02-14 15:41:22 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-02-14 15:41:22 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-02-07 15:48:26 0 d-----w- c:\docume~1\j1ea6~1\dataap~1\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-02-07 10:49:35 0 d-----w- c:\docume~1\j1ea6~1\dataap~1\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-02-07 10:47:15 0 d-----w- c:\docume~1\j1ea6~1\dataap~1\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-02-07 10:47:15 0 d-----w- c:\docume~1\j1ea6~1\dataap~1\app
2010-02-07 10:47:13 0 d-----w- c:\docume~1\j1ea6~1\dataap~1\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
2010-02-07 10:47:13 0 d-----w- c:\docume~1\j1ea6~1\dataap~1\Dofus 2
2010-02-07 10:07:43 0 d-----w- c:\program files\Dofus 2
2010-01-30 19:28:40 68100 ---ha-w- c:\windows\system32\mlfcache.dat
2010-01-30 18:15:02 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-01-30 18:15:02 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-01-30 12:05:04 0 d-----w- c:\docume~1\alluse~1\dataap~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
==================== Find3M ====================
2010-02-20 20:08:50 46 --sha-w- c:\program files\desktop.ini
2010-02-19 19:38:59 83652 ----a-w- c:\windows\system32\perfc005.dat
2010-02-19 19:38:59 440316 ----a-w- c:\windows\system32\perfh005.dat
2009-12-31 16:50:03 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:09:54 668160 ------w- c:\windows\system32\wininet.dll
2009-12-22 05:09:51 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-17 07:42:35 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10:03 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11:00 2025984 ------w- c:\windows\system32\ntkrnlpa.exe
2009-11-27 17:14:10 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14:09 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09:43 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09:43 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09:42 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09:42 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:09:42 11264 ----a-w- c:\windows\system32\msrle32.dll
============= FINISH: 18:58:26,48 ===============
Muzu to nejak vratit/opravit z druheho systemu? Mam Win 7 na druhem disku a muzu klidne nainstalovat i Win XP na jiny disk.
Nabootujte z instalačního CD a vstupte do konzoly pro zotavení. Pro tuto operaci musíte znát heslo k účtu Administrator. Do příkazového řádku napište:
Takze tady je novy log.
Stahněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229
MBAM má občas falešné detekce a mohl by smazat i soubor, který je čistý..
Nouzak v pohode, ale jak prejdu do normalniho, tak explorer po chvilce zamrzne.