obcas zmrzne, problemy s postou a s prechodem do spanku

[Caroprd111]

Je možné, že tam nejsou. Pokračujte dalšími kroky.

[Karel ZYKMUND]

pri pokusu o spusteni mi to pise chybove hlaseni ze SPTDinst-v169-x86.exe neni platna alikace typu Win 32 i kdyz jsmem stahl verzi pro 32 bitovy OS. Mam pokracovat v dalsich ukolech a vynechat to a nebo se s tim pokusime poprat?

[Caroprd111]

SPTD vynechte a pokračujte dalšími kroky.

[Karel ZYKMUND]

problem je u vsech souboru, nedari se zadny stahnout kompletni a tak nejde spustit. Po stazeni maji soubory mnohem mensi velikost jako by se stahl jen zastupce a nebo ikona. Zatim se mi to dari uspesne resit pres jine prohlizece nez internet explorer. Dari se to pres Mozilu Firefox ale je v anglictine a moc se v ni jeste neorientuji. Mozna nam ten antivirak neco umazal a nebo stihl vir neco poskodit protoze doted jsem stahoval OK. Jdu pokracovat v praci, ozvu se kdyby byl problem.

[Karel ZYKMUND]

tak se mi podarilo spustit SPTD a restartoval jsem. Dale jsem spustil Defogger.exe a restartoval jsem. Ted jsem stahnul MBR a dal jsem start pak jsem klikl na spustit a do spousteciho radku jsem zkousel vepsat (WIN+R) a taky WIN+R bez zavorek ale nic mi to neotevrelo. Kdyz spustim MBR tak mi vyjede log ale to asi nechceme. Mozna je WIN+R nejaka zkratka a spatne jsem to pochopil. Jak spustit WIN+R a co to je?

diky.

[Caroprd111]

Win + R je klávesová zkratka pro Spustit. do spustit musíte zadat:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

[Karel ZYKMUND]

snad je to ten log co chceme, ted jdu jeste na log z Gmeru a je to hotovo

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK

[Karel ZYKMUND]

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-07-29 19:09:36
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\User\LOCALS~1\Temp\pxtdqpog.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----

[Caroprd111]

OK, ještě druhý log z Gmeru.

[Karel ZYKMUND]

snazil jsem se udelat sken sestkrat z toho se mi petkrat pocitat zasekl pri skenovani a musel jsem ho na tvrdo vypnout. Po seste to konecne vyslo. Dnes se pocitac chova mnohem hur nez kdykoliv jindy. Co to tam mam za smejdy, asi tusi, ze po nich jdeme a brani se

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-07-29 23:37:35
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\User\LOCALS~1\Temp\pxtdqpoc.sys


---- System - GMER 1.0.15 ----

SSDT 88838580 ZwAssignProcessToJobObject
SSDT 88839100 ZwDebugActiveProcess
SSDT 88838B30 ZwDuplicateObject
SSDT 88837CC0 ZwOpenProcess
SSDT 88837FC0 ZwOpenThread
SSDT 888389C0 ZwProtectVirtualMemory
SSDT 88838860 ZwSetContextThread
SSDT 888386E0 ZwSetInformationThread
SSDT 88835700 ZwSetSecurityObject
SSDT 88838420 ZwSuspendProcess
SSDT 888382C0 ZwSuspendThread
SSDT 88837E50 ZwTerminateProcess
SSDT 88838150 ZwTerminateThread
SSDT 88838F50 ZwWriteVirtualMemory

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[2700] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Common Files\TrustPort\Bin\tptray.exe[1464] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrFindResource_U] [61A91DA0] D:\Trust\TrustPort Disk Protection\bin\dplang-CSY.dll (TrustPort Disk Protection Resource DLL/TrustPort, a.s.)
IAT C:\Program Files\Common Files\TrustPort\Bin\tptray.exe[1464] @ C:\WINDOWS\system32\kernel32.dll [ntdll.dll!LdrAccessResource] [61A91D50] D:\Trust\TrustPort Disk Protection\bin\dplang-CSY.dll (TrustPort Disk Protection Resource DLL/TrustPort, a.s.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA3 0x91 0x3A 0xEE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xF4 0xCD 0xE1 0x14 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x55 0x4E 0xDB 0xC1 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA3 0x91 0x3A 0xEE ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xF4 0xCD 0xE1 0x14 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x55 0x4E 0xDB 0xC1 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA3 0x91 0x3A 0xEE ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xF4 0xCD 0xE1 0x14 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x55 0x4E 0xDB 0xC1 ...
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG10.00.00.01WORKSTATION C47115C00F37A67294E1E069447DBC9E43325C25AF6A5C4787445EF3424E9A1A886DF96F30077557D4AC4EDAC3FE4FE59177AB41FEFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B98088EDD5E5BE2F6E6675D575E7D6A3B98081CA1B2CDA8F31CF2891D97137C955418B1CF3ACCFA6DD8E457764F181E9B1A85704101BA33569B02AD4A8CE1A6890F668562DD2C5C468634DB26CF069A042E2632646DD989321C4B6C5AC907B317B16220BCE6B52A028796F78DA96B2AC96C7D2C44667A581EF270794BF0C20B2B12ACBDC0C5B7A583D14C1595BF4004E48C078FF2E0E3F0CAB7497072A6C4B549C8188329706EB0C120447C7DF67082628970EFCFD3CD4877C662CCF613346107B3AE7502E18E52C9EFA5DF55BB5D2863229BC6933A66F6F8BFFAF1D3E32BE08EF22D002B95BE353804C9CF04FBDA9799591F6F48144C3AB98885A2DA48B7A91FEC026F5B8F1AA942E2BCC4C32A2E98CF78472CCDE51772B6462B0BADF5DAD50A4AD3F71AD32E20AED3C29A20BC96176107111FD5374F2581674637C5A40B2335F7F9AF44EB80B058E8CE91FD2FC223BDD72F51669271FB3E1CE598ED12B3F29BA782900B660796AFF18CCA1100D6F0E9FB88305B886EC12857CE84C6FD314C4CCD2C7972552BB13686D6CE63B

---- EOF - GMER 1.0.15 ----

[Caroprd111]

Stáhněte a uložte http://download.bleepingcomputer.com/sUBs/ComboFix.exe na plochu.

• Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
• Vložte do PC všechny flash disky, které používáte.
• Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano".
• Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
• Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
• Během skenování může být počítač restartován.

[Karel ZYKMUND]

po pouziti Combofixu se pocitac zlepsil

ComboFix 10-07-29.01 - User 30.07.2010 0:36.17.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2047.1437 [GMT 2:00]
Spuštěný z: c:\documents and settings\User\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-06-28 do 2010-07-29 )))))))))))))))))))))))))))))))
.

2010-07-28 22:06 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\39347662.sys
2010-07-28 22:06 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\3934766.sys
2010-07-28 22:06 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\39347661.sys
2010-07-26 18:21 . 2007-11-27 01:24 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-07-26 18:18 . 2010-07-26 18:18 -------- d-----w- c:\program files\Common Files\Teleca Shared
2010-07-26 18:18 . 2009-06-10 14:49 24576 ----a-w- c:\windows\system32\drivers\ANDROIDUSB.sys
2010-07-26 18:18 . 2009-06-09 12:41 1122664 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-07-26 18:17 . 2010-07-26 18:17 -------- d-----w- c:\program files\Spirent Communications
2010-07-26 18:17 . 2010-07-26 18:18 -------- d-----w- c:\program files\HTC
2010-07-26 18:11 . 2010-07-26 18:11 -------- d-----w- c:\windows\Downloaded Installations
2010-07-13 22:06 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2010-07-01 18:42 . 2010-07-01 18:42 -------- d-----w- C:\_OTL
2010-07-01 15:36 . 2010-07-01 15:36 999993 ----a-w- C:\Qoobox.zip
2010-06-30 19:09 . 2010-06-30 19:09 -------- d-----w- C:\rsit

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-28 20:43 . 2009-10-09 11:33 -------- d-----w- c:\program files\Trend Micro
2010-07-26 18:21 . 2010-07-26 18:21 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
2010-07-26 18:21 . 2010-07-26 18:21 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-07-01 18:42 . 2007-10-29 12:00 84378 ----a-w- c:\windows\system32\perfc005.dat
2010-07-01 18:42 . 2007-10-29 12:00 441160 ----a-w- c:\windows\system32\perfh005.dat
2010-06-30 19:37 . 2008-03-04 21:47 -------- d-----w- c:\program files\Google
2010-06-14 14:31 . 2008-02-28 14:06 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-07 13:11 . 2008-06-20 07:14 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-06 10:35 . 2007-10-29 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:09 . 2007-10-29 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2008-06-18 11:56 . 2008-06-18 11:57 32768 --sha-w- c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008061820080619\index(1).dat
.

((((((((((((((((((((((((((((( SnapShot_2010-06-30_19.49.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-12-01 22:46 . 2006-12-01 22:46 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-01 22:08 . 2006-12-01 22:08 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-01 22:26 . 2006-12-01 22:26 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-01 22:25 . 2006-12-01 22:25 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-01 20:56 . 2006-12-01 20:56 96256 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2009-07-11 17:41 . 2009-07-11 17:41 97280 c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.dll
+ 2010-07-29 22:26 . 2010-07-29 22:26 16384 c:\windows\temp\Perflib_Perfdata_9a4.dat
+ 2007-10-29 12:00 . 2010-07-01 18:42 72494 c:\windows\system32\perfc009.dat
- 2007-10-29 12:00 . 2010-06-24 19:33 72494 c:\windows\system32\perfc009.dat
+ 2010-07-26 18:18 . 2009-06-10 14:49 24576 c:\windows\system32\DRVSTORE\androidusb_37A8286C369F341F26DD67AB5C901C070175B203\ANDROIDUSB.sys
+ 2008-01-19 08:45 . 2008-01-19 08:45 35176 c:\windows\system32\drivers\wdfldr.sys
+ 2010-07-26 18:19 . 2010-07-26 18:19 49152 c:\windows\Installer\{98B8052E-1E55-41D4-9A03-E2F718825D38}\UNINST_Uninstall_H_F85A07A03DD642CD8F8926416CB3167D.exe
+ 2010-07-26 18:19 . 2010-07-26 18:19 69632 c:\windows\Installer\{98B8052E-1E55-41D4-9A03-E2F718825D38}\NewShortcut1_55D26AACB9BA4EDA8D9FD26EA839517C.exe
+ 2010-07-26 18:19 . 2010-07-26 18:19 53248 c:\windows\Installer\{98B8052E-1E55-41D4-9A03-E2F718825D38}\ARPPRODUCTICON.exe
- 2008-02-28 15:04 . 2010-06-09 08:35 23040 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2008-02-28 15:04 . 2010-07-13 22:13 23040 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-02-28 15:04 . 2010-06-09 08:35 61440 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-02-28 15:04 . 2010-07-13 22:13 61440 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2008-02-28 15:04 . 2010-07-13 22:13 27136 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-02-28 15:04 . 2010-06-09 08:35 27136 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-02-28 15:04 . 2010-06-09 08:35 11264 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-02-28 15:04 . 2010-07-13 22:13 11264 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\mspicons.exe
- 2008-02-28 15:04 . 2010-06-09 08:35 86016 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-02-28 15:04 . 2010-07-13 22:13 86016 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2008-02-28 15:04 . 2010-07-13 22:13 12288 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-02-28 15:04 . 2010-06-09 08:35 12288 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\cagicon.exe
+ 2010-07-26 18:18 . 2010-07-26 18:18 49152 c:\windows\Installer\{6D6664A9-3342-4948-9B7E-034EFE366F0F}\UNINST_Uninstall_H_8AD6F64309CF42C693274CB5A3D89801.exe
+ 2010-07-26 18:18 . 2010-07-26 18:18 53248 c:\windows\Installer\{6D6664A9-3342-4948-9B7E-034EFE366F0F}\ARPPRODUCTICON.exe
+ 2008-02-28 15:04 . 2010-07-13 22:13 4096 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-02-28 15:04 . 2010-06-09 08:35 4096 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2007-10-29 12:00 . 2010-07-01 18:42 444236 c:\windows\system32\perfh009.dat
- 2007-10-29 12:00 . 2010-06-24 19:33 444236 c:\windows\system32\perfh009.dat
+ 2010-07-26 18:18 . 2009-02-24 22:38 101376 c:\windows\system32\DRVSTORE\htcdiag_6310A52758404E0C236AC6F66DAA6F671098B92C\htcdiag.sys
+ 2008-01-19 08:45 . 2008-01-19 08:45 503144 c:\windows\system32\drivers\wdf01000.sys
+ 2010-07-27 15:45 . 2010-07-27 15:45 248832 c:\windows\Installer\736aeff.msi
+ 2008-02-28 15:04 . 2010-07-13 22:13 409600 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-02-28 15:04 . 2010-06-09 08:35 409600 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\xlicons.exe
- 2008-02-28 15:04 . 2010-06-09 08:35 286720 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-02-28 15:04 . 2010-07-13 22:13 286720 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-02-28 15:04 . 2010-06-09 08:35 249856 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2008-02-28 15:04 . 2010-07-13 22:13 249856 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2008-02-28 15:04 . 2010-06-09 08:35 794624 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2008-02-28 15:04 . 2010-07-13 22:13 794624 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-02-28 15:04 . 2010-06-09 08:35 135168 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-02-28 15:04 . 2010-07-13 22:13 135168 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-02-28 15:04 . 2010-07-13 22:13 593920 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2008-02-28 15:04 . 2010-06-09 08:35 593920 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2007-04-19 12:01 . 2007-04-19 12:01 238424 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.8173\MSCDM.DLL
+ 2007-01-16 18:32 . 2007-01-16 18:32 136032 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.8173\MSAEXP30.DLL
+ 2007-04-19 11:54 . 2007-04-19 11:54 169312 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.8173\ACCWIZ.DLL
+ 2006-12-01 22:25 . 2006-12-01 22:25 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-01 22:25 . 2006-12-01 22:25 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2003-03-18 19:12 . 2003-03-18 19:12 1047552 c:\windows\system32\mfc71u.dll
+ 2003-03-18 19:20 . 2003-03-18 19:20 1060864 c:\windows\system32\mfc71.dll
+ 2010-07-26 18:18 . 2009-06-09 12:41 1122664 c:\windows\system32\DRVSTORE\androidusb_37A8286C369F341F26DD67AB5C901C070175B203\WdfCoInstaller01007.dll
+ 2010-06-11 15:55 . 2010-06-11 15:55 1827328 c:\windows\Installer\5c3271f.msp
+ 2010-06-30 20:52 . 2010-06-30 20:52 5522944 c:\windows\Installer\5c32705.msp
+ 2010-05-25 09:45 . 2010-05-25 09:45 8445440 c:\windows\Installer\5c326ef.msp
+ 2010-07-26 18:18 . 2010-07-26 18:18 8812544 c:\windows\Installer\29b77eb.msi
+ 2007-05-10 11:43 . 2007-05-10 11:43 6688096 c:\windows\Installer\$PatchCache$\Managed\5040110900063D11C8EF10054038389C\11.0.8173\MSACCESS.EXE
+ 2008-03-23 13:17 . 2010-07-02 19:39 34045896 c:\windows\system32\MRT.exe
+ 2010-06-11 15:52 . 2010-06-11 15:52 45542912 c:\windows\Installer\5c32720.msp
+ 2010-07-26 18:18 . 2010-07-26 18:18 26065920 c:\windows\Installer\29b77f2.msi
+ 2010-07-26 18:11 . 2010-07-26 18:11 41109228 c:\windows\Downloaded Installations\{C6969183-5CBE-45FD-B94E-693F48AAA73B}\HTC PC Suite.msi
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2006-10-01 139322]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2009-08-27 247144]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-11-09 2356088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-06-29 225280]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-07-03 7708672]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16270848]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-07-10 851968]
"ASUS Camera ScreenSaver"="c:\windows\ASScrProlog.exe" [2008-02-28 37232]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2008-02-28 33136]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2007-05-11 2512392]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-28 413696]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"TrustPortDiskProtectionWatchDog"="d:\trust\TrustPort Disk Protection\bin\TDWatch.exe" [2009-11-06 159576]
"TrustPortTray"="c:\program files\Common Files\TrustPort\Bin\tptray.exe" [2009-11-06 802648]
"Mobile Connectivity Suite"="c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" [2009-11-19 598016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Google Calendar Sync.lnk - c:\program files\Google\Google Calendar Sync\GoogleCalendarSync.exe [2008-10-2 546288]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\Acer\\ProjectorGateway\\AcerProjectorGateway.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 39347662;39347662 Boot Guard Driver;c:\windows\system32\drivers\39347662.sys [29.7.2010 00:06 37392]
R1 39347661;39347661;c:\windows\system32\drivers\39347661.sys [29.7.2010 00:06 128016]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 107256]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 22:03 660768]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 15:47 731840]
R2 EncDisk;EncDisk;d:\trust\TrustPort Disk Protection\Bin\EncDsk.sys [19.2.2010 17:50 55128]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\system32\StkCSrv.exe [28.2.2008 16:32 24576]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [27.8.2009 17:05 92008]
R2 tpsec;TrustPort Security Filter;c:\windows\system32\drivers\tpsec.sys [19.2.2010 17:50 20824]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [28.2.2008 16:32 1260672]
S2 gupdate1c993b08a607838;Služba Google Update (gupdate1c993b08a607838);c:\program files\Google\Update\GoogleUpdate.exe [21.2.2009 01:11 133104]
S3 Asushwio;Asushwio;c:\windows\system32\drivers\Asushwio.sys [28.2.2008 16:14 5824]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [26.7.2010 20:18 24576]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 11:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-07-23 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-05-20 17:17]

2010-07-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 15:57]

2010-07-29 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-20 14:46]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-20 23:11]

2010-07-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-20 23:11]

2010-07-29 c:\windows\Tasks\TrustPort Updater.job
- c:\program files\Common Files\TrustPort\bin\tpupdate.exe [2010-02-19 11:52]

2010-07-29 c:\windows\Tasks\User_Feed_Synchronization-{3607E8A8-277C-41D2-98FA-C4010CC5ACF3}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Settings,ProxyOverride = <local>;
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Přizpůsobit Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF Nástrojová lišta - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Uložit formuláře - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplnit formulář - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
FF - ProfilePath - c:\documents and settings\User\Data aplikací\Mozilla\Firefox\Profiles\pl525dbq.default\
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-30 00:39
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="C47115C00F37A67294E1E069447DBC9E43325C25AF6A5C4787445EF3424E9A1A886DF96F30077557D4AC4EDAC3FE4FE59177AB41FEFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B98088EDD5E5BE2F6E6675D575E7D6A3B98081CA1B2CDA8F31CF2891D97137C955418B1CF3ACCFA6DD8E457764F181E9B1A85704101BA33569B02AD4A8CE1A6890F668562DD2C5C468634DB26CF069A042E2632646DD989321C4B6C5AC907B317B16220BCE6B52A028796F78DA96B2AC96C7D2C44667A581EF270794BF0C20B2B12ACBDC0C5B7A583D14C1595BF4004E48C078FF2E0E3F0CAB7497072A6C4B549C8188329706EB0C120447C7DF67082628970EFCFD3CD4877C662CCF613346107B3AE7502E18E52C9EFA5DF55BB5D2863229BC6933A66F6F8BFFAF1D3E32BE08EF22D002B95BE353804C9CF04FBDA9799591F6F48144C3AB98885A2DA48B7A91FEC026F5B8F1AA942E2BCC4C32A2E98CF78472CCDE51772B6462B0BADF5DAD50A4AD3F71AD32E20AED3C29A20BC96176107111FD5374F2581674637C5A40B2335F7F9AF44EB80B058E8CE91FD2FC223BDD72F51669271FB3E1CE598ED12B3F29BA782900B660796AFF18CCA1100D6F0E9FB88305B886EC12857CE84C6FD314C4CCD2C7972552BB13686D6CE63B06A57FE4AB70BE32D2B688A5278B442ADD6D76824EBABD4CC4E0205FEC18A53C90A5428DE8A1782178185C7098D46AA6AE8E4A6A66ACEDCE743B146F912CB1255B6852619056B8DE1BDD055BAEEBA1A7F24E3D19805EC0DC24F88B9DB40C4A5DFE230CC1BDB86AF2E21A8BAEBAE77803EB36BC6FC4BF339012F78B148FA8F68FEF63C844D7A47E81FE00D186615C521FA3B36789E03B70B46919297A9A3260748CE34CA5900728A5C26A11C331D54168E50A06D0A226CFDBD980E642FCFE704D53BC9AD303EAFBB910DB18DA4F632C8557CADC010D7ADE315DB45A8CAC818B3C6004F53033B0DF66E272945CE065779B03E031E4604FAE1FC663887B18BDDC23E543E734A32798CA6F998318A619A3D8588694B85B9B46FAA3889375E4A47AC61E4B1D941914A1D71FD35D0F155BB7A3BC0D09B6B43A259D9437F05116A40C4DCD168E666FBB8210B21D7BBE5E059EDBE404AFA581DEE42C5ED064E48069D2F5D30488F7D485EE233C37D990B37FBA502D50B677275A69CB214AB874D6A96E61785D85C8C7FBD812D3AC6A7C9418B8777C2EDF2A2B33EB26405A2B7A897C63840504567DFE2BA6FC0CD79384D97554B9A3EEF4315EE8B212483C1F9A8C5AE47137E5D6406629E7239BCFCAF070E0AF9E57133133CF4485841C505FCDFDBAF87CDF49594D2A5932667B65F88A9A4C076D97A7E314C44139D0DF88B05A479924435"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1068)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(524)
c:\program files\Windows Media Player\wmpband.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-07-30 00:41:29
ComboFix-quarantined-files.txt 2010-07-29 22:41
ComboFix2.txt 2010-06-30 19:50
ComboFix3.txt 2010-06-23 14:51
ComboFix4.txt 2010-06-17 11:16
ComboFix5.txt 2010-07-29 22:34

Před spuštěním: 4.383.379.456
Po spuštění: 4.373.913.600

- - End Of File - - 4509A9DA159593EBF2F8D266148EE6A2

[Caroprd111]

Zkuste opravu pomocí WinXP Manager http://www.viry.cz/forum/viewtopic.php?f=46&t=17549

[Karel ZYKMUND]

WinXP Managerem nemohu nic opravit protoze mi v nabidce Optimizer uplne chybi volba system repair. Precetl jsem cely navod ale pro moje potreby bych pravdepodobne vyuzil jen opravu a ta tam jak na potvoru zrovna neni

Mam verzi v6.0.7 a v navodu popisuji mnohem starsi verzi. Treba to v te nove nejde a nebo je to schovane jinde. Jde nekde stahnout ta starsi verze? Jak postupovat dal?

[Caroprd111]

Máte instalační CD Vaší verze Windows