VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

nejde spustit HJT

https://forum.viry.cz:443/viewtopic.php?t=109662

Stránka 4 z 4

Re: nejde spustit HJT

Napsal: 20 úno 2011 22:02
od termat
Jojo, až kamaráda doženu, zeptám se ho, ale protože s nimi nebyl spokojen, předpokládám, že SW budu odinstalovávat:-)
Tady je nový RSIT log:


Logfile of random's system information tool 1.08 (written by random/random)
Run by Doma at 2011-02-20 22:00:47
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 76 GB (76%) free of 100 GB
Total RAM: 3071 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:00:50, on 20.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17095)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
c:\Program Files\IVA_Client\iva_control.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Doma\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Doma.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - :C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: ~Disabled
O9 - Extra button: Kniha klipů HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Chytrý výběr - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - :C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - :C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0288335562
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: iva_control - IT Development s.r.o. - c:\Program Files\IVA_Client\iva_control.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: uvnc_service - UltraVNC - c:\Program Files\IVA_Client\VNC\winvnc.exe

--
End of file - 7682 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - :C:\PROGRA~1\SPYBOT~1\SDHelper.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-02 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-02 149280]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-23 16804864]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-03-16 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-03-16 13670504]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2010-09-02 13351304]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
~Disabled

C:\Documents and Settings\Doma\Nabídka Start\Programy\Po spuštění
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-12-18 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Metin2_CZ\metin2client.bin"="C:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\TopCD\Cossacks\Cossacks - Napoleonic Wars\Data\engine.exe"="C:\Program Files\TopCD\Cossacks\Cossacks - Napoleonic Wars\Data\engine.exe:*:Disabled:Cossacks 2: Napoleonic Wars"
"C:\Program Files\TrackMania Nations ESWC Special Edition\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC Special Edition\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\Program Files\IVA_Client\Client_IVA.exe"="C:\Program Files\IVA_Client\Client_IVA.exe:*:Enabled:Klient systému IVA"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-02-20 19:12:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-02-20 19:12:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-02-20 19:12:35 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-02-20 19:12:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-02-20 19:12:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2011-02-20 19:12:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-02-20 19:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2011-02-20 19:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-02-20 19:12:10 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-02-20 19:12:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-02-20 19:12:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-02-20 19:11:57 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-02-20 19:11:53 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-02-20 19:11:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-02-20 19:11:43 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-02-20 19:11:39 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-02-20 19:11:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-02-20 19:11:30 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2011-02-20 19:11:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-02-20 19:11:13 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-02-20 19:11:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-02-20 19:11:04 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-02-20 19:11:00 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-02-20 19:10:55 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-02-20 19:10:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-02-20 19:10:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-02-20 19:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-02-20 19:10:36 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-02-20 19:10:32 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-02-20 19:10:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-02-20 19:10:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-02-20 19:10:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-02-20 19:10:13 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-02-20 19:10:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2011-02-20 19:10:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-02-20 19:09:59 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-02-20 19:09:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-02-20 19:09:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-02-20 19:09:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-02-20 19:09:42 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-02-20 19:09:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-02-20 19:09:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-02-20 19:09:15 ----D---- C:\rsit
2011-02-20 19:09:15 ----D---- C:\Program Files\trend micro
2011-02-20 19:08:48 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-02-20 19:08:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-02-20 19:07:04 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-02-20 19:06:59 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-02-20 19:06:56 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-02-20 19:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-02-20 19:06:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-02-20 19:06:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-02-20 19:06:41 ----A---- C:\WINDOWS\system32\wmpns.dll
2011-02-20 19:06:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-02-20 19:06:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-02-20 19:06:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-02-20 19:06:19 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-02-20 19:05:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-02-20 19:05:55 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-02-20 19:05:50 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-02-20 19:05:46 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-02-20 19:05:42 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-02-20 19:05:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-02-20 19:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-02-20 19:05:30 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-02-20 19:05:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-02-20 19:05:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-02-20 19:05:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2011-02-20 19:05:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-02-20 19:05:04 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-02-20 19:04:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-02-20 19:04:57 ----A---- C:\WINDOWS\imsins.BAK
2011-02-20 19:04:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-02-20 18:53:50 ----SHD---- C:\RECYCLER
2011-02-20 15:36:14 ----A---- C:\WINDOWS\system32\proquota.exe
2011-02-20 14:42:32 ----D---- C:\Documents and Settings\Doma\Data aplikací\Malwarebytes
2011-02-20 14:42:27 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-02-20 14:42:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-02-20 14:42:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-02-20 14:42:24 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-02-20 14:20:40 ----D---- C:\WINDOWS\temp
2011-02-20 14:18:16 ----RASHD---- C:\cmdcons
2011-02-20 13:45:17 ----N---- C:\WINDOWS\system32\browserchoice.exe
2011-02-20 09:24:43 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-02-20 09:24:43 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-02-20 09:24:42 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-02-20 09:24:42 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-02-20 09:24:41 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-02-20 09:24:41 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-02-20 09:24:41 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-02-20 09:24:34 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-02-20 09:24:32 ----D---- C:\Program Files\Alwil Software
2011-02-20 09:24:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2011-02-14 14:55:04 ----D---- C:\Program Files\IVA_Client
2011-02-08 12:31:39 ----A---- C:\debugfile.txt
2011-02-08 12:30:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\NovaTech Network
2011-02-08 12:28:29 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2011-02-08 12:28:29 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2011-02-08 12:28:28 ----D---- C:\WINDOWS\Logs

======List of files/folders modified in the last 1 months======

2011-02-20 21:59:32 ----SHD---- C:\WINDOWS\Installer
2011-02-20 21:59:32 ----D---- C:\Config.Msi
2011-02-20 21:59:03 ----D---- C:\WINDOWS\Prefetch
2011-02-20 21:58:51 ----D---- C:\Program Files\Microsoft Silverlight
2011-02-20 21:57:17 ----D---- C:\Documents and Settings\Doma\Data aplikací\OpenOffice.org2
2011-02-20 21:57:00 ----D---- C:\Program Files\Mozilla Firefox
2011-02-20 21:56:50 ----D---- C:\Documents and Settings\Doma\Data aplikací\Skype
2011-02-20 21:56:48 ----D---- C:\WINDOWS
2011-02-20 21:55:40 ----D---- C:\WINDOWS\system32
2011-02-20 21:55:40 ----D---- C:\WINDOWS\AppPatch
2011-02-20 21:54:51 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-20 21:54:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-20 19:12:49 ----HD---- C:\WINDOWS\inf
2011-02-20 19:12:48 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-02-20 19:12:44 ----HD---- C:\WINDOWS\$hf_mig$
2011-02-20 19:12:37 ----D---- C:\WINDOWS\system32\drivers
2011-02-20 19:12:28 ----D---- C:\WINDOWS\WinSxS
2011-02-20 19:09:29 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-02-20 19:09:15 ----RD---- C:\Program Files
2011-02-20 19:07:32 ----D---- C:\WINDOWS\Debug
2011-02-20 19:07:21 ----D---- C:\WINDOWS\system32\cs-cz
2011-02-20 19:07:21 ----D---- C:\Program Files\Internet Explorer
2011-02-20 19:07:13 ----D---- C:\WINDOWS\ie7updates
2011-02-20 19:06:01 ----D---- C:\Program Files\Outlook Express
2011-02-20 19:05:44 ----D---- C:\Program Files\Movie Maker
2011-02-20 18:57:11 ----D---- C:\WINDOWS\Minidump
2011-02-20 18:55:46 ----D---- C:\Program Files\CCleaner
2011-02-20 18:53:42 ----SHD---- C:\System Volume Information
2011-02-20 18:53:42 ----D---- C:\WINDOWS\system32\Restore
2011-02-20 18:43:51 ----A---- C:\WINDOWS\system.ini
2011-02-20 18:42:37 ----D---- C:\Program Files\Common Files
2011-02-20 15:41:06 ----D---- C:\WINDOWS\system32\config
2011-02-20 15:39:38 ----D---- C:\WINDOWS\system32\drivers\etc
2011-02-20 15:31:07 ----D---- C:\WINDOWS\Config
2011-02-20 14:18:20 ----RASH---- C:\boot.ini
2011-02-20 13:40:35 ----D---- C:\WINDOWS\Help
2011-02-20 13:36:22 ----D---- C:\WINDOWS\system
2011-02-20 10:38:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-02-20 09:51:59 ----D---- C:\WINDOWS\system32\wbem
2011-02-20 09:24:38 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-02-20 09:08:52 ----D---- C:\Documents and Settings\Doma\Data aplikací\skypePM
2011-02-08 12:28:30 ----D---- C:\WINDOWS\system32\DirectX
2011-02-04 17:34:02 ----A---- C:\WINDOWS\system32\MRT.exe
2011-01-21 15:44:07 ----A---- C:\WINDOWS\system32\shimgvw.dll
2011-01-21 15:44:07 ----A---- C:\WINDOWS\system32\shell32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-10-18 105472]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2010-04-08 168040]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-03-26 51200]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-03-13 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-12-18 2849280]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-07-24 4749824]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-07-06 234392]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-03-15 10232352]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
S3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-12-18 512000]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 iva_control;iva_control; c:\Program Files\IVA_Client\iva_control.exe [2010-01-06 36864]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-02 153376]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-06 136176]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-03-16 154216]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
S3 uvnc_service;uvnc_service; c:\Program Files\IVA_Client\VNC\winvnc.exe [2009-11-07 1581512]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Re: nejde spustit HJT

Napsal: 20 úno 2011 22:10
od motji
Že by mu špatně odvirovali počítač? :D

Byly to aktualizace, rootkit Vám je blokoval, lépe řečeno asi jim odříznul cestu, takže teď se na Vás nahrnuly :D

Ještě popřemýšlejte nad firewallem, já doporuučuji Zone alarm nebo Pc tools firewall, v sekci firewally je na něj pěkný návod.

A pokud nejsou problémy, je to vše :)

Re: nejde spustit HJT

Napsal: 20 úno 2011 22:15
od termat
Jojo, přesně tak, špatně odvirovali a těžce si to nechali zaplatit...:-(
To jsem se právě chtěla zeptat, jaký firewall doporučujete...Jeden z těch, které jste napsala si vyberu a nainstaluji....
Takže mnohokrát děkuji....jste úžasná...PC funguje...
uff, ale byla to dřina :-)
Každopádně jsem dlužník...
Přeji krásný zbytek večera...

Re: nejde spustit HJT

Napsal: 20 úno 2011 22:21
od motji
Oba jsou si docela podobné, zkuste klidně pc tools firewall, návod je zde http://www.viry.cz/forum/viewtopic.php?f=41&t=101985

Dřina to byla, protože se tam pořád objevoval nový rootkit, chtěla jsem to raději prověřit :) . Ale jste šikovná, zvládla jste to :happy: .

Není zač, ráda jsem Vám pomohla. kdyby byli problémy, tak se ozvěte.
Hezký večer :) .

A přečtěte si prosím sz :)

Re: nejde spustit HJT

Napsal: 20 úno 2011 22:23
od termat
:-) jojo, na ten PC Tools Firewall se podívám, ale až zítra....
Já to zvládla jen díky Vám..nechápu, jak to v tom rozsypaném čaji dokážete vidět:-)

Re: nejde spustit HJT

Napsal: 20 úno 2011 22:27
od motji
:D :D
Tak já už vím kde co mám hledat :)

Re: nejde spustit HJT

Napsal: 20 úno 2011 22:28
od termat
JO, JAKOU SZ myslíte? když kliknu na políčko SZ tak se tam objeví text celého příspěvku..u každého příspěvku je SZ...
už jsem asi mimo...ale fakt to nechápu:-)

Re: nejde spustit HJT

Napsal: 20 úno 2011 22:31
od motji
Uplně nahoře pod bannerem viry.cz, budete mít 1 přijatá zpráva :)

Re: nejde spustit HJT

Napsal: 20 úno 2011 22:37
od termat
už jsme to našla, je fakt pozdě:-) a už mi to nemyslí...
máte tam odpověď...

Re: nejde spustit HJT

Napsal: 20 úno 2011 22:46
od motji
Děkuji :)
Dobrou noc :)
Všechny časy jsou v UTC+01:00
Stránka 4 z 4

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz