Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
MilanoOOo
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 05 kvě 2009 19:44

Prosím o kontrolu logu

#1 Příspěvek od MilanoOOo »

pc nefunguje, z počátku hlásí chyby, nejde spustit internet, je strašně pomalý a skoro nic nešlape tak jak by mělo..byl problém udělat i log z RSIT..

Logfile of random's system information tool 1.06 (written by random/random)
Run by Milan at 2010-05-02 16:23:58
WIN_XP Service Pack 3
System drive C: has 9 GB (9%) free of 100 GB
Total RAM: 3326 MB (85% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:24:02, on 2.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
D:\DAEMON Tools Lite\daemon.exe
D:\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Steam\Steam.exe
D:\SEC\Natural Color Pro\NCProTray.exe
C:\Program Files\Hamachi\hamachi.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\Notepad.exe
C:\WINDOWS\system32\Notepad.exe
F:\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Milan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.speedapps.com/search.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100421174238.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PC Suite for Smartphones] "D:\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 3] "D:\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [RegistryMechanic] D:\Registry Mechanic\RegMech.exe /H
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\daemon.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe" (User '?')
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [Advanced SystemCare 3] "D:\IObit\Advanced SystemCare 3\AWC.exe" /startup (User '?')
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent (User '?')
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [RegistryMechanic] D:\Registry Mechanic\RegMech.exe /H (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-448539723-602609370-725345543-1004 Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe (User '?')
O4 - S-1-5-21-448539723-602609370-725345543-1004 Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe (User '?')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/re ... NPUpld.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Správa aplikací (AppMgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Zvuk systému Windows (AudioSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) (BITS) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Prohledávání počítačů (Browser) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Šifrování (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Spouštěč procesů serveru DCOM (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Klient DHCP (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Správce logických disků (dmserver) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Klient DNS (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Automatická konfigurace pevné sítě (Dot3svc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba EAP (Extensible Authentication Protocol) (EapHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Systém událostí modelu COM+ (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Kompatibilita pro rychlé přepínání uživatelů (FastUserSwitchingCompatibility) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Nápověda a odborná pomoc (helpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba Správa klíčů a certifikátů stavu (hkmsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Server (lanmanserver) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Pracovní stanice (lanmanworkstation) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Podpora rozhraní NetBIOS nad protokolem TCP/IP (LmHosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: Agent architektury NAP (Network Access Protection) (napagent) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Síťová připojení (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Sledování umístění v síti (NLA) (Nla) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Vyměnitelné úložiště (NtmsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Správce automatického připojení pomocí vzdáleného přístupu (RasAuto) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Správce vzdáleného přístupu (RasMan) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Vzdálené volání procedur (RPC) (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Plánovač úloh (Schedule) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Sekundární přihlašování (seclogon) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Oznamování systémových událostí (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Brána Firewall / Sdílení připojení k Internetu (ICS) (SharedAccess) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Rozpoznávání hardwaru (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba obnovení systému (srservice) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Služba rozpoznávání pomocí protokolu SSDP (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Načítání obrázků (WIA) (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Telefonní subsystém (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Terminálová služba (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Motivy (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Klient služby sledování distribuovaných propojení (TrkWks) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Hostitel zařízení UPnP (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Systémový čas (W32Time) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Webový klient (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Služba WMI (winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Centrum zabezpečení (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Automatická konfigurace bezdrátových zařízení (WZCSVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba pro síťová ustanovení (xmlprov) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

--
End of file - 18104 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\SLOW-PCfighter-Milan-Startup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-12-21 245272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-04-23 308856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100421174238.dll [2010-01-05 73288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-01 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelAudioStudio"=C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe [2006-08-02 9134080]
"RemoteControl"=C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2006-03-16 1397760]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"LGODDFU"=C:\Program Files\lg_fwupdate\fwupdate.exe [2010-02-05 557056]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-04-23 185896]
"PC Suite for Smartphones"=D:\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe [2007-12-25 548864]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-03-26 177472]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=D:\iTunes\iTunesHelper.exe [2009-04-02 342312]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-06-10 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2010-04-01 1180976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488]
"DAEMON Tools Lite"=D:\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"mRouterConfig"=C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe [2006-03-02 290816]
"Advanced SystemCare 3"=D:\IObit\Advanced SystemCare 3\AWC.exe [2009-02-22 2272592]
"Steam"=C:\Program Files\Steam\Steam.exe [2010-02-20 1217872]
"RegistryMechanic"=D:\Registry Mechanic\RegMech.exe [2009-11-25 3176408]

C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - D:\Microsoft Office\Office10\OSA.EXE
NCProTray.lnk - D:\SEC\Natural Color Pro\NCProTray.exe

C:\Documents and Settings\Milan\Nabídka Start\Programy\Po spuštění
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe
OpenOffice.org 2.0.lnk - C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeTextCAutoLog"=
"LegalNoticeCaptionCAutoLog"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Electronic Arts\Need for Speed Carbon\NFSC.exe"="D:\Electronic Arts\Need for Speed Carbon\NFSC.exe:*:Enabled:NFSC"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"D:\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="D:\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.1"
"C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe"="C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe:*:Enabled:mRouterRuntime Module"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Activision\Call of Duty - World at War\CoDWaW.exe"="D:\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"D:\Activision\Call of Duty - World at War\CoDWaWmp.exe"="D:\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"D:\Far Cry 2\bin\FarCry2.exe"="D:\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"D:\Far Cry 2\bin\FC2Launcher.exe"="D:\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"D:\Far Cry 2\bin\FC2Editor.exe"="D:\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"D:\Call of duty 4\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Call of duty 4\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\iTunes\iTunes.exe"="D:\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Sony Ericsson\Update Service\Update Service.exe"="D:\Sony Ericsson\Update Service\Update Service.exe:*:Enabled:Update Service"
"C:\Documents and Settings\Milan\Plocha\Strong DC++\StrongDC.exe"="C:\Documents and Settings\Milan\Plocha\Strong DC++\StrongDC.exe:*:Enabled:StrongDC++"
"D:\Electronic Arts\Red Alert 3\Data\ra3_1.0.game"="D:\Electronic Arts\Red Alert 3\Data\ra3_1.0.game:*:Enabled:Command & Conquer™ Red Alert™ 3"
"D:\Battlefield2\BF2.exe"="D:\Battlefield2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Dirt2\dirt2_game.exe"="D:\Dirt2\dirt2_game.exe:*:Enabled:DiRT2"
"D:\OF Dragon Rising\OFDR.exe"="D:\OF Dragon Rising\OFDR.exe:*:Enabled:OF Dragon Rising"
"D:\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe"="D:\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (CLI)"
"D:\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe"="D:\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Call of Pripyat (SRV)"
"C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe"="C:\Program Files\Steam\SteamApps\common\empire total war\Empire.exe:*:Enabled:Empire: Total War"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe"="C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======File associations======

.txt - open - Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-05-02 16:22:24 ----D---- C:\rsit
2010-05-02 16:11:19 ----A---- C:\ComboFix.txt
2010-05-02 16:05:47 ----A---- C:\WINDOWS\zip.exe
2010-05-02 16:05:47 ----A---- C:\WINDOWS\vFind.exe
2010-05-02 16:05:47 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-05-02 16:05:47 ----A---- C:\WINDOWS\SWSC.exe
2010-05-02 16:05:47 ----A---- C:\WINDOWS\SWREG.exe
2010-05-02 16:05:47 ----A---- C:\WINDOWS\sed.exe
2010-05-02 16:05:47 ----A---- C:\WINDOWS\NIRCMD.exe
2010-05-02 16:05:47 ----A---- C:\WINDOWS\grep.exe
2010-05-02 16:05:39 ----D---- C:\ComboFix
2010-05-02 16:04:33 ----D---- C:\Qoobox
2010-04-17 16:33:20 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-16 22:41:50 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-16 22:41:40 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-16 22:38:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-16 22:38:41 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-16 22:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-16 22:38:06 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-08 15:04:57 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Real

======List of files/folders modified in the last 1 months======

2010-05-02 16:19:11 ----D---- C:\WINDOWS\system32
2010-05-02 16:11:21 ----D---- C:\WINDOWS\system32\drivers
2010-05-02 16:07:00 ----D---- C:\WINDOWS
2010-05-02 16:07:00 ----A---- C:\WINDOWS\system.ini
2010-05-02 16:06:39 ----D---- C:\WINDOWS\Temp
2010-05-02 16:04:18 ----D---- C:\Program Files\Steam
2010-05-02 16:03:25 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
2010-05-02 16:03:11 ----D---- C:\Documents and Settings\Milan\Data aplikací\OpenOffice.org2
2010-05-02 16:03:03 ----D---- C:\Documents and Settings\Milan\Data aplikací\Hamachi
2010-05-02 16:02:47 ----A---- C:\WINDOWS\lgfwup.ini
2010-05-02 16:02:38 ----D---- C:\Program Files\lg_fwupdate
2010-04-21 17:48:35 ----D---- C:\Program Files\McAfee
2010-04-21 17:48:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\McAfee
2010-04-21 17:48:11 ----D---- C:\Program Files\Common Files\McAfee
2010-04-21 17:45:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-21 17:44:39 ----HD---- C:\WINDOWS\inf
2010-04-21 17:42:16 ----SD---- C:\WINDOWS\Tasks
2010-04-21 17:41:54 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-16 22:42:10 ----SHD---- C:\WINDOWS\Installer
2010-04-16 22:42:10 ----SHD---- C:\Config.Msi
2010-04-16 22:41:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-16 22:41:46 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-16 22:41:44 ----A---- C:\WINDOWS\imsins.BAK
2010-04-10 21:42:11 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-04-09 19:41:39 ----D---- C:\Documents and Settings\Milan\Data aplikací\gtk-2.0
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-05 20:06:25 ----D---- C:\Documents and Settings\Milan\Data aplikací\Skype
2010-04-05 19:33:03 ----D---- C:\Documents and Settings\Milan\Data aplikací\skypePM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2005-10-18 11008]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-03-16 28672]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 mfetdi2k;McAfee Inc. mfetdi2k; C:\WINDOWS\system32\drivers\mfetdi2k.sys [2010-01-05 82952]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2006-07-19 230400]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-10-28 25280]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2006-07-29 43392]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2010-01-05 95568]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2010-01-05 152320]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2010-01-05 51688]
R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2010-01-05 312584]
R3 mfendiskmp;mfendiskmp; C:\WINDOWS\system32\DRIVERS\mfendisk.sys [2010-01-05 88480]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-06-10 8087712]
R3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-12-02 41728]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-07-27 1171464]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\WINDOWS\system32\DRIVERS\zebrceb.sys [2008-01-15 63360]
R4 catchme;catchme; \??\C:\DOCUME~1\Milan\LOCALS~1\Temp\catchme.sys []
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys []
S1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys []
S1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys []
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys []
S1 NCPro;NCPro; C:\WINDOWS\system32\drivers\MTictwl.sys []
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys []
S2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys []
S3 a7ctk6kr;a7ctk6kr; C:\WINDOWS\system32\drivers\a7ctk6kr.sys []
S3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2010-01-05 55456]
S3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys []
S3 mfeavfk01;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk01.sys []
S3 mfendisk;McAfee Core NDIS Intermediate Filter; C:\WINDOWS\system32\DRIVERS\mfendisk.sys [2010-01-05 88480]
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2010-01-05 83496]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-03-26 36864]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 zebrbus;Sony Ericsson Composite Device driver; C:\WINDOWS\system32\DRIVERS\zebrbus.sys [2008-01-15 83200]
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\WINDOWS\system32\DRIVERS\zebrmdfl.sys [2008-01-15 14848]
S3 zebrmdm;Sony Ericsson Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdm.sys [2008-01-15 109568]
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\WINDOWS\system32\DRIVERS\zebrmdmc.sys [2008-01-15 109568]
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\WINDOWS\system32\DRIVERS\zebrsce.sys [2008-01-15 91264]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2005-10-18 241152]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-01 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-02-17 73728]
R2 McShield;McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2010-01-05 170144]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-01-05 188136]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-01-05 141792]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-06-10 168004]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-02-20 66872]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]
S2 McMPFSvc;McAfee Personal Firewall; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2009-12-14 271480]
S2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2009-12-14 271480]
S2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2009-12-14 271480]
S2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2009-12-14 271480]
S2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2009-12-14 271480]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
S2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2009-12-14 271480]
S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2010-03-10 364216]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119408
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#2 Příspěvek od Rudy »

Dnes jste dělal sken ComboFix. Dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
MilanoOOo
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 05 kvě 2009 19:44

Re: Prosím o kontrolu logu

#3 Příspěvek od MilanoOOo »

ComboFix 09-05-05.02 - Milan 02.05.2010 16:06.8 - NTFSx86
Spuštěný z: c:\documents and settings\Milan\Plocha\Viry&čistící\ComboFix.exe
* Resident AV is active

.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-04-02 do 2010-05-02 )))))))))))))))))))))))))))))))
.

2010-04-21 15:42 . 2010-01-05 16:04 9344 ----a-w c:\windows\system32\drivers\mfeclnk.sys
2010-04-21 15:42 . 2010-01-05 16:04 82952 ----a-w c:\windows\system32\drivers\mfetdi2k.sys
2010-04-21 15:42 . 2010-01-05 16:04 88480 ----a-w c:\windows\system32\drivers\mfendisk.sys
2010-04-21 15:42 . 2010-01-05 16:04 83496 ----a-w c:\windows\system32\drivers\mferkdet.sys
2010-04-21 15:42 . 2010-01-05 16:04 385536 ----a-w c:\windows\system32\drivers\mfehidk.sys
2010-04-21 15:42 . 2010-01-05 16:04 312584 ----a-w c:\windows\system32\drivers\mfefirek.sys
2010-04-21 15:42 . 2010-01-05 16:04 51688 ----a-w c:\windows\system32\drivers\mfebopk.sys
2010-04-21 15:42 . 2010-01-05 16:04 152320 ----a-w c:\windows\system32\drivers\mfeavfk.sys
2010-04-21 15:42 . 2010-01-05 16:04 95568 ----a-w c:\windows\system32\drivers\mfeapfk.sys
2010-04-21 15:42 . 2010-01-05 16:04 55456 ----a-w c:\windows\system32\drivers\cfwids.sys
2010-04-17 14:33 . 2010-02-12 10:03 293376 ------w c:\windows\system32\browserchoice.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-02 14:04 . 2010-01-12 14:58 -------- d-----w c:\program files\Steam
2010-05-02 14:02 . 2008-02-23 15:15 -------- d-----w c:\program files\lg_fwupdate
2010-04-21 15:48 . 2009-08-03 15:34 -------- d-----w c:\program files\McAfee
2010-04-21 15:48 . 2009-08-03 15:34 -------- d-----w c:\program files\Common Files\McAfee
2010-04-10 19:42 . 2008-07-08 16:35 139280 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2010-04-10 19:42 . 2008-07-08 16:35 202000 ----a-w c:\windows\system32\PnkBstrB.exe
2010-04-01 10:41 . 2007-05-03 17:50 -------- d-----w c:\program files\Common Files\Java
2010-04-01 10:41 . 2008-12-13 17:28 411368 ----a-w c:\windows\system32\deploytk.dll
2010-04-01 10:40 . 2006-03-02 12:00 78456 ----a-w c:\windows\system32\perfc005.dat
2010-04-01 10:40 . 2006-03-02 12:00 429954 ----a-w c:\windows\system32\perfh005.dat
2010-03-25 20:02 . 2010-03-25 20:02 -------- d-----w c:\program files\GIMP-2.0
2010-03-10 06:17 . 2006-03-02 12:00 420352 ----a-w c:\windows\system32\vbscript.dll
2010-02-25 06:18 . 2006-03-02 12:00 916480 ----a-w c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2006-03-02 12:00 455680 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2010-02-20 20:43 . 2008-07-08 16:35 66872 ----a-w c:\windows\system32\PnkBstrA.exe
2010-02-16 19:08 . 2006-03-02 12:00 2148352 ----a-w c:\windows\system32\ntoskrnl.exe
2010-02-16 19:08 . 2004-08-17 15:45 2026496 ----a-w c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:35 . 2006-03-02 12:00 100864 ----a-w c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2006-03-02 12:00 226880 ----a-w c:\windows\system32\drivers\tcpip6.sys
2010-02-05 18:57 . 2008-02-23 15:15 16384 -c--a-w c:\windows\system32\lgfwunis.exe
2010-01-05 16:04 . 2010-04-21 15:42 24376 ----a-w c:\program files\mozilla firefox\components\Scriptff.dll
.

------- Sigcheck -------

[-] 2005-03-02 18:21 577024 3EF380290CE2CA8598E475CEAC4ADB13 c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2007-03-08 15:51 578048 5393076FDCD6DAEB82814688DDE3E9A2 c:\windows\$hf_mig$\KB925902\SP2QFE\user32.dll
[-] 2007-03-08 15:38 577536 43240B12D220F30C7C75EA69B2E806B0 c:\windows\$NtServicePackUninstall$\user32.dll
[-] 2006-03-02 12:00 577024 1B4CCC59980DA34E75F20E42B283B027 c:\windows\$NtUninstallKB890859$\user32.dll
[-] 2005-03-02 18:18 577024 9267BC598E271BC3FA69F36CF1C8BD36 c:\windows\$NtUninstallKB925902$\user32.dll
[-] 2008-04-14 03:22 578560 E16E0990967374E76F3E40CACAFD3D53 c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 03:22 578560 E16E0990967374E76F3E40CACAFD3D53 c:\windows\system32\user32.dll

[-] 2006-03-02 12:00 82944 382E9B87F1282E697C67AF84E34E35E2 c:\windows\$NtServicePackUninstall$\ws2_32.dll
[-] 2008-04-14 03:22 82432 951D473917C51F21496D914CF6E5DDD1 c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 03:22 82432 951D473917C51F21496D914CF6E5DDD1 c:\windows\system32\ws2_32.dll

[-] 2007-10-10 23:41 825344 3C48D8EFA3FFA68F7AEAAAFFAB6B9CB3 c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
[-] 2007-12-07 00:48 667136 B29C19B8D0A01D408229D07972EC8001 c:\windows\$hf_mig$\KB944533\SP2QFE\wininet.dll
[-] 2007-12-07 01:59 825344 32CC73F851F377B035A5B8216CAC63CE c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
[-] 2008-03-01 12:35 827392 46A1A52EB6C86344C6EBF65B17404C90 c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
[-] 2008-04-23 04:21 827392 03727BB0DE4D4902F951D3BD7D0AC4FE c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
[-] 2008-06-23 15:41 827904 57BE3F6CA8282AC863C16862C1B65964 c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[-] 2008-08-26 09:12 827904 A74381B8D7024B2D8BB5691A93F825B8 c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[-] 2008-10-16 19:49 827904 A72D6CC0F715D415003478294C4ECB2A c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[-] 2008-12-20 23:48 827904 A039CE5F34BF98760F877B29E5A1D4CD c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[-] 2009-03-03 00:16 828416 3D7B87D8102C41BABBE5922B5275AA7C c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[-] 2009-05-13 05:09 915456 0C20BF283DE5BA50060240383B8AA41C c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[-] 2009-07-03 17:02 915456 0B1AA91DFEDB1298FF7D93EBA45F8DB5 c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[-] 2009-08-29 07:51 916480 F658908845F3EB727FEF4769ED0E52FE c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 07:38 916480 4941ADD731725AF468342E42B71F776C c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-12-21 19:02 916480 9256DA4AEE5E2C20FC6C126BDBC11997 c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2010-02-25 06:12 919040 2E6504E28C7E0F753F68731861A94214 c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2006-03-02 12:00 657408 50D263E3454E8357D13BB598129185AD c:\windows\$NtUninstallKB944533$\wininet.dll
[-] 2007-12-07 01:08 660480 3801B44AA92CE4F929254E8E2D3EA149 c:\windows\ie7\wininet.dll
[-] 2007-08-13 17:54 818688 A4A0FC92358F39538A6494C42EF99FE9 c:\windows\ie7updates\KB942615-IE7\wininet.dll
[-] 2007-10-10 23:50 824832 C543CC3D7A05FB0D23107C89115811A0 c:\windows\ie7updates\KB944533-IE7\wininet.dll
[-] 2007-12-07 02:14 824832 E9B04B01D5A1ECC47B2E4364D171CF23 c:\windows\ie7updates\KB947864-IE7\wininet.dll
[-] 2008-03-01 13:02 826368 4B0D8A282E0BEF3E52B8B6449D8473DD c:\windows\ie7updates\KB950759-IE7\wininet.dll
[-] 2008-04-23 04:16 826368 B2F04AA876DC2E15B59B509DE727F415 c:\windows\ie7updates\KB953838-IE7\wininet.dll
[-] 2008-06-23 16:42 826368 01EF5E10F55A5AE4D49C93C25879921E c:\windows\ie7updates\KB956390-IE7\wininet.dll
[-] 2008-08-26 08:27 826368 0930F57122FF74739E3684D0016877F1 c:\windows\ie7updates\KB958215-IE7\wininet.dll
[-] 2008-10-16 20:33 826368 84801E4617B5AFB065DD58438850587D c:\windows\ie7updates\KB961260-IE7\wininet.dll
[-] 2008-12-20 23:03 826368 793DA751C812EFC3C6786BBD3B8489A8 c:\windows\ie7updates\KB963027-IE7\wininet.dll
[-] 2009-03-03 00:14 826368 BA2611F55D9AE29554008ADBC49D7664 c:\windows\ie8\wininet.dll
[-] 2009-03-08 02:34 914944 6CE32F7778061CCC5814D5E0F282D369 c:\windows\ie8updates\KB969897-IE8\wininet.dll
[-] 2009-05-13 05:05 915456 9122013C5668D967C4AE7F52252898DE c:\windows\ie8updates\KB972260-IE8\wininet.dll
[-] 2009-07-03 16:59 915456 FCD887F2BA15CD8D95F8D70766D42739 c:\windows\ie8updates\KB974455-IE8\wininet.dll
[-] 2009-08-29 07:58 916480 37CFE7928711C8157CF4D191F0EF5F69 c:\windows\ie8updates\KB976325-IE8\wininet.dll
[-] 2009-10-29 07:43 916480 F651D2A69B7037D6063BC697CF296D8C c:\windows\ie8updates\KB978207-IE8\wininet.dll
[-] 2009-12-21 19:08 916480 75A4A1378971D84FF6A7D766F4A7BC59 c:\windows\ie8updates\KB980182-IE8\wininet.dll
[-] 2008-04-14 03:22 667136 3FE5E65A7ED9EC98AEE9167CA07812D3 c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2007-10-10 23:50 824832 C543CC3D7A05FB0D23107C89115811A0 c:\windows\SoftwareDistribution\Download\1b2d1e82f1d52f1e15e78edb3a426c24\SP2GDR\wininet.dll
[-] 2007-10-10 23:41 825344 3C48D8EFA3FFA68F7AEAAAFFAB6B9CB3 c:\windows\SoftwareDistribution\Download\1b2d1e82f1d52f1e15e78edb3a426c24\SP2QFE\wininet.dll
[-] 2010-02-25 06:18 916480 4A4C190879347A0064731F39610F1F72 c:\windows\system32\wininet.dll
[-] 2010-02-25 06:18 916480 4A4C190879347A0064731F39610F1F72 c:\windows\system32\dllcache\wininet.dll

[-] 2007-10-30 16:53 360832 64798ECFA43D78C7178375FCDD16D8C8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[-] 2008-06-20 10:44 360960 744E57C99232201AE98C49168B918F48 c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 11:59 361600 AD978A1B783B5719720CFF204B666C8E c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 10:45 360320 2A5554FC5B1E04E131230E3CE035C3F9 c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2006-03-02 12:00 359040 9F4B36614A0FC234525BA224957DE55C c:\windows\$NtUninstallKB941644$\tcpip.sys
[-] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2007-10-30 17:20 360064 90CAFF4B094573449A0872A0F919B178 c:\windows\$NtUninstallKB951748_0$\tcpip.sys
[-] 2008-04-13 19:20 361344 93EA8D04EC73A85DB02EB8805988F733 c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 11:51 361600 9AEFA14BD6B182D61E3119FA5F436D3D c:\windows\system32\drivers\tcpip.sys

[-] 2006-03-02 12:00 502272 221C29AE1B4CC61D11D8B27DE78B2307 c:\windows\$NtServicePackUninstall$\winlogon.exe
[-] 2008-04-14 03:22 507904 CDDB1F8E1AEA356F3AD106F2CF9B7FEA c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 03:22 507904 CDDB1F8E1AEA356F3AD106F2CF9B7FEA c:\windows\system32\winlogon.exe

[-] 2006-03-02 12:00 182912 558635D3AF1C7546D26067D5D9B6959E c:\windows\$NtServicePackUninstall$\ndis.sys
[-] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 19:20 182656 1DF7F42665C94B825322FAE71721130D c:\windows\system32\drivers\ndis.sys

[-] 2006-03-02 12:00 29056 4448006B6BC60E6C027932CFC38D6855 c:\windows\$NtServicePackUninstall$\ip6fw.sys
[-] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 18:53 36608 3BB22519A194418D5FEC05D800A19AD0 c:\windows\system32\drivers\ip6fw.sys

[-] 2005-03-02 18:14 2059008 9355304DD565E23F8EE294720B2C03E5 c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2007-02-28 16:09 2061568 A873FF1754E2A81CB1A34588CAB363D6 c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 11:19 2068352 FF8A3F180A224AA27EBAB937CA027F4D c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-08-14 17:26 2068224 5495B7902AE2EEE3A98D889E9A679724 c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 20:53 2068352 97815C93200676C727CE951AE5C78137 c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-12-10 04:03 2068352 58516936F00D10D4B615C458A8A4AB71 c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntkrnlpa.exe
[-] 2010-02-16 19:02 2069120 DCC3D91A3DEDBBA9ECFFA6028D872CF5 c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2007-02-28 16:04 2017792 93E37139768C04883A21E3DF05508043 c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[-] 2006-03-02 12:00 2017280 7715EDDD01EDFEF9EF335D29C6DFE212 c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe
[-] 2005-03-02 18:08 2017280 D6C6C7C38AB140251BAF5392B50F2FB6 c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe
[-] 2008-08-14 13:26 2025984 6045C7424106CCA4C9970C7230BD6253 c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-04-14 02:36 2025984 9F12E026DC0B0C43F521114EFB3A3ACC c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe
[-] 2009-02-09 11:26 2025984 6DD6966FA0FF770A3E5545875557C7F1 c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2009-08-04 17:29 2025984 C50A3A3C9724135FFBD9CB31355F9341 c:\windows\$NtUninstallKB977165-v2$\ntkrnlpa.exe
[-] 2009-12-09 10:11 2025984 B2CEA3C57AA8230C7BCC0B2AF35EC55A c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2010-02-16 19:09 2068992 6C31566C176BC28C7D73BC6332642A58 c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2008-04-14 02:36 2067968 4DEE41C45E803DB91A72FD1BA69C05EE c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2010-02-16 19:34 2060544 27DE458FE1E1A618836ADB61873BC9E8 c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntkrnlpa.exe
[-] 2010-02-17 12:26 2065920 7F87EDF3C7C626D336533D2580940A00 c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntkrnlpa.exe
[-] 2010-02-16 19:09 2068992 6C31566C176BC28C7D73BC6332642A58 c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 19:02 2069120 DCC3D91A3DEDBBA9ECFFA6028D872CF5 c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntkrnlpa.exe
[-] 2010-02-16 19:08 2026496 D46E1BB887F3340430D10DA536FE79E1 c:\windows\system32\ntkrnlpa.exe
[-] 2010-02-16 19:09 2068992 6C31566C176BC28C7D73BC6332642A58 c:\windows\system32\dllcache\ntkrnlpa.exe

[-] 2005-03-02 18:14 2181632 7FABE135EAC02A4BC8094B831ADC0CC3 c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2007-02-28 16:09 2184320 D40B4F66D877802EC5E655B91B5490FA c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
[-] 2009-02-10 17:18 2191360 97480EBFE1D4B547657BAD75AAAB1325 c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2008-08-14 17:26 2191360 2BCBCE27A946C057051A85CB032F49FF c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 17:23 2191488 3502DBBC657001D7A2A2768BD7DE1483 c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-12-10 04:03 2191488 7782F11AE957B736585870CD2671227B c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntoskrnl.exe
[-] 2010-02-16 19:02 2192256 6B2312D847BA95F4E858CB4C3B5F51E1 c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2007-02-28 16:04 2138112 9D657D9DF25593A930D29E6922354C75 c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[-] 2006-03-02 12:00 2150400 84FEF6BE553ACC66729F5D4113F53310 c:\windows\$NtUninstallKB890859$\ntoskrnl.exe
[-] 2005-03-02 18:08 2137600 A97A571360EEEE9D1443A155D6B70CF8 c:\windows\$NtUninstallKB931784$\ntoskrnl.exe
[-] 2008-08-14 13:26 2147328 FFEB7726951F6D2859DF12FBC51F0188 c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-04-14 02:36 2147328 27C7A7AED8A477F6A0C7D3AD00AB9419 c:\windows\$NtUninstallKB956841$\ntoskrnl.exe
[-] 2009-02-09 11:26 2147328 6499BF91CF62B4319D6ED7E99D0B6998 c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2009-08-04 17:29 2147328 3742270B8C90A97A0BDD25DED1201AA9 c:\windows\$NtUninstallKB977165-v2$\ntoskrnl.exe
[-] 2009-12-09 10:11 2147328 07A58A2A4460A4B7A58E0920F4CFA729 c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2010-02-17 12:09 2192128 4E8268B816B2D27E711A688D6FD0E319 c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2008-04-14 02:37 2191104 C1536014AC1CB1D5397E31D9735E6571 c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2010-02-16 19:34 2183552 F24D47F956B2527F8771E38AFE750743 c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntoskrnl.exe
[-] 2010-02-16 19:26 2189056 AEDD2FE6BEC6FB4E3B25DB1E15C97560 c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntoskrnl.exe
[-] 2010-02-17 12:09 2192128 4E8268B816B2D27E711A688D6FD0E319 c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntoskrnl.exe
[-] 2010-02-16 19:02 2192256 6B2312D847BA95F4E858CB4C3B5F51E1 c:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntoskrnl.exe
[-] 2010-02-16 19:08 2148352 CD79AD67BF88021BB60B2602D1947FB3 c:\windows\system32\ntoskrnl.exe
[-] 2010-02-17 12:09 2192128 4E8268B816B2D27E711A688D6FD0E319 c:\windows\system32\dllcache\ntoskrnl.exe

[-] 2008-04-14 03:22 1034240 27AFD587C462E280EE046B8CCA3C2CD1 c:\windows\explorer.exe
[-] 2007-06-13 13:11 1033728 9B32416BD5988C97B6397CE0B02CAF97 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2007-06-13 13:23 1033728 ED7B460B142A32097B8A8F6ECC941815 c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2006-03-02 12:00 1032704 53114D57AB73A406AC7F602227781A99 c:\windows\$NtUninstallKB938828$\explorer.exe
[-] 2008-04-14 03:22 1034240 27AFD587C462E280EE046B8CCA3C2CD1 c:\windows\ServicePackFiles\i386\explorer.exe

[-] 2009-02-09 11:18 111104 3D107D45CCFDB266E91D84B52CD7F430 c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2006-03-02 12:00 108544 6E401E61F952FBBF708AFBECEFAFAE81 c:\windows\$NtServicePackUninstall$\services.exe
[-] 2008-04-14 03:22 108544 F0D2AE69035092BF22DAD6B50FAB85C2 c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 03:22 108544 F0D2AE69035092BF22DAD6B50FAB85C2 c:\windows\ServicePackFiles\i386\services.exe
[-] 2009-02-09 11:25 111104 9EF697AF07BB8DD82C3B02CA953A95B7 c:\windows\system32\services.exe
[-] 2009-02-09 11:25 111104 9EF697AF07BB8DD82C3B02CA953A95B7 c:\windows\system32\dllcache\services.exe

[-] 2006-03-02 12:00 13312 82A362FE1D4980B71B588D9C10748511 c:\windows\$NtServicePackUninstall$\lsass.exe
[-] 2008-04-14 03:22 13312 ED0A176354487CEED65B80A7148AB739 c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 03:22 13312 ED0A176354487CEED65B80A7148AB739 c:\windows\system32\lsass.exe

[-] 2006-03-02 12:00 15360 A5BAA91475167161DEA02BA3C4CA4F59 c:\windows\$NtServicePackUninstall$\ctfmon.exe
[-] 2008-04-14 03:22 15360 A756B8F0F7BAFBA6DFE39F7D169F2519 c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 03:22 15360 A756B8F0F7BAFBA6DFE39F7D169F2519 c:\windows\system32\ctfmon.exe

[-] 2005-06-11 00:17 57856 AD3D9D191AEA7B5445FE1D82FFBB4788 c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 23:53 57856 DA81EC57ACD4CDC3D4C51CF3D409AF9F c:\windows\$NtServicePackUninstall$\spoolsv.exe
[-] 2006-03-02 12:00 57856 21B6FAA88044A41640E03EBB68BE93E8 c:\windows\$NtUninstallKB896423$\spoolsv.exe
[-] 2008-04-14 03:22 57856 CB1090BCA0E7B40D0B5B4E4D66531809 c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2008-04-14 03:22 57856 CB1090BCA0E7B40D0B5B4E4D66531809 c:\windows\system32\spoolsv.exe

[-] 2006-03-02 12:00 24576 836F7960362FF95C5D49E40B891F2CFC c:\windows\$NtServicePackUninstall$\userinit.exe
[-] 2008-04-14 03:22 26112 7DC1830F22E7D275B438127B68030239 c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 03:22 26112 7DC1830F22E7D275B438127B68030239 c:\windows\system32\userinit.exe

[-] 2006-03-02 12:00 295936 2F5919F2F6EE7A845893D9C3AA2BC56A c:\windows\$NtServicePackUninstall$\termsrv.dll
[-] 2008-04-14 03:22 295936 A75DD6FC3DBEE4FFF5EBC9F2C28BB66E c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 03:22 295936 A75DD6FC3DBEE4FFF5EBC9F2C28BB66E c:\windows\system32\termsrv.dll

[-] 2007-04-16 16:11 984576 2B33979FDE5D1B9293ADB025F323B0D9 c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2009-03-21 14:03 990208 0D8F61460F84139BBE5E391D8DE18D9A c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2007-04-16 15:54 983040 C23A84D7AB99678B2F1A52080280E4ED c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2006-03-02 12:00 982016 98DA079F61265BC26D4587E280B79F30 c:\windows\$NtUninstallKB935839$\kernel32.dll
[-] 2008-04-14 03:21 988160 FD91CD95A1C663DF54DD371CC8A234DE c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 03:21 988160 FD91CD95A1C663DF54DD371CC8A234DE c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2009-03-21 14:09 988160 545C653E8FE241CA6200798AA94FE5C7 c:\windows\system32\kernel32.dll
[-] 2009-03-21 14:09 988160 545C653E8FE241CA6200798AA94FE5C7 c:\windows\system32\dllcache\kernel32.dll

[-] 2006-03-02 12:00 17408 134B95A1D8FAFD74A68E4B2116DEFA7D c:\windows\$NtServicePackUninstall$\powrprof.dll
[-] 2008-04-14 03:21 17408 9FA69781CAA7A1DA981A24F240A61A60 c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 03:21 17408 9FA69781CAA7A1DA981A24F240A61A60 c:\windows\system32\powrprof.dll

[-] 2006-03-02 12:00 110080 2413635113361E54B62F0C40E4E4DAE6 c:\windows\$NtServicePackUninstall$\imm32.dll
[-] 2008-04-14 03:21 110080 6C60CA8AC7470AC01CFD3D24C7283CD1 c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 03:21 110080 6C60CA8AC7470AC01CFD3D24C7283CD1 c:\windows\system32\imm32.dll

[-] 2006-03-02 12:00 1548288 5CA2E2BA624D6F2C7A581C91E70394CB c:\windows\$NtServicePackUninstall$\sfcfiles.dll
[-] 2008-04-14 03:21 1571840 56A6034E7764E23D9114223EB3523925 c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 03:21 1571840 56A6034E7764E23D9114223EB3523925 c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 2097488]
"DAEMON Tools Lite"="d:\daemon tools lite\daemon.exe" [2008-07-24 490952]
"mRouterConfig"="c:\program files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe" [2006-03-02 290816]
"Advanced SystemCare 3"="d:\iobit\Advanced SystemCare 3\AWC.exe" [2009-02-22 2272592]
"Steam"="c:\program files\Steam\Steam.exe" [2010-02-20 1217872]
"RegistryMechanic"="d:\registry mechanic\RegMech.exe" [2009-11-25 3176408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2006-08-02 9134080]
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2006-03-16 1397760]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2010-02-05 557056]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-23 185896]
"PC Suite for Smartphones"="d:\sony ericsson\Mobile4\Application Launcher\Application Launcher.exe" [2007-12-25 548864]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-03-26 177472]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="d:\itunes\iTunesHelper.exe" [2009-04-02 342312]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-10 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-10 13758464]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-04-01 1180976]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-06-10 1657376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"d:\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Intuwave\\Shared\\mRouterRuntime\\mRouterRuntime.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"d:\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"d:\\Far Cry 2\\bin\\FarCry2.exe"=
"d:\\Far Cry 2\\bin\\FC2Launcher.exe"=
"d:\\Far Cry 2\\bin\\FC2Editor.exe"=
"d:\\Call of duty 4\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\iTunes\\iTunes.exe"=
"d:\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Documents and Settings\\Milan\\Plocha\\Strong DC++\\StrongDC.exe"=
"d:\\Electronic Arts\\Red Alert 3\\Data\\ra3_1.0.game"=
"d:\\Battlefield2\\BF2.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Dirt2\\dirt2_game.exe"=
"d:\\OF Dragon Rising\\OFDR.exe"=
"d:\\GSC World Publishing\\S.T.A.L.K.E.R. - Call of Pripyat\\bin\\xrEngine.exe"=
"d:\\GSC World Publishing\\S.T.A.L.K.E.R. - Call of Pripyat\\bin\\dedicated\\xrEngine.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\empire total war\\Empire.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56943:TCP"= 56943:TCP:Pando P2P TCP Listening Port
"56943:UDP"= 56943:UDP:Pando P2P UDP Listening Port

R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R1 aswSP;avast! Self Protection; [x]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]
R2 McMPFSvc;McAfee Personal Firewall;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2009-12-14 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2009-12-14 271480]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2010-01-05 55456]
R3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\DRIVERS\mfendisk.sys [2010-01-05 88480]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-01-05 83496]
S1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2010-01-05 82952]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-01-05 188136]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-01-05 141792]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2010-01-05 312584]
S3 mfendiskmp;mfendiskmp;c:\windows\system32\DRIVERS\mfendisk.sys [2010-01-05 88480]
S3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\DRIVERS\psched.sys [2008-04-13 69120]


--- Ostatní služby/ovladače v paměti ---

*Deregistered* - AFD
*Deregistered* - Apple Mobile Device
*Deregistered* - Arp1394
*Deregistered* - asuskbnt
*Deregistered* - ATKKeyboardService
*Deregistered* - audstub
*Deregistered* - Beep
*Deregistered* - Bonjour Service
*Deregistered* - Cdfs
*Deregistered* - EIO
*Deregistered* - Fips
*Deregistered* - FltMgr
*Deregistered* - Ftdisk
*Deregistered* - Gpc
*Deregistered* - hamachi
*Deregistered* - InCDfs
*Deregistered* - InCDsrv
*Deregistered* - IpNat
*Deregistered* - IPSec
*Deregistered* - JavaQuickStarterService
*Deregistered* - KSecDD
*Deregistered* - LightScribeService
*Deregistered* - McShield
*Deregistered* - mfeapfk
*Deregistered* - mfeavfk
*Deregistered* - mfeavfk01
*Deregistered* - mfebopk
*Deregistered* - mfefire
*Deregistered* - mfefirek
*Deregistered* - mfehidk
*Deregistered* - mfendiskmp
*Deregistered* - mfetdi2k
*Deregistered* - mfevtp
*Deregistered* - mnmdd
*Deregistered* - MountMgr
*Deregistered* - MRxDAV
*Deregistered* - MRxSmb
*Deregistered* - Msfs
*Deregistered* - mssmbios
*Deregistered* - Mup
*Deregistered* - NDIS
*Deregistered* - NdisTapi
*Deregistered* - Ndisuio
*Deregistered* - NdisWan
*Deregistered* - NDProxy
*Deregistered* - NetBIOS
*Deregistered* - NetBT
*Deregistered* - Npfs
*Deregistered* - Ntfs
*Deregistered* - Null
*Deregistered* - NVSvc
*Deregistered* - PartMgr
*Deregistered* - ParVdm
*Deregistered* - PnkBstrA
*Deregistered* - PptpMiniport
*Deregistered* - prodrv06
*Deregistered* - prohlp02
*Deregistered* - prosync1
*Deregistered* - PSched
*Deregistered* - RasAcd
*Deregistered* - Rasl2tp
*Deregistered* - RasPppoe
*Deregistered* - Raspti
*Deregistered* - Rdbss
*Deregistered* - RDPCDD
*Deregistered* - sfdrv01
*Deregistered* - sfhlp01
*Deregistered* - sfhlp02
*Deregistered* - sfng32
*Deregistered* - sptd
*Deregistered* - sr
*Deregistered* - swenum
*Deregistered* - Tcpip
*Deregistered* - TermDD
*Deregistered* - Update
*Deregistered* - VgaSave
*Deregistered* - VolSnap
*Deregistered* - Wanarp
*Deregistered* - zebrceb

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'

2010-04-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 10:34]

2010-04-21 c:\windows\Tasks\SLOW-PCfighter-Milan-Startup.job
- d:\fighters\SLOW-PCfighter\SLOW-PCfighter.exe [2010-03-18 15:41]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.speedapps.com/search.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
FF - ProfilePath -

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-02 16:06
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-448539723-602609370-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:87,8f,8f,75,58,33,1e,a4,50,f5,34,bf,28,d9,58,9a,2d,28,44,13,8e,a4,49,
78,01,0f,cf,f9,88,de,87,ee,f4,62,61,51,b6,ce,16,fc,39,11,d0,1a,ff,ec,8d,ec,\
"??"=hex:56,89,38,c4,0b,65,fc,b7,b2,29,c2,6c,bb,d9,91,a2

[HKEY_USERS\S-1-5-21-448539723-602609370-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:ac,04,4e,5b,c4,18,68,64,e3,1a,2b,13,28,5a,c8,3d,de,d1,0f,f7,38,
72,74,35,ff,74,5a,17,f5,c4,3e,26,0b,3b,46,9e,e0,94,8b,f7,e0,a5,b5,31,24,51,\
"rkeysecu"=hex:0e,94,e2,46,63,a1,d7,55,a8,b8,20,09,1e,e3,37,47
.
Celkový čas: 2010-05-02 16:11
ComboFix-quarantined-files.txt 2010-05-02 14:11

Před spuštěním: 9 134 526 464
Po spuštění: 9 140 326 400

417 --- E O F --- 2010-04-17 15:30
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119408
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#4 Příspěvek od Rudy »

Stáhněte nový CF a proveďte nový sken. Tento má omezenou funkčnost.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
MilanoOOo
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 05 kvě 2009 19:44

Re: Prosím o kontrolu logu

#5 Příspěvek od MilanoOOo »

bohužel nic jiného mi nejde vytvořit..

na druhem PC mi nefunguje internet kvuli viru, nefunguje mi ani spouštění některých souborů, ani když si hodim na flashku nový CF tak mi to ani nejde přetáhnout(ani přes ctrl v ani pravym kopírovat, prostě nic)

sem odkázanej jenom na to co už v pc je nebo co spustim na flashce..
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119408
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#6 Příspěvek od Rudy »

Zkuste tedy sken antivirem a smažte, či nechte vyléčit vše, co půjde.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
MilanoOOo
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 05 kvě 2009 19:44

Re: Prosím o kontrolu logu

#7 Příspěvek od MilanoOOo »

ten se mi taky nespustí..je ještě nějaká jiná možnost?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119408
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#8 Příspěvek od Rudy »

Je. Dát disk do jiného kompu jako druhý a primárně ho vyčistit tamním antivirem. Potom teprve zkusit zopakovat postupy s již zmíněnými utilitami.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
MilanoOOo
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 05 kvě 2009 19:44

Re: Prosím o kontrolu logu

#9 Příspěvek od MilanoOOo »

nestačil by hijack?ten mi funguje..
Nahoru
MilanoOOo
Návštěvník
Návštěvník
Příspěvky: 58
Registrován: 05 kvě 2009 19:44

Re: Prosím o kontrolu logu

#10 Příspěvek od MilanoOOo »

kdyžtak tady je log..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:00:16, on 7.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\DAEMON Tools Lite\daemon.exe
D:\IObit\Advanced SystemCare 3\AWC.exe
D:\SEC\Natural Color Pro\NCProTray.exe
C:\Program Files\Hamachi\hamachi.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Documents and Settings\Milan\Plocha\Viry&čistící\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.speedapps.com/search.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100421174238.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" TRAY
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PC Suite for Smartphones] "D:\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 3] "D:\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [RegistryMechanic] D:\Registry Mechanic\RegMech.exe /H
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\daemon.exe" -autorun (User '?')
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe" (User '?')
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [Advanced SystemCare 3] "D:\IObit\Advanced SystemCare 3\AWC.exe" /startup (User '?')
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent (User '?')
O4 - HKUS\S-1-5-21-448539723-602609370-725345543-1004\..\Run: [RegistryMechanic] D:\Registry Mechanic\RegMech.exe /H (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-448539723-602609370-725345543-1004 Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe (User '?')
O4 - S-1-5-21-448539723-602609370-725345543-1004 Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe (User '?')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/re ... NPUpld.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx1.hotmail.com/mail/w4/pr01/ph ... NPUpld.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Správa aplikací (AppMgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Zvuk systému Windows (AudioSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba inteligentního přenosu na pozadí (BITS) (BITS) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Prohledávání počítačů (Browser) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Šifrování (CryptSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Spouštěč procesů serveru DCOM (DcomLaunch) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Klient DHCP (Dhcp) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Správce logických disků (dmserver) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Klient DNS (Dnscache) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Automatická konfigurace pevné sítě (Dot3svc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba EAP (Extensible Authentication Protocol) (EapHost) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Systém událostí modelu COM+ (EventSystem) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Kompatibilita pro rychlé přepínání uživatelů (FastUserSwitchingCompatibility) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Nápověda a odborná pomoc (helpsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba Správa klíčů a certifikátů stavu (hkmsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Server (lanmanserver) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Pracovní stanice (lanmanworkstation) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Podpora rozhraní NetBIOS nad protokolem TCP/IP (LmHosts) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: Agent architektury NAP (Network Access Protection) (napagent) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Síťová připojení (Netman) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Sledování umístění v síti (NLA) (Nla) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Vyměnitelné úložiště (NtmsSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Správce automatického připojení pomocí vzdáleného přístupu (RasAuto) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Správce vzdáleného přístupu (RasMan) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Vzdálené volání procedur (RPC) (RpcSs) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Plánovač úloh (Schedule) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Sekundární přihlašování (seclogon) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Oznamování systémových událostí (SENS) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Brána Firewall / Sdílení připojení k Internetu (ICS) (SharedAccess) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Rozpoznávání hardwaru (ShellHWDetection) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba obnovení systému (srservice) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Služba rozpoznávání pomocí protokolu SSDP (SSDPSRV) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Načítání obrázků (WIA) (stisvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Telefonní subsystém (TapiSrv) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Terminálová služba (TermService) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Motivy (Themes) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Klient služby sledování distribuovaných propojení (TrkWks) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Hostitel zařízení UPnP (upnphost) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Systémový čas (W32Time) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Webový klient (WebClient) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Služba WMI (winmgmt) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Centrum zabezpečení (wscsvc) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Automatické aktualizace (wuauserv) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - C:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Automatická konfigurace bezdrátových zařízení (WZCSVC) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)
O23 - Service: Služba pro síťová ustanovení (xmlprov) - Unknown owner - C:\WINDOWS\System32\svchost.exe (file missing)

--
End of file - 18212 bytes
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119408
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#11 Příspěvek od Rudy »

HijackThis je v tomto případě absolutně k ničemu. Kromě několika zbytečností v registry neukázal nic. Zde ho už nepoužíváme ani k přehledovému testování.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“