Počítač občas zamrzá. Není prevtivně nějaký problém v SW ?
Zde je základní log.
Logfile of random's system information tool 1.07 (written by random/random)
Run by milan at 2010-06-22 21:45:11
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 8 GB (12%) free of 66 GB
Total RAM: 767 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:45:33, on 22.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\FixCamera.exe
D:\WINDOWS\system32\rundll32.exe
C:\ComplexWebServer\bin\ServiceDirect.exe
D:\WINDOWS\tsnp325.exe
D:\WINDOWS\vsnp325.exe
D:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
D:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\Program Files\ABBYY FineReader 5.0\CAgent.exe
D:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
D:\WINDOWS\system32\atiptaxx.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\Program Files\pdfforge Toolbar\SearchSettings.exe
D:\Program Files\Messenger\msmsgs.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\TomTom HOME 2\HOMERunner.exe
D:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\devldr32.exe
D:\Program Files\Application Updater\ApplicationUpdater.exe
C:\ComplexWebServer\apache\bin\apache.exe
C:\ComplexWebServer\mysql\bin\mysqld.exe
D:\Program Files\Java\jre6\bin\jqs.exe
C:\ComplexWebServer\apache\bin\apache.exe
D:\Program Files\Spyware Terminator\sp_rsser.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Documents and Settings\milan\Local Settings\Temporary Internet Files\Content.IE5\RW3T92U0\RSIT[1].exe
D:\Program Files\trend micro\milan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=proxy@hitech.cz:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - D:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - D:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - D:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - D:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [FixCamera] D:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb02.exe
O4 - HKLM\..\Run: [ComplexWebServer] "C:\ComplexWebServer\bin\ServiceDirect.exe" /RUNHIDE /CONF="C:\ComplexWebServer\bin\ServiceDirect.conf"
O4 - HKLM\..\Run: [tsnp325] D:\WINDOWS\tsnp325.exe
O4 - HKLM\..\Run: [snp325] D:\WINDOWS\vsnp325.exe
O4 - HKLM\..\Run: [DataLayer] D:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [hpqSRMon] D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ABBYY Community Agent] D:\Program Files\ABBYY FineReader 5.0\CAgent.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SearchSettings] D:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "D:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "D:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [swg] "D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - D:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 3993650883
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3993638796
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\System32\browseui.dll
O23 - Service: Application Updater - Spigot, Inc. - D:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CWS_Apache_80 - Apache Software Foundation - C:\ComplexWebServer\apache\bin\apache.exe
O23 - Service: CWS_MySQL_3306 - Unknown owner - C:\ComplexWebServer\mysql\bin\mysqld.exe
O23 - Service: Google Software Updater (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Sukoku Service - Unknown owner - D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku119.exe
--
End of file - 9819 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\Driver Robot.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - D:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2010-01-16 764912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - D:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-31 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
D:\Program Files\pdfforge Toolbar\SearchSettings.dll [2010-01-08 1109504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-31 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - D:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2010-01-08 700416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"=D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-04-14 2176512]
"RemoteControl"=D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2004-11-02 32768]
"NeroFilterCheck"=D:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"FixCamera"=D:\WINDOWS\FixCamera.exe [2007-02-12 20480]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"HPDJ Taskbar Utility"=D:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb02.exe [2001-04-11 192512]
"ComplexWebServer"=C:\ComplexWebServer\bin\ServiceDirect.exe [2006-09-17 686080]
"tsnp325"=D:\WINDOWS\tsnp325.exe [2007-04-21 270336]
"snp325"=D:\WINDOWS\vsnp325.exe [2007-04-25 835584]
"DataLayer"=D:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE [2004-05-06 1159168]
"PCSuiteTrayApplication"=D:\PROGRA~1\Nokia\NOKIAP~1\TRAYAP~1.EXE [2004-03-23 147968]
"hpqSRMon"=D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"HP Software Update"=D:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []
"ABBYY Community Agent"=D:\Program Files\ABBYY FineReader 5.0\CAgent.exe [2002-03-20 253952]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"AtiPTA"=D:\WINDOWS\system32\atiptaxx.exe [2000-08-31 180224]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2010-01-31 149280]
"KernelFaultCheck"=D:\WINDOWS\system32\dumprep 0 -k []
"SearchSettings"=D:\Program Files\pdfforge Toolbar\SearchSettings.exe [2010-01-08 974848]
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
""= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"NBJ"=D:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2006-02-10 2048000]
"TomTomHOME.exe"=D:\Program Files\TomTom HOME 2\HOMERunner.exe [2008-12-09 234856]
"SpywareTerminatorUpdate"=D:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-01-16 3037696]
"swg"=D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-04-12 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
D:\WINDOWS\system32\WgaLogon.dll [2009-02-12 190976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\WINDOWS\system32\dpvsetup.exe"="D:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"D:\Program Files\Metin2_TESTER\metin2.bin"="D:\Program Files\Metin2_TESTER\metin2.bin:*:Enabled:metin2"
"D:\Bluetooh\Btoes_V2.54\Spylite.exe"="D:\Bluetooh\Btoes_V2.54\Spylite.exe:*:Enabled:WIDCOMM BTServer Spy"
"C:\ComplexWebServer\apache\bin\Apache.exe"="C:\ComplexWebServer\apache\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"D:\Program Files\IBM\Lotus\Symphony\framework\rcp\eclipse\plugins\com.ibm.rcp.jcl.desktop.win32.x86_6.2.0.200805061024\jre\bin\expeditorw.exe"="D:\Program Files\IBM\Lotus\Symphony\framework\rcp\eclipse\plugins\com.ibm.rcp.jcl.desktop.win32.x86_6.2.0.200805061024\jre\bin\expeditorw.exe:*:Enabled:Lotus Expeditor"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"D:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="D:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"D:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="D:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"D:\Program Files\HP\HP Software Update\HPWUCli.exe"="D:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
"D:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="D:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Disabled:Crawler Spyware Terminator"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="D:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"D:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="D:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqpse.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="D:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"D:\Program Files\HP\HP Software Update\HPWUCli.exe"="D:\Program Files\HP\HP Software Update\HPWUCli.exe:*:Enabled:hpwucli.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08b04271-3959-11dd-bb25-806d6172696f}]
shell\AutoRun\command - W:\atisetup.exe
shell\launch\command - W:\atisetup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{51b54451-fa90-11de-9a88-000c76482b72}]
shell\AutoRun\command - H:\InstallTomTomHOME.exe
======List of files/folders created in the last 1 months======
2010-06-22 21:45:14 ----D---- D:\Program Files\trend micro
2010-06-22 21:45:11 ----D---- D:\rsit
2010-06-09 23:20:11 ----HDC---- D:\WINDOWS\$NtUninstallKB980218$
2010-06-09 23:16:42 ----HDC---- D:\WINDOWS\$NtUninstallKB980195$
2010-06-09 23:14:58 ----HDC---- D:\WINDOWS\$NtUninstallKB979559$
2010-06-09 23:10:17 ----HDC---- D:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-09 23:10:11 ----HDC---- D:\WINDOWS\$NtUninstallKB979482$
2010-06-09 23:09:51 ----HDC---- D:\WINDOWS\$NtUninstallKB975562$
2010-05-27 08:44:50 ----D---- D:\WINDOWS\pss
2010-05-27 00:54:36 ----A---- D:\WINDOWS\imsins.BAK
2010-05-27 00:54:28 ----HDC---- D:\WINDOWS\$NtUninstallKB981793$
======List of files/folders modified in the last 1 months======
2010-06-22 21:45:14 ----D---- D:\Program Files
2010-06-22 21:45:04 ----D---- D:\WINDOWS\Prefetch
2010-06-22 21:12:26 ----A---- D:\WINDOWS\WTRAN32.INI
2010-06-22 20:14:05 ----D---- D:\Program Files\Spyware Terminator
2010-06-22 20:14:05 ----D---- D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Spyware Terminator
2010-06-22 18:54:09 ----D---- D:\WINDOWS\Temp
2010-06-22 06:37:18 ----D---- D:\WINDOWS\system32\CatRoot2
2010-06-21 22:24:25 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-06-21 20:27:52 ----D---- D:\Documents and Settings\milan\Data aplikací\Spyware Terminator
2010-06-17 15:38:14 ----D---- D:\Documents and Settings
2010-06-17 12:56:04 ----D---- D:\WINDOWS\system32
2010-06-17 08:14:29 ----D---- D:\WINDOWS
2010-06-11 06:17:45 ----SHD---- D:\WINDOWS\Installer
2010-06-11 06:17:44 ----HD---- D:\Config.Msi
2010-06-10 09:43:51 ----D---- D:\WINDOWS\Microsoft.NET
2010-06-10 09:43:38 ----RSD---- D:\WINDOWS\assembly
2010-06-10 08:01:15 ----D---- D:\WINDOWS\system32\wbem
2010-06-10 08:01:14 ----AC---- D:\WINDOWS\system32\PerfStringBackup.INI
2010-06-09 23:20:16 ----HD---- D:\WINDOWS\inf
2010-06-09 23:20:13 ----RSHDC---- D:\WINDOWS\system32\dllcache
2010-06-09 23:18:25 ----A---- D:\WINDOWS\win.ini
2010-06-09 23:16:41 ----HD---- D:\WINDOWS\$hf_mig$
2010-06-09 23:14:41 ----D---- D:\Program Files\Internet Explorer
2010-06-09 23:14:25 ----D---- D:\WINDOWS\ie8updates
2010-06-09 23:10:44 ----D---- D:\WINDOWS\Debug
2010-06-09 23:06:40 ----D---- D:\WINDOWS\WinSxS
2010-05-30 20:35:37 ----D---- D:\WINDOWS\network diagnostic
2010-05-28 21:37:34 ----AC---- D:\WINDOWS\system32\MRT.exe
2010-05-24 09:15:39 ----A---- D:\rapport.txt
2010-05-24 08:39:44 ----A---- D:\WINDOWS\system32\tmp.txt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\D:\WINDOWS\System32\drivers\sp_rsdrv2.sys []
R1 StarOpen;StarOpen; D:\WINDOWS\system32\drivers\StarOpen.sys [2009-07-26 5632]
R2 Aspi32;Aspi32; D:\WINDOWS\System32\drivers\aspi32.sys [2001-11-30 15360]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; D:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; D:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; D:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 Arp1394;Protokol 1394 ARP Client; D:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; D:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 atinrvxx;ATI WDM Rage Theater Video; D:\WINDOWS\System32\DRIVERS\atinrvxx.sys [2004-08-04 105984]
R3 ATITUNEP;ATI WDM TV Tuner; D:\WINDOWS\System32\DRIVERS\atintuxx.sys [2004-08-04 78336]
R3 ativraxx;ATI WDM Rage Theater Audio; D:\WINDOWS\System32\DRIVERS\atinraxx.sys [2004-08-04 53760]
R3 ATIXSAudio;ATI WDM TV Audio Crossbar; D:\WINDOWS\System32\DRIVERS\atinxsxx.sys [2004-08-04 64512]
R3 BthEnum;Ovladač pro Bluetooth Request Block; D:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
R3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; D:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
R3 BthPan;Bluetooth Device (Personal Area Network); D:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; D:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
R3 ctljystk;Game port pro zařízení Creative SB Live!; D:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); D:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); D:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 MVDCODEC;ATI WDM Specialized MVD Codec; D:\WINDOWS\System32\DRIVERS\atinmdxx.sys [2004-08-04 13824]
R3 NIC1394;1394 Net Driver; D:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); D:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
R3 sfman;Creative SoundFont Manager Driver (WDM); D:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; D:\WINDOWS\System32\DRIVERS\sisnic.sys [2008-04-13 32768]
R3 TTDec;ATI WDM Teletext Decoder; D:\WINDOWS\System32\DRIVERS\ATINTTXX.sys [2004-08-04 13824]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; D:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; D:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; D:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 BTHPORT;Ovladač portu Bluetooth; D:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; D:\WINDOWS\System32\Drivers\btwusb.sys []
S3 catchme;catchme; \??\D:\DOCUME~1\milan\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hamachi;Hamachi Network Interface; D:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-09-27 25280]
S3 hidgame;Microsoft Hid to Joystick Port Enabler; D:\WINDOWS\system32\DRIVERS\hidgame.sys [2001-08-17 8576]
S3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SNP325;USB PC Camera (SNPSTD325); D:\WINDOWS\system32\DRIVERS\snp325.sys [2007-04-26 10343168]
S3 snpmi03;VideoCAM NB 300; D:\WINDOWS\system32\DRIVERS\snpmi03.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); D:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; D:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; D:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 streamip;BDA IPSink; D:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Application Updater;Application Updater; D:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928]
R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;Bluetooth Support Service; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 CWS_Apache_80;CWS_Apache_80; C:\ComplexWebServer\apache\bin\apache.exe [2005-10-09 20541]
R2 CWS_MySQL_3306;CWS_MySQL_3306; C:\ComplexWebServer\mysql\bin\mysqld.exe [2008-11-15 6447744]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2010-01-31 153376]
R2 NwSapAgent;Agent SAP; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; D:\Program Files\Spyware Terminator\sp_rsser.exe [2010-04-14 488960]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 Sukoku Service;Sukoku Service; D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku119.exe [2009-09-22 54760]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-04 182768]
S3 hpqcxs08;hpqcxs08; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Dík za odpověď.
Milan
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
vycisti PC s MBAM - log vloz
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu
Díky moc, že jste se mě ujal.Tak to je ten mazec.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4228
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
23.6.2010 13:29:14
mbam-log-2010-06-23 (13-29-14).txt
Scan type: Quick scan
Objects scanned: 220520
Time elapsed: 42 minute(s), 7 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 12
Files Infected: 74
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sukoku (Adware.Zwangi) -> No action taken.
HKEY_CLASSES_ROOT\cmvideo.xmldomdocumenteventssink.1 (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku (Adware.Zwangi) -> No action taken.
D:\Program Files\DoubleD (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050 (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins (Adware.DoubleD) -> No action taken.
D:\Program Files\Sukoku (Adware.Zwangi) -> No action taken.
D:\Program Files\System Search Dispatcher (Adware.DoubleD) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010 (Adware.DoubleD) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data (Adware.DoubleD) -> No action taken.
Files Infected:
D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku114.exe (Adware.Zwangi) -> No action taken.
D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku119.exe (Adware.Zwangi) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\01c9eb2893468d1fba80553d2b75bd30.gif (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\867b44b1158783875052f103c3a2f11a.gif (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\bc83ac54dd36e7479704363c8fbd7e43.gif (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\c14631dd1d688aa0ae8e9c9dd396c653.gif (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\default1.dat (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\loading.dat (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\loading.gif (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_DailyVideo.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Game.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Logo.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Option.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Search.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Wallpaper.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Web.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\pixel.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\ProductInfo.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\profile.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\SearchEngineList.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\tbcore.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\ToolbarLayout.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\UpdateCentre.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\UpdateCentreBk.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\About.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Component_ComboBox.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Game.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Logo.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Option.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Search.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Smiley.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Web.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDefault.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnOption.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin1.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin2.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin3.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin4.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\TellafriendSkin.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\ToastSkin.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\Sukoku\sukoku.exe (Adware.Zwangi) -> No action taken.
D:\Program Files\Sukoku\uninstall.exe (Adware.Zwangi) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010\unins000.dat (Adware.DoubleD) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010\unins000.exe (Adware.DoubleD) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data\eacore.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4228
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
23.6.2010 13:29:14
mbam-log-2010-06-23 (13-29-14).txt
Scan type: Quick scan
Objects scanned: 220520
Time elapsed: 42 minute(s), 7 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 12
Files Infected: 74
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sukoku (Adware.Zwangi) -> No action taken.
HKEY_CLASSES_ROOT\cmvideo.xmldomdocumenteventssink.1 (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku (Adware.Zwangi) -> No action taken.
D:\Program Files\DoubleD (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050 (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins (Adware.DoubleD) -> No action taken.
D:\Program Files\Sukoku (Adware.Zwangi) -> No action taken.
D:\Program Files\System Search Dispatcher (Adware.DoubleD) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010 (Adware.DoubleD) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data (Adware.DoubleD) -> No action taken.
Files Infected:
D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku114.exe (Adware.Zwangi) -> No action taken.
D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku119.exe (Adware.Zwangi) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\01c9eb2893468d1fba80553d2b75bd30.gif (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\867b44b1158783875052f103c3a2f11a.gif (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\bc83ac54dd36e7479704363c8fbd7e43.gif (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\c14631dd1d688aa0ae8e9c9dd396c653.gif (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\default1.dat (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\loading.dat (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\loading.gif (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_DailyVideo.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Game.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Logo.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Option.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Search.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Wallpaper.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Web.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\pixel.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\ProductInfo.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\profile.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\SearchEngineList.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\tbcore.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\ToolbarLayout.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\UpdateCentre.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\UpdateCentreBk.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\About.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Component_ComboBox.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Game.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Logo.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Option.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Search.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Smiley.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Web.mg (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDefault.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnOption.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink.png (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin1.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin2.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin3.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin4.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\TellafriendSkin.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\ToastSkin.skf (Adware.DoubleD) -> No action taken.
D:\Program Files\Sukoku\sukoku.exe (Adware.Zwangi) -> No action taken.
D:\Program Files\Sukoku\uninstall.exe (Adware.Zwangi) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010\unins000.dat (Adware.DoubleD) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010\unins000.exe (Adware.DoubleD) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data\eacore.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data\URLDynamic.mx (Adware.DoubleD) -> No action taken.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data\URLStatic.mx (Adware.DoubleD) -> No action taken.
Re: Prosím o kontrolu logu
Dobrý večer 
Záskok za kolegu
Co našel mbam smažte a udělejte uplný sken. Pak napište, jak to vypadá s počítačem.
Záskok za kolegu
Co našel mbam smažte a udělejte uplný sken. Pak napište, jak to vypadá s počítačem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu logu
Moc děkuji po včerejším denním skenování vypadá výsledek takto.
Přestal mě fungovat MS Office Word .Počkám co řeknete.
Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org
Database version: 4228
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
24.6.2010 7:02:43
mbam-log-2010-06-24 (07-02-43).txt
Scan type: Quick scan
Objects scanned: 217809
Time elapsed: 29 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 12
Files Infected: 74
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sukoku (Adware.Zwangi) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cmvideo.xmldomdocumenteventssink.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku (Adware.Zwangi) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050 (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\Sukoku (Adware.Zwangi) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010 (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
Files Infected:
D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku114.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku119.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\01c9eb2893468d1fba80553d2b75bd30.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\867b44b1158783875052f103c3a2f11a.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\bc83ac54dd36e7479704363c8fbd7e43.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\c14631dd1d688aa0ae8e9c9dd396c653.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Game.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Web.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Game.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Smiley.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Web.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDefault.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnOption.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\TellafriendSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\ToastSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\Sukoku\sukoku.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
D:\Program Files\Sukoku\uninstall.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
Přestal mě fungovat MS Office Word .Počkám co řeknete.
Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org
Database version: 4228
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
24.6.2010 7:02:43
mbam-log-2010-06-24 (07-02-43).txt
Scan type: Quick scan
Objects scanned: 217809
Time elapsed: 29 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 12
Files Infected: 74
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sukoku (Adware.Zwangi) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cmvideo.xmldomdocumenteventssink.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku (Adware.Zwangi) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050 (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\Sukoku (Adware.Zwangi) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010 (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
Files Infected:
D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku114.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
D:\Documents and Settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku119.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\01c9eb2893468d1fba80553d2b75bd30.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\867b44b1158783875052f103c3a2f11a.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\bc83ac54dd36e7479704363c8fbd7e43.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\c14631dd1d688aa0ae8e9c9dd396c653.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Game.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\Module_Web.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Game.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Smiley.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\Module_Web.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDefault.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnOption.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink.png (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\TellafriendSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\DoubleD\JuicyAccess Toolbar\4.2.4.23050\Skins\ToastSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\Sukoku\sukoku.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
D:\Program Files\Sukoku\uninstall.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
D:\Program Files\System Search Dispatcher\1.4.1.1010\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
Re: Prosím o kontrolu logu
To ale není uplný sken? Ten office Vám přestal jít po skenu mbamem?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu logu
Nevím zcela jistě, v kterém okamžiku, ale praděpodobně se mi podařilo smazat 3 zavirované soubory,které program vyhledal.
Log jsem udělal až po smazání. Počítač byl na konci skenu zamrzlý takže se velmi špatně ovládal. Snad jsem moc nezbabral.
Log jsem udělal až po smazání. Počítač byl na konci skenu zamrzlý takže se velmi špatně ovládal. Snad jsem moc nezbabral.
Re: Prosím o kontrolu logu
Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe - ComboFix je třeba spustit pod účtem s právy administrátora
- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu logu
tak snad to bude v pořádku.Moc děkuji.
Mil.
ComboFix 10-06-25.04 - administrátor 26.06.2010 16:40:39.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.767.398 [GMT 2:00]
Spuštěný z: d:\documents and settings\administrátor\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100626-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\program files\pdfforge Toolbar\SearchSettings.dll
d:\windows\system32\tmp.reg
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-26 do 2010-06-26 )))))))))))))))))))))))))))))))
.
2010-06-26 14:29 . 2010-06-26 14:32 -------- d-----w- d:\documents and settings\administrátor
2010-06-24 04:19 . 2010-04-12 15:29 411368 ----a-w- d:\windows\system32\deployJava1.dll
2010-06-23 10:43 . 2010-04-29 13:39 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-06-23 10:43 . 2010-04-29 13:39 20952 ----a-w- d:\windows\system32\drivers\mbam.sys
2010-06-23 10:43 . 2010-06-25 04:27 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-06-22 19:45 . 2010-06-22 19:45 -------- d-----w- d:\program files\trend micro
2010-06-22 19:45 . 2010-06-22 19:45 -------- d-----w- D:\rsit
2010-06-09 04:44 . 2010-05-06 10:35 743424 -c----w- d:\windows\system32\dllcache\iedvtool.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-26 14:50 . 2010-04-20 20:50 -------- d-----w- d:\program files\pdfforge Toolbar
2010-06-25 18:44 . 2007-07-09 16:57 -------- d-----w- d:\program files\Spyware Terminator
2010-06-24 06:04 . 2001-10-25 14:00 79174 ----a-w- d:\windows\system32\perfc005.dat
2010-06-24 06:04 . 2001-10-25 14:00 432332 ----a-w- d:\windows\system32\perfh005.dat
2010-06-24 04:23 . 2010-01-29 20:09 -------- d-----w- d:\program files\Common Files\Java
2010-06-24 04:18 . 2010-01-29 20:10 -------- d-----w- d:\program files\Java
2010-05-12 15:41 . 2010-05-12 15:37 -------- d-----w- d:\program files\AV Video Karaoke Maker
2010-05-09 14:08 . 2010-01-07 14:00 -------- d-----w- d:\program files\HP
2010-05-06 10:35 . 2002-09-20 18:05 916480 ----a-w- d:\windows\system32\wininet.dll
2010-05-02 08:09 . 2002-09-20 17:41 1851264 ----a-w- d:\windows\system32\win32k.sys
2010-04-20 05:32 . 2001-10-25 14:00 285696 ----a-w- d:\windows\system32\atmfd.dll
2010-03-30 22:16 . 2010-03-30 22:16 99176 ----a-w- d:\windows\system32\PresentationHostProxy.dll
2010-03-30 22:10 . 2010-03-30 22:10 295264 ----a-w- d:\windows\system32\PresentationHost.exe
2004-10-01 13:00 . 2008-06-13 16:34 40960 ----a-w- d:\program files\Uninstall_CDS.exe
2008-06-11 05:02 . 2008-04-03 16:10 67696 -c--a-w- d:\program files\mozilla firefox\components\jar50.dll
2008-06-11 05:02 . 2008-04-03 16:10 54376 -c--a-w- d:\program files\mozilla firefox\components\jsd3250.dll
2008-06-11 05:02 . 2008-04-03 16:10 34952 -c--a-w- d:\program files\mozilla firefox\components\myspell.dll
2008-06-11 05:02 . 2008-04-03 16:10 46720 -c--a-w- d:\program files\mozilla firefox\components\spellchk.dll
2008-06-11 05:02 . 2008-04-03 16:10 172144 -c--a-w- d:\program files\mozilla firefox\components\xpinstal.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2010-01-08 01:17 700416 ----a-w- d:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "d:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll" [2010-01-08 700416]
[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="d:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-15 3037696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="d:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-14 2176512]
"RemoteControl"="d:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"NeroFilterCheck"="d:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"FixCamera"="d:\windows\FixCamera.exe" [2007-02-12 20480]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"HPDJ Taskbar Utility"="d:\windows\system32\spool\drivers\w32x86\3\hpztsb02.exe" [2001-04-11 192512]
"ComplexWebServer"="c:\complexwebserver\bin\ServiceDirect.exe" [2006-09-17 686080]
"tsnp325"="d:\windows\tsnp325.exe" [2007-04-21 270336]
"snp325"="d:\windows\vsnp325.exe" [2007-04-25 835584]
"hpqSRMon"="d:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Software Update"="d:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"ABBYY Community Agent"="d:\program files\ABBYY FineReader 5.0\CAgent.exe" [2002-03-20 253952]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"AtiPTA"="atiptaxx.exe" [2000-08-30 180224]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"SearchSettings"="d:\program files\pdfforge Toolbar\SearchSettings.exe" [2010-01-07 974848]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\Metin2_TESTER\\metin2.bin"=
"d:\\Bluetooh\\Btoes_V2.54\\Spylite.exe"=
"c:\\ComplexWebServer\\apache\\bin\\Apache.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"d:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"d:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"d:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [13.6.2008 20:02 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;d:\windows\system32\drivers\sp_rsdrv2.sys [13.6.2008 17:04 142592]
R2 Application Updater;Application Updater;d:\program files\Application Updater\ApplicationUpdater.exe [8.1.2010 0:51 380928]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [13.6.2008 20:02 20560]
R2 CWS_Apache_80;CWS_Apache_80;c:\complexwebserver\apache\bin\Apache.exe [21.1.2009 22:41 20541]
R2 CWS_MySQL_3306;CWS_MySQL_3306;c:\complexwebserver\mysql\bin\mysqld.exe --defaults-file=c:\complexwebserver\mysql\conf\mysqld.conf CWS_MySQL_3306 --> c:\complexwebserver\mysql\bin\mysqld.exe --defaults-file=c:\complexwebserver\mysql\conf\mysqld.conf CWS_MySQL_3306 [?]
R3 TTDec;ATI WDM Teletext Decoder;d:\windows\system32\drivers\atinttxx.sys [13.6.2008 17:17 13824]
S2 Sukoku Service;Sukoku Service;"d:\documents and settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku119.exe" "d:\program files\Sukoku\sukoku.dll" Service --> d:\documents and settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku119.exe [?]
S3 SNP325;USB PC Camera (SNPSTD325);d:\windows\system32\drivers\snp325.sys [18.3.2009 9:07 10343168]
S3 snpmi03;VideoCAM NB 300;d:\windows\system32\DRIVERS\snpmi03.sys --> d:\windows\system32\DRIVERS\snpmi03.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
DPF: DirectAnimation Java Classes - file://d:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://d:\windows\Java\classes\xmldso.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-26 16:55
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(632)
d:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(696)
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\windows\system32\Ati2evxx.exe
d:\program files\Alwil Software\Avast4\aswUpdSv.exe
d:\program files\Alwil Software\Avast4\ashServ.exe
d:\windows\system32\Ati2evxx.exe
c:\complexwebserver\mysql\bin\mysqld.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\program files\Spyware Terminator\sp_rsser.exe
d:\program files\Alwil Software\Avast4\ashMaiSv.exe
d:\program files\Alwil Software\Avast4\ashWebSv.exe
d:\windows\system32\devldr32.exe
d:\windows\system32\rundll32.exe
d:\progra~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
d:\progra~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
d:\progra~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
d:\windows\system32\atiptaxx.exe
.
**************************************************************************
.
Celkový čas: 2010-06-26 17:04:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-06-26 15:04
ComboFix2.txt 2009-09-20 15:23
ComboFix3.txt 2009-01-01 10:11
Před spuštěním: 8 029 761 536
Po spuštění: 8 055 943 168
- - End Of File - - 30B02CAB719834F0471710956BA2CF3A
Mil.
ComboFix 10-06-25.04 - administrátor 26.06.2010 16:40:39.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.767.398 [GMT 2:00]
Spuštěný z: d:\documents and settings\administrátor\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100626-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\program files\pdfforge Toolbar\SearchSettings.dll
d:\windows\system32\tmp.reg
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-26 do 2010-06-26 )))))))))))))))))))))))))))))))
.
2010-06-26 14:29 . 2010-06-26 14:32 -------- d-----w- d:\documents and settings\administrátor
2010-06-24 04:19 . 2010-04-12 15:29 411368 ----a-w- d:\windows\system32\deployJava1.dll
2010-06-23 10:43 . 2010-04-29 13:39 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-06-23 10:43 . 2010-04-29 13:39 20952 ----a-w- d:\windows\system32\drivers\mbam.sys
2010-06-23 10:43 . 2010-06-25 04:27 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-06-22 19:45 . 2010-06-22 19:45 -------- d-----w- d:\program files\trend micro
2010-06-22 19:45 . 2010-06-22 19:45 -------- d-----w- D:\rsit
2010-06-09 04:44 . 2010-05-06 10:35 743424 -c----w- d:\windows\system32\dllcache\iedvtool.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-26 14:50 . 2010-04-20 20:50 -------- d-----w- d:\program files\pdfforge Toolbar
2010-06-25 18:44 . 2007-07-09 16:57 -------- d-----w- d:\program files\Spyware Terminator
2010-06-24 06:04 . 2001-10-25 14:00 79174 ----a-w- d:\windows\system32\perfc005.dat
2010-06-24 06:04 . 2001-10-25 14:00 432332 ----a-w- d:\windows\system32\perfh005.dat
2010-06-24 04:23 . 2010-01-29 20:09 -------- d-----w- d:\program files\Common Files\Java
2010-06-24 04:18 . 2010-01-29 20:10 -------- d-----w- d:\program files\Java
2010-05-12 15:41 . 2010-05-12 15:37 -------- d-----w- d:\program files\AV Video Karaoke Maker
2010-05-09 14:08 . 2010-01-07 14:00 -------- d-----w- d:\program files\HP
2010-05-06 10:35 . 2002-09-20 18:05 916480 ----a-w- d:\windows\system32\wininet.dll
2010-05-02 08:09 . 2002-09-20 17:41 1851264 ----a-w- d:\windows\system32\win32k.sys
2010-04-20 05:32 . 2001-10-25 14:00 285696 ----a-w- d:\windows\system32\atmfd.dll
2010-03-30 22:16 . 2010-03-30 22:16 99176 ----a-w- d:\windows\system32\PresentationHostProxy.dll
2010-03-30 22:10 . 2010-03-30 22:10 295264 ----a-w- d:\windows\system32\PresentationHost.exe
2004-10-01 13:00 . 2008-06-13 16:34 40960 ----a-w- d:\program files\Uninstall_CDS.exe
2008-06-11 05:02 . 2008-04-03 16:10 67696 -c--a-w- d:\program files\mozilla firefox\components\jar50.dll
2008-06-11 05:02 . 2008-04-03 16:10 54376 -c--a-w- d:\program files\mozilla firefox\components\jsd3250.dll
2008-06-11 05:02 . 2008-04-03 16:10 34952 -c--a-w- d:\program files\mozilla firefox\components\myspell.dll
2008-06-11 05:02 . 2008-04-03 16:10 46720 -c--a-w- d:\program files\mozilla firefox\components\spellchk.dll
2008-06-11 05:02 . 2008-04-03 16:10 172144 -c--a-w- d:\program files\mozilla firefox\components\xpinstal.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2010-01-08 01:17 700416 ----a-w- d:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "d:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll" [2010-01-08 700416]
[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="d:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-15 3037696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="d:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-14 2176512]
"RemoteControl"="d:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"NeroFilterCheck"="d:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"FixCamera"="d:\windows\FixCamera.exe" [2007-02-12 20480]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"HPDJ Taskbar Utility"="d:\windows\system32\spool\drivers\w32x86\3\hpztsb02.exe" [2001-04-11 192512]
"ComplexWebServer"="c:\complexwebserver\bin\ServiceDirect.exe" [2006-09-17 686080]
"tsnp325"="d:\windows\tsnp325.exe" [2007-04-21 270336]
"snp325"="d:\windows\vsnp325.exe" [2007-04-25 835584]
"hpqSRMon"="d:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Software Update"="d:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"ABBYY Community Agent"="d:\program files\ABBYY FineReader 5.0\CAgent.exe" [2002-03-20 253952]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"AtiPTA"="atiptaxx.exe" [2000-08-30 180224]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"SearchSettings"="d:\program files\pdfforge Toolbar\SearchSettings.exe" [2010-01-07 974848]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\Metin2_TESTER\\metin2.bin"=
"d:\\Bluetooh\\Btoes_V2.54\\Spylite.exe"=
"c:\\ComplexWebServer\\apache\\bin\\Apache.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"d:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"d:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"d:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [13.6.2008 20:02 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;d:\windows\system32\drivers\sp_rsdrv2.sys [13.6.2008 17:04 142592]
R2 Application Updater;Application Updater;d:\program files\Application Updater\ApplicationUpdater.exe [8.1.2010 0:51 380928]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [13.6.2008 20:02 20560]
R2 CWS_Apache_80;CWS_Apache_80;c:\complexwebserver\apache\bin\Apache.exe [21.1.2009 22:41 20541]
R2 CWS_MySQL_3306;CWS_MySQL_3306;c:\complexwebserver\mysql\bin\mysqld.exe --defaults-file=c:\complexwebserver\mysql\conf\mysqld.conf CWS_MySQL_3306 --> c:\complexwebserver\mysql\bin\mysqld.exe --defaults-file=c:\complexwebserver\mysql\conf\mysqld.conf CWS_MySQL_3306 [?]
R3 TTDec;ATI WDM Teletext Decoder;d:\windows\system32\drivers\atinttxx.sys [13.6.2008 17:17 13824]
S2 Sukoku Service;Sukoku Service;"d:\documents and settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku119.exe" "d:\program files\Sukoku\sukoku.dll" Service --> d:\documents and settings\All Users.WINDOWS\Data aplikací\Sukoku\sukoku119.exe [?]
S3 SNP325;USB PC Camera (SNPSTD325);d:\windows\system32\drivers\snp325.sys [18.3.2009 9:07 10343168]
S3 snpmi03;VideoCAM NB 300;d:\windows\system32\DRIVERS\snpmi03.sys --> d:\windows\system32\DRIVERS\snpmi03.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
DPF: DirectAnimation Java Classes - file://d:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://d:\windows\Java\classes\xmldso.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-26 16:55
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(632)
d:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(696)
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\windows\system32\Ati2evxx.exe
d:\program files\Alwil Software\Avast4\aswUpdSv.exe
d:\program files\Alwil Software\Avast4\ashServ.exe
d:\windows\system32\Ati2evxx.exe
c:\complexwebserver\mysql\bin\mysqld.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\program files\Spyware Terminator\sp_rsser.exe
d:\program files\Alwil Software\Avast4\ashMaiSv.exe
d:\program files\Alwil Software\Avast4\ashWebSv.exe
d:\windows\system32\devldr32.exe
d:\windows\system32\rundll32.exe
d:\progra~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
d:\progra~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
d:\progra~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
d:\windows\system32\atiptaxx.exe
.
**************************************************************************
.
Celkový čas: 2010-06-26 17:04:58 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-06-26 15:04
ComboFix2.txt 2009-09-20 15:23
ComboFix3.txt 2009-01-01 10:11
Před spuštěním: 8 029 761 536
Po spuštění: 8 055 943 168
- - End Of File - - 30B02CAB719834F0471710956BA2CF3A
Re: Prosím o kontrolu logu
Pokud nemáte, přesuňte Combofix na plochu-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
Kód: Vybrat vše
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"SearchSettings"=-
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"=-
[-HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]
Folder::
d:\program files\Sukoku
d:\program files\pdfforge Toolbar
Driver::
Sukoku Service
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:
-po aplikaci na Vás vypadne další log,vložte ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu logu
Díky moc, provedeno zde.
omboFix 10-06-26.02 - milan 27.06.2010 12:40:00.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.767.406 [GMT 2:00]
Spuštěný z: d:\documents and settings\milan\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\milan\Plocha\CFScript.txt.txt
AV: avast! antivirus 4.8.1368 [VPS 100626-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\program files\pdfforge Toolbar
d:\program files\pdfforge Toolbar\IE\1.1.2\config.ini
d:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
d:\program files\pdfforge Toolbar\Res\amazon.gif
d:\program files\pdfforge Toolbar\Res\ebay.gif
d:\program files\pdfforge Toolbar\Res\icon_settings.gif
d:\program files\pdfforge Toolbar\Res\pdfc_branding.gif
d:\program files\pdfforge Toolbar\Res\pdfc_branding_hover.gif
d:\program files\pdfforge Toolbar\Res\pdfc_icon.gif
d:\program files\pdfforge Toolbar\Res\pdfc_portal_logo.gif
d:\program files\pdfforge Toolbar\Res\search-button-hover.gif
d:\program files\pdfforge Toolbar\Res\search-button.gif
d:\program files\pdfforge Toolbar\Res\search-chevron-hover.gif
d:\program files\pdfforge Toolbar\Res\search-chevron.gif
d:\program files\pdfforge Toolbar\Res\search_amazon.gif
d:\program files\pdfforge Toolbar\Res\search_ebay.gif
d:\program files\pdfforge Toolbar\Res\search_yahoo.gif
d:\program files\pdfforge Toolbar\Res\widgets.xml
d:\program files\pdfforge Toolbar\SearchSettings.exe
d:\program files\pdfforge Toolbar\SearchSettingsRes409.dll
d:\program files\pdfforge Toolbar\sscfg.ini
d:\program files\pdfforge Toolbar\WidgiHelper.exe
d:\windows\system32\atridtxx.csy
d:\windows\system32\atridtxx.dan
d:\windows\system32\Atridtxx.deu
d:\windows\system32\Atridtxx.dft
d:\windows\system32\atridtxx.ell
d:\windows\system32\Atridtxx.esp
d:\windows\system32\atridtxx.fin
d:\windows\system32\Atridtxx.fra
d:\windows\system32\atridtxx.hun
d:\windows\system32\Atridtxx.chs
d:\windows\system32\Atridtxx.cht
d:\windows\system32\Atridtxx.ita
d:\windows\system32\Atridtxx.jpn
d:\windows\system32\Atridtxx.kor
d:\windows\system32\Atridtxx.nld
d:\windows\system32\Atridtxx.nor
d:\windows\system32\Atridtxx.plk
d:\windows\system32\Atridtxx.ptb
d:\windows\system32\Atridtxx.rus
d:\windows\system32\Atridtxx.sve
d:\windows\system32\Atridtxx.tha
d:\windows\system32\Atridtxx.trk
d:\windows\system32\atriprxx.ara
d:\windows\system32\atriprxx.csy
d:\windows\system32\atriprxx.dan
d:\windows\system32\atriprxx.deu
d:\windows\system32\atriprxx.ell
d:\windows\system32\atriprxx.esp
d:\windows\system32\atriprxx.fin
d:\windows\system32\atriprxx.fra
d:\windows\system32\atriprxx.heb
d:\windows\system32\atriprxx.hun
d:\windows\system32\atriprxx.chs
d:\windows\system32\atriprxx.cht
d:\windows\system32\atriprxx.ita
d:\windows\system32\atriprxx.jpn
d:\windows\system32\atriprxx.kor
d:\windows\system32\atriprxx.nld
d:\windows\system32\atriprxx.nor
d:\windows\system32\atriprxx.plk
d:\windows\system32\atriprxx.ptb
d:\windows\system32\atriprxx.rus
d:\windows\system32\atriprxx.sve
d:\windows\system32\atriprxx.tha
d:\windows\system32\atriprxx.trk
d:\windows\system32\atrpdsxx.ara
d:\windows\system32\atrpdsxx.csy
d:\windows\system32\atrpdsxx.dan
d:\windows\system32\atrpdsxx.deu
d:\windows\system32\atrpdsxx.ell
d:\windows\system32\atrpdsxx.enu
d:\windows\system32\atrpdsxx.esp
d:\windows\system32\atrpdsxx.fin
d:\windows\system32\atrpdsxx.fra
d:\windows\system32\atrpdsxx.heb
d:\windows\system32\atrpdsxx.hun
d:\windows\system32\atrpdsxx.chs
d:\windows\system32\atrpdsxx.cht
d:\windows\system32\atrpdsxx.ita
d:\windows\system32\atrpdsxx.jpn
d:\windows\system32\atrpdsxx.kor
d:\windows\system32\atrpdsxx.nld
d:\windows\system32\atrpdsxx.nor
d:\windows\system32\atrpdsxx.plk
d:\windows\system32\atrpdsxx.ptb
d:\windows\system32\atrpdsxx.rus
d:\windows\system32\atrpdsxx.sve
d:\windows\system32\atrpdsxx.tha
d:\windows\system32\atrpdsxx.trk
d:\windows\system32\atrptaxx.ara
d:\windows\system32\atrptaxx.csy
d:\windows\system32\atrptaxx.dan
d:\windows\system32\atrptaxx.deu
d:\windows\system32\atrptaxx.ell
d:\windows\system32\atrptaxx.enu
d:\windows\system32\atrptaxx.esp
d:\windows\system32\atrptaxx.fin
d:\windows\system32\atrptaxx.fra
d:\windows\system32\atrptaxx.heb
d:\windows\system32\atrptaxx.hun
d:\windows\system32\atrptaxx.chs
d:\windows\system32\atrptaxx.cht
d:\windows\system32\atrptaxx.ita
d:\windows\system32\atrptaxx.jpn
d:\windows\system32\atrptaxx.kor
d:\windows\system32\atrptaxx.nld
d:\windows\system32\atrptaxx.nor
d:\windows\system32\atrptaxx.plk
d:\windows\system32\atrptaxx.ptb
d:\windows\system32\atrptaxx.rus
d:\windows\system32\atrptaxx.sve
d:\windows\system32\atrptaxx.tha
d:\windows\system32\atrptaxx.trk
d:\windows\system32\atrpuixx.ara
d:\windows\system32\atrpuixx.csy
d:\windows\system32\atrpuixx.dan
d:\windows\system32\atrpuixx.deu
d:\windows\system32\atrpuixx.ell
d:\windows\system32\atrpuixx.enu
d:\windows\system32\atrpuixx.esp
d:\windows\system32\atrpuixx.fin
d:\windows\system32\atrpuixx.fra
d:\windows\system32\atrpuixx.heb
d:\windows\system32\atrpuixx.hun
d:\windows\system32\atrpuixx.chs
d:\windows\system32\atrpuixx.cht
d:\windows\system32\atrpuixx.ita
d:\windows\system32\atrpuixx.jpn
d:\windows\system32\atrpuixx.kor
d:\windows\system32\atrpuixx.nld
d:\windows\system32\atrpuixx.nor
d:\windows\system32\atrpuixx.plk
d:\windows\system32\atrpuixx.ptb
d:\windows\system32\atrpuixx.rus
d:\windows\system32\atrpuixx.sve
d:\windows\system32\atrpuixx.tha
d:\windows\system32\atrpuixx.trk
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SUKOKU_SERVICE
-------\Service_Sukoku Service
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-27 do 2010-06-27 )))))))))))))))))))))))))))))))
.
2010-06-26 14:29 . 2010-06-26 14:32 -------- d-----w- d:\documents and settings\administrátor
2010-06-24 04:19 . 2010-04-12 15:29 411368 ----a-w- d:\windows\system32\deployJava1.dll
2010-06-23 10:43 . 2010-04-29 13:39 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-06-23 10:43 . 2010-04-29 13:39 20952 ----a-w- d:\windows\system32\drivers\mbam.sys
2010-06-23 10:43 . 2010-06-25 04:27 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-06-22 19:45 . 2010-06-22 19:45 -------- d-----w- d:\program files\trend micro
2010-06-22 19:45 . 2010-06-22 19:45 -------- d-----w- D:\rsit
2010-06-09 04:44 . 2010-05-06 10:35 743424 -c----w- d:\windows\system32\dllcache\iedvtool.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-26 18:45 . 2007-07-09 16:57 -------- d-----w- d:\program files\Spyware Terminator
2010-06-24 06:04 . 2001-10-25 14:00 79174 ----a-w- d:\windows\system32\perfc005.dat
2010-06-24 06:04 . 2001-10-25 14:00 432332 ----a-w- d:\windows\system32\perfh005.dat
2010-06-24 04:23 . 2010-01-29 20:09 -------- d-----w- d:\program files\Common Files\Java
2010-06-24 04:18 . 2010-01-29 20:10 -------- d-----w- d:\program files\Java
2010-05-12 15:41 . 2010-05-12 15:37 -------- d-----w- d:\program files\AV Video Karaoke Maker
2010-05-09 14:08 . 2010-01-07 14:00 -------- d-----w- d:\program files\HP
2010-05-06 10:35 . 2002-09-20 18:05 916480 ----a-w- d:\windows\system32\wininet.dll
2010-05-02 08:09 . 2002-09-20 17:41 1851264 ----a-w- d:\windows\system32\win32k.sys
2010-04-20 05:32 . 2001-10-25 14:00 285696 ----a-w- d:\windows\system32\atmfd.dll
2010-03-30 22:16 . 2010-03-30 22:16 99176 ----a-w- d:\windows\system32\PresentationHostProxy.dll
2010-03-30 22:10 . 2010-03-30 22:10 295264 ----a-w- d:\windows\system32\PresentationHost.exe
2004-10-01 13:00 . 2008-06-13 16:34 40960 ----a-w- d:\program files\Uninstall_CDS.exe
2008-06-11 05:02 . 2008-04-03 16:10 67696 -c--a-w- d:\program files\mozilla firefox\components\jar50.dll
2008-06-11 05:02 . 2008-04-03 16:10 54376 -c--a-w- d:\program files\mozilla firefox\components\jsd3250.dll
2008-06-11 05:02 . 2008-04-03 16:10 34952 -c--a-w- d:\program files\mozilla firefox\components\myspell.dll
2008-06-11 05:02 . 2008-04-03 16:10 46720 -c--a-w- d:\program files\mozilla firefox\components\spellchk.dll
2008-06-11 05:02 . 2008-04-03 16:10 172144 -c--a-w- d:\program files\mozilla firefox\components\xpinstal.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="d:\program files\Ahead\Nero BackItUp\NBJ.exe" [2006-02-10 2048000]
"TomTomHOME.exe"="d:\program files\TomTom HOME 2\HOMERunner.exe" [2008-12-09 234856]
"SpywareTerminatorUpdate"="d:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-15 3037696]
"swg"="d:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-12 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="d:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-14 2176512]
"RemoteControl"="d:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"NeroFilterCheck"="d:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"FixCamera"="d:\windows\FixCamera.exe" [2007-02-12 20480]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"HPDJ Taskbar Utility"="d:\windows\system32\spool\drivers\w32x86\3\hpztsb02.exe" [2001-04-11 192512]
"ComplexWebServer"="c:\complexwebserver\bin\ServiceDirect.exe" [2006-09-17 686080]
"tsnp325"="d:\windows\tsnp325.exe" [2007-04-21 270336]
"snp325"="d:\windows\vsnp325.exe" [2007-04-25 835584]
"hpqSRMon"="d:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Software Update"="d:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"ABBYY Community Agent"="d:\program files\ABBYY FineReader 5.0\CAgent.exe" [2002-03-20 253952]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"AtiPTA"="atiptaxx.exe" [2000-08-30 180224]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\Metin2_TESTER\\metin2.bin"=
"d:\\Bluetooh\\Btoes_V2.54\\Spylite.exe"=
"c:\\ComplexWebServer\\apache\\bin\\Apache.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"d:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"d:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"d:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [13.6.2008 20:02 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;d:\windows\system32\drivers\sp_rsdrv2.sys [13.6.2008 17:04 142592]
R2 Application Updater;Application Updater;d:\program files\Application Updater\ApplicationUpdater.exe [8.1.2010 0:51 380928]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [13.6.2008 20:02 20560]
R2 CWS_Apache_80;CWS_Apache_80;c:\complexwebserver\apache\bin\Apache.exe [21.1.2009 22:41 20541]
R2 CWS_MySQL_3306;CWS_MySQL_3306;c:\complexwebserver\mysql\bin\mysqld.exe --defaults-file=c:\complexwebserver\mysql\conf\mysqld.conf CWS_MySQL_3306 --> c:\complexwebserver\mysql\bin\mysqld.exe --defaults-file=c:\complexwebserver\mysql\conf\mysqld.conf CWS_MySQL_3306 [?]
R3 TTDec;ATI WDM Teletext Decoder;d:\windows\system32\drivers\atinttxx.sys [13.6.2008 17:17 13824]
S3 SNP325;USB PC Camera (SNPSTD325);d:\windows\system32\drivers\snp325.sys [18.3.2009 9:07 10343168]
S3 snpmi03;VideoCAM NB 300;d:\windows\system32\DRIVERS\snpmi03.sys --> d:\windows\system32\DRIVERS\snpmi03.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Settings,ProxyServer = http=proxy@hitech.cz:3128
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: microsoft.com\office
DPF: DirectAnimation Java Classes - file://d:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://d:\windows\Java\classes\xmldso.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-27 12:57
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(640)
d:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3960)
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\windows\system32\Ati2evxx.exe
d:\program files\Alwil Software\Avast4\aswUpdSv.exe
d:\program files\Alwil Software\Avast4\ashServ.exe
c:\complexwebserver\mysql\bin\mysqld.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\program files\Spyware Terminator\sp_rsser.exe
d:\windows\system32\Ati2evxx.exe
d:\program files\Alwil Software\Avast4\ashMaiSv.exe
d:\program files\Alwil Software\Avast4\ashWebSv.exe
d:\windows\system32\rundll32.exe
d:\windows\system32\devldr32.exe
d:\progra~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
d:\progra~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
d:\progra~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
.
**************************************************************************
.
Celkový čas: 2010-06-27 13:09:56 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-06-27 11:09
ComboFix2.txt 2010-06-26 15:04
ComboFix3.txt 2009-09-20 15:23
ComboFix4.txt 2009-01-01 10:11
Před spuštěním: 8 026 652 672
Po spuštění: 8 021 049 344
- - End Of File - - 85832585F2046DFFC91340F31E524853
omboFix 10-06-26.02 - milan 27.06.2010 12:40:00.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.767.406 [GMT 2:00]
Spuštěný z: d:\documents and settings\milan\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\milan\Plocha\CFScript.txt.txt
AV: avast! antivirus 4.8.1368 [VPS 100626-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\program files\pdfforge Toolbar
d:\program files\pdfforge Toolbar\IE\1.1.2\config.ini
d:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
d:\program files\pdfforge Toolbar\Res\amazon.gif
d:\program files\pdfforge Toolbar\Res\ebay.gif
d:\program files\pdfforge Toolbar\Res\icon_settings.gif
d:\program files\pdfforge Toolbar\Res\pdfc_branding.gif
d:\program files\pdfforge Toolbar\Res\pdfc_branding_hover.gif
d:\program files\pdfforge Toolbar\Res\pdfc_icon.gif
d:\program files\pdfforge Toolbar\Res\pdfc_portal_logo.gif
d:\program files\pdfforge Toolbar\Res\search-button-hover.gif
d:\program files\pdfforge Toolbar\Res\search-button.gif
d:\program files\pdfforge Toolbar\Res\search-chevron-hover.gif
d:\program files\pdfforge Toolbar\Res\search-chevron.gif
d:\program files\pdfforge Toolbar\Res\search_amazon.gif
d:\program files\pdfforge Toolbar\Res\search_ebay.gif
d:\program files\pdfforge Toolbar\Res\search_yahoo.gif
d:\program files\pdfforge Toolbar\Res\widgets.xml
d:\program files\pdfforge Toolbar\SearchSettings.exe
d:\program files\pdfforge Toolbar\SearchSettingsRes409.dll
d:\program files\pdfforge Toolbar\sscfg.ini
d:\program files\pdfforge Toolbar\WidgiHelper.exe
d:\windows\system32\atridtxx.csy
d:\windows\system32\atridtxx.dan
d:\windows\system32\Atridtxx.deu
d:\windows\system32\Atridtxx.dft
d:\windows\system32\atridtxx.ell
d:\windows\system32\Atridtxx.esp
d:\windows\system32\atridtxx.fin
d:\windows\system32\Atridtxx.fra
d:\windows\system32\atridtxx.hun
d:\windows\system32\Atridtxx.chs
d:\windows\system32\Atridtxx.cht
d:\windows\system32\Atridtxx.ita
d:\windows\system32\Atridtxx.jpn
d:\windows\system32\Atridtxx.kor
d:\windows\system32\Atridtxx.nld
d:\windows\system32\Atridtxx.nor
d:\windows\system32\Atridtxx.plk
d:\windows\system32\Atridtxx.ptb
d:\windows\system32\Atridtxx.rus
d:\windows\system32\Atridtxx.sve
d:\windows\system32\Atridtxx.tha
d:\windows\system32\Atridtxx.trk
d:\windows\system32\atriprxx.ara
d:\windows\system32\atriprxx.csy
d:\windows\system32\atriprxx.dan
d:\windows\system32\atriprxx.deu
d:\windows\system32\atriprxx.ell
d:\windows\system32\atriprxx.esp
d:\windows\system32\atriprxx.fin
d:\windows\system32\atriprxx.fra
d:\windows\system32\atriprxx.heb
d:\windows\system32\atriprxx.hun
d:\windows\system32\atriprxx.chs
d:\windows\system32\atriprxx.cht
d:\windows\system32\atriprxx.ita
d:\windows\system32\atriprxx.jpn
d:\windows\system32\atriprxx.kor
d:\windows\system32\atriprxx.nld
d:\windows\system32\atriprxx.nor
d:\windows\system32\atriprxx.plk
d:\windows\system32\atriprxx.ptb
d:\windows\system32\atriprxx.rus
d:\windows\system32\atriprxx.sve
d:\windows\system32\atriprxx.tha
d:\windows\system32\atriprxx.trk
d:\windows\system32\atrpdsxx.ara
d:\windows\system32\atrpdsxx.csy
d:\windows\system32\atrpdsxx.dan
d:\windows\system32\atrpdsxx.deu
d:\windows\system32\atrpdsxx.ell
d:\windows\system32\atrpdsxx.enu
d:\windows\system32\atrpdsxx.esp
d:\windows\system32\atrpdsxx.fin
d:\windows\system32\atrpdsxx.fra
d:\windows\system32\atrpdsxx.heb
d:\windows\system32\atrpdsxx.hun
d:\windows\system32\atrpdsxx.chs
d:\windows\system32\atrpdsxx.cht
d:\windows\system32\atrpdsxx.ita
d:\windows\system32\atrpdsxx.jpn
d:\windows\system32\atrpdsxx.kor
d:\windows\system32\atrpdsxx.nld
d:\windows\system32\atrpdsxx.nor
d:\windows\system32\atrpdsxx.plk
d:\windows\system32\atrpdsxx.ptb
d:\windows\system32\atrpdsxx.rus
d:\windows\system32\atrpdsxx.sve
d:\windows\system32\atrpdsxx.tha
d:\windows\system32\atrpdsxx.trk
d:\windows\system32\atrptaxx.ara
d:\windows\system32\atrptaxx.csy
d:\windows\system32\atrptaxx.dan
d:\windows\system32\atrptaxx.deu
d:\windows\system32\atrptaxx.ell
d:\windows\system32\atrptaxx.enu
d:\windows\system32\atrptaxx.esp
d:\windows\system32\atrptaxx.fin
d:\windows\system32\atrptaxx.fra
d:\windows\system32\atrptaxx.heb
d:\windows\system32\atrptaxx.hun
d:\windows\system32\atrptaxx.chs
d:\windows\system32\atrptaxx.cht
d:\windows\system32\atrptaxx.ita
d:\windows\system32\atrptaxx.jpn
d:\windows\system32\atrptaxx.kor
d:\windows\system32\atrptaxx.nld
d:\windows\system32\atrptaxx.nor
d:\windows\system32\atrptaxx.plk
d:\windows\system32\atrptaxx.ptb
d:\windows\system32\atrptaxx.rus
d:\windows\system32\atrptaxx.sve
d:\windows\system32\atrptaxx.tha
d:\windows\system32\atrptaxx.trk
d:\windows\system32\atrpuixx.ara
d:\windows\system32\atrpuixx.csy
d:\windows\system32\atrpuixx.dan
d:\windows\system32\atrpuixx.deu
d:\windows\system32\atrpuixx.ell
d:\windows\system32\atrpuixx.enu
d:\windows\system32\atrpuixx.esp
d:\windows\system32\atrpuixx.fin
d:\windows\system32\atrpuixx.fra
d:\windows\system32\atrpuixx.heb
d:\windows\system32\atrpuixx.hun
d:\windows\system32\atrpuixx.chs
d:\windows\system32\atrpuixx.cht
d:\windows\system32\atrpuixx.ita
d:\windows\system32\atrpuixx.jpn
d:\windows\system32\atrpuixx.kor
d:\windows\system32\atrpuixx.nld
d:\windows\system32\atrpuixx.nor
d:\windows\system32\atrpuixx.plk
d:\windows\system32\atrpuixx.ptb
d:\windows\system32\atrpuixx.rus
d:\windows\system32\atrpuixx.sve
d:\windows\system32\atrpuixx.tha
d:\windows\system32\atrpuixx.trk
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SUKOKU_SERVICE
-------\Service_Sukoku Service
((((((((((((((((((((((((( Soubory vytvořené od 2010-05-27 do 2010-06-27 )))))))))))))))))))))))))))))))
.
2010-06-26 14:29 . 2010-06-26 14:32 -------- d-----w- d:\documents and settings\administrátor
2010-06-24 04:19 . 2010-04-12 15:29 411368 ----a-w- d:\windows\system32\deployJava1.dll
2010-06-23 10:43 . 2010-04-29 13:39 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
2010-06-23 10:43 . 2010-04-29 13:39 20952 ----a-w- d:\windows\system32\drivers\mbam.sys
2010-06-23 10:43 . 2010-06-25 04:27 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-06-22 19:45 . 2010-06-22 19:45 -------- d-----w- d:\program files\trend micro
2010-06-22 19:45 . 2010-06-22 19:45 -------- d-----w- D:\rsit
2010-06-09 04:44 . 2010-05-06 10:35 743424 -c----w- d:\windows\system32\dllcache\iedvtool.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-26 18:45 . 2007-07-09 16:57 -------- d-----w- d:\program files\Spyware Terminator
2010-06-24 06:04 . 2001-10-25 14:00 79174 ----a-w- d:\windows\system32\perfc005.dat
2010-06-24 06:04 . 2001-10-25 14:00 432332 ----a-w- d:\windows\system32\perfh005.dat
2010-06-24 04:23 . 2010-01-29 20:09 -------- d-----w- d:\program files\Common Files\Java
2010-06-24 04:18 . 2010-01-29 20:10 -------- d-----w- d:\program files\Java
2010-05-12 15:41 . 2010-05-12 15:37 -------- d-----w- d:\program files\AV Video Karaoke Maker
2010-05-09 14:08 . 2010-01-07 14:00 -------- d-----w- d:\program files\HP
2010-05-06 10:35 . 2002-09-20 18:05 916480 ----a-w- d:\windows\system32\wininet.dll
2010-05-02 08:09 . 2002-09-20 17:41 1851264 ----a-w- d:\windows\system32\win32k.sys
2010-04-20 05:32 . 2001-10-25 14:00 285696 ----a-w- d:\windows\system32\atmfd.dll
2010-03-30 22:16 . 2010-03-30 22:16 99176 ----a-w- d:\windows\system32\PresentationHostProxy.dll
2010-03-30 22:10 . 2010-03-30 22:10 295264 ----a-w- d:\windows\system32\PresentationHost.exe
2004-10-01 13:00 . 2008-06-13 16:34 40960 ----a-w- d:\program files\Uninstall_CDS.exe
2008-06-11 05:02 . 2008-04-03 16:10 67696 -c--a-w- d:\program files\mozilla firefox\components\jar50.dll
2008-06-11 05:02 . 2008-04-03 16:10 54376 -c--a-w- d:\program files\mozilla firefox\components\jsd3250.dll
2008-06-11 05:02 . 2008-04-03 16:10 34952 -c--a-w- d:\program files\mozilla firefox\components\myspell.dll
2008-06-11 05:02 . 2008-04-03 16:10 46720 -c--a-w- d:\program files\mozilla firefox\components\spellchk.dll
2008-06-11 05:02 . 2008-04-03 16:10 172144 -c--a-w- d:\program files\mozilla firefox\components\xpinstal.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="d:\program files\Ahead\Nero BackItUp\NBJ.exe" [2006-02-10 2048000]
"TomTomHOME.exe"="d:\program files\TomTom HOME 2\HOMERunner.exe" [2008-12-09 234856]
"SpywareTerminatorUpdate"="d:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-15 3037696]
"swg"="d:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-12 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminator"="d:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-14 2176512]
"RemoteControl"="d:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"NeroFilterCheck"="d:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avast!"="d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"FixCamera"="d:\windows\FixCamera.exe" [2007-02-12 20480]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"HPDJ Taskbar Utility"="d:\windows\system32\spool\drivers\w32x86\3\hpztsb02.exe" [2001-04-11 192512]
"ComplexWebServer"="c:\complexwebserver\bin\ServiceDirect.exe" [2006-09-17 686080]
"tsnp325"="d:\windows\tsnp325.exe" [2007-04-21 270336]
"snp325"="d:\windows\vsnp325.exe" [2007-04-25 835584]
"hpqSRMon"="d:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Software Update"="d:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"ABBYY Community Agent"="d:\program files\ABBYY FineReader 5.0\CAgent.exe" [2002-03-20 253952]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"AtiPTA"="atiptaxx.exe" [2000-08-30 180224]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\Metin2_TESTER\\metin2.bin"=
"d:\\Bluetooh\\Btoes_V2.54\\Spylite.exe"=
"c:\\ComplexWebServer\\apache\\bin\\Apache.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"d:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"d:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"d:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [13.6.2008 20:02 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;d:\windows\system32\drivers\sp_rsdrv2.sys [13.6.2008 17:04 142592]
R2 Application Updater;Application Updater;d:\program files\Application Updater\ApplicationUpdater.exe [8.1.2010 0:51 380928]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [13.6.2008 20:02 20560]
R2 CWS_Apache_80;CWS_Apache_80;c:\complexwebserver\apache\bin\Apache.exe [21.1.2009 22:41 20541]
R2 CWS_MySQL_3306;CWS_MySQL_3306;c:\complexwebserver\mysql\bin\mysqld.exe --defaults-file=c:\complexwebserver\mysql\conf\mysqld.conf CWS_MySQL_3306 --> c:\complexwebserver\mysql\bin\mysqld.exe --defaults-file=c:\complexwebserver\mysql\conf\mysqld.conf CWS_MySQL_3306 [?]
R3 TTDec;ATI WDM Teletext Decoder;d:\windows\system32\drivers\atinttxx.sys [13.6.2008 17:17 13824]
S3 SNP325;USB PC Camera (SNPSTD325);d:\windows\system32\drivers\snp325.sys [18.3.2009 9:07 10343168]
S3 snpmi03;VideoCAM NB 300;d:\windows\system32\DRIVERS\snpmi03.sys --> d:\windows\system32\DRIVERS\snpmi03.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Settings,ProxyServer = http=proxy@hitech.cz:3128
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - d:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: microsoft.com\office
DPF: DirectAnimation Java Classes - file://d:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://d:\windows\Java\classes\xmldso.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-27 12:57
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(640)
d:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3960)
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\windows\system32\Ati2evxx.exe
d:\program files\Alwil Software\Avast4\aswUpdSv.exe
d:\program files\Alwil Software\Avast4\ashServ.exe
c:\complexwebserver\mysql\bin\mysqld.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\program files\Spyware Terminator\sp_rsser.exe
d:\windows\system32\Ati2evxx.exe
d:\program files\Alwil Software\Avast4\ashMaiSv.exe
d:\program files\Alwil Software\Avast4\ashWebSv.exe
d:\windows\system32\rundll32.exe
d:\windows\system32\devldr32.exe
d:\progra~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
d:\progra~1\Nokia\NOKIAP~1\TRAYAP~1.EXE
d:\progra~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
.
**************************************************************************
.
Celkový čas: 2010-06-27 13:09:56 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-06-27 11:09
ComboFix2.txt 2010-06-26 15:04
ComboFix3.txt 2009-09-20 15:23
ComboFix4.txt 2009-01-01 10:11
Před spuštěním: 8 026 652 672
Po spuštění: 8 021 049 344
- - End Of File - - 85832585F2046DFFC91340F31E524853
Re: Prosím o kontrolu logu
Jak to vypadá s počítačem?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Prosím o kontrolu logu
Nějaký dll soubor od ATI se tam smazal,stále nefunguje Word. Mohu Word nainstalovat ?
Re: Prosím o kontrolu logu
samozrejme mozes
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu
Ok zatím vřelé díky.Myslíš , že to bude v pořádku ?
Přispějete na provoz fóra?