help.. donedávna šlo ok.. ted hrozné lagy
info.txt logfile of random's system information tool 1.08 2010-08-04 10:44:22
======Uninstall list======
-->MsiExec /X{DEA314C4-0929-4250-BC92-98E4C105F28D}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3Djam - Roozz plugin-->MsiExec.exe /I{469AEC84-AE8F-451D-80D3-BEB55745D65D}
Ad-Aware Email Scanner for Outlook-->MsiExec.exe /I{338F08AB-C262-42C7-B000-34DE1A475273}
Ad-Aware-->"C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\Documents and Settings\All Users\Data aplikací\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
Akamai NetSession Interface-->C:\Program Files\Common Files\Akamai\uninstall.exe
Alien Swarm-->"C:\Program Files\Steam\steam.exe" steam://uninstall/630
AOAInstallprogram-->"C:\Program Files\AOA\unins000.exe"
AsdaStoy-->C:\Program Files\GamesCampus\Asdastory\uninst.exe
Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\System32\DRVSTORE\amdk8_272AB57A055A98BD494E3A7FDA0E8216ECE25347\amdk8.inf
Battle of the Immortals-->"C:\Perfect World Entertainment\Battle of the Immortals\unins000.exe"
Battlefield 1942 Multiplayer Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5ED20FB0-678F-41EE-9211-DC9C670FD193}\Setup.exe" -l0x9
BigFoot 4x4 Challenge-->"C:\Program Files\MyPlayCity.com\BigFoot 4x4 Challenge\unins000.exe"
BitTorrent-->"C:\Program Files\BitTorrent\BitTorrent.exe" /UNINSTALL
Call of Duty(R) - World at War(TM)-->C:\Program Files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe -runfromtemp -l0x0419
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Colin McRae Rally 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19B72AA9-985A-11D4-9C8A-00D0B75D1498}\setup.exe"
Counter-Strike: Source-->C:\Program Files\Counter-Strike Source\Uninst.exe
Counter-Strike-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10
CTRacer-->"C:\Program Files\CTRacer\unins000.exe"
Deadly Race-->"C:\Program Files\MyPlayCity.com\Deadly Race\unins000.exe"
DivX Setup-->C:\Documents and Settings\All Users\Data aplikací\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
Dungeon of Glory-->MsiExec.exe /I{B7ACF70E-90E8-4FEC-ACB7-51BD3B8764D3}
EA SPORTS(TM) FIFA Online-->MsiExec.exe /X{6FE3B0CE-37C1-4825-908A-5A84C9B4EC2F}
Eurobattle.net-->"C:\WINDOWS\Eurobattle.net\uninstall.exe" "/U:C:\Warcraft III\Uninstall\uninstall.xml"
Fantasy Earth Zero-->"C:\Program Files\InstallShield Installation Information\{B7A9964C-A9A7-4714-B494-50067238876E}\setup.exe" -runfromtemp -l0x0409 -removeonly
Fantasy Earth Zero-->MsiExec.exe /X{B7A9964C-A9A7-4714-B494-50067238876E}
FIFA 10-->MsiExec.exe /X{11202615-E557-4ECF-9B86-F59C81E52909}
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Garena 2010-->C:\Program Files\Garena\uninst.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
ijji REACTOR-->"C:\Program Files\InstallShield Installation Information\{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}\setup.exe" -runfromtemp -l0x0009 -removeonly
K-Lite Mega Codec Pack 4.3.1-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LogMeIn Hamachi-->C:\WINDOWS\system32\\msiexec.exe /i {8A74DEFD-A224-49CC-AB80-4E88BC730125} REMOVE=ALL
LogMeIn Hamachi-->MsiExec.exe /I{8A74DEFD-A224-49CC-AB80-4E88BC730125}
Lunia-->"C:\Program Files\OGPlanet\Lunia\uninstall.exe"
Martial Empires -->C:\Program Files\Gamigo\Martial Empires\uninst.exe
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Motocross Madness 2-->"C:\Program Files\Microsoft Games\Motocross Madness 2\UNINSTAL.EXE" /runtemp /addremove
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200}
Miranda IM 0.8.21-->C:\Program Files\Miranda IM\Uninstall.exe
mIRC-->C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
Mozilla Firefox (3.0.19)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
N.E.O.Online-->"C:\Program Files\InstallShield Installation Information\{CB122CF9-6B45-4CE1-A337-A49F2C6E311F}\setup.exe" -runfromtemp -l0x0409 -removeonly
NCsoft Launcher-->C:\Program Files\InstallShield Installation Information\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}\setup.exe -runfromtemp -l0x0009 -removeonly
Need For Speed™ World-->"C:\Program Files\Electronic Arts\Need For Speed World\unins000.exe"
Neffy 1,3,29,0-->C:\Program Files\Neffy\uninst.exe
NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall
NVIDIA PhysX-->MsiExec.exe /X{DEA314C4-0929-4250-BC92-98E4C105F28D}
OGPlanet Game Launcher EU-->C:\Program Files\OGPlanet\EULauncher\uninst.exe
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
Paintball2 Alpha build 016-->C:\Games\Paintball2\uninst.exe
Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe
PSPad editor-->"C:\Program Files\PSPad editor\Uninst\unins000.exe"
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
Quake Live Mozilla Plugin-->MsiExec.exe /I{1E2FDD18-E514-4631-AF4A-0CC58FD93DCB}
Race - The WTCC Game-->MsiExec.exe /I{4368D6CF-3528-4D9C-A6FB-709B4B828968}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x5 -removeonly
Security Task Manager 1.7d-->C:\Program Files\Security Task Manager\Uninstal.exe "C:\Documents and Settings\All Users\Nabídka Start\Programy\Security Task Manager"
Shaiya(US)-->C:\Program Files\InstallShield Installation Information\{9BBB19C0-1FE1-4A4E-B25F-C9E1B0497EC5}\setup.exe -runfromtemp -l0x0009 -removeonly
Softarová utilita ATI - Odinstalovat-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
SoulMaster-->"C:\GamesCampus\SoulMaster\uninstall.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SuddenAttackNA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{732799C0-7785-43C5-8496-71546A062992}\setup.exe" -l0x9 -removeonly
TeamSpeak 3 Client-->"C:\Program Files\TeamSpeak 3 Client\uninstall.exe"
Tony Hawk's Pro Skater 3®-->C:\PROGRA~1\ACTIVI~2\Thps3\UNINST~1\UNWISE.EXE C:\PROGRA~1\ACTIVI~2\Thps3\UNINST~1\INSTALL.LOG
Total Annihilation-->C:\CAVEDOG\TOTALA\setup.exe -u
Transport Tycoon Deluxe-->C:\WINDOWS\UniFISH.exe Transport Tycoon Deluxe
Tunatic-->"C:\WINDOWS\lsb_un20.exe" /C=UC /N=Tunatic
Unreal Tournament 2004 Demo-->C:\UT2004Demo\System\Setup.exe uninstall "UT2004-Demo"
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Ventrilo-->MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
VirtualCloneDrive-->"C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\VirtualCloneDrive"
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows XP Service Pack 2-->C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\Wrath of the Lich King\Uninstall.exe
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XnView 1.97.3-->"C:\Program Files\XnView\unins000.exe"
ZoneAlarm Spy Blocker-->rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O
ZoneAlarm-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
======Security center information======
FW: ZoneAlarm Firewall
======System event log======
Computer Name: VAMPIRE
Event Code: 6006
Message: Služba Event Log byla zastavena.
Record Number: 2107
Source Name: EventLog
Time Written: 20100528204620.000000+120
Event Type: Informace
User:
Computer Name: VAMPIRE
Event Code: 36
Message: Služba Systémový čas nemohla synchronizovat systémový čas
o 49152 sekund, protože žádný ze zprostředkovatelů časových údajů neposkytnul použitelné časové razítko. Systémové hodiny nejsou synchronizovány.
Record Number: 2106
Source Name: W32Time
Time Written: 20100528201632.000000+120
Event Type: Upozornění
User:
Computer Name: VAMPIRE
Event Code: 4226
Message: Došlo k překročení limitu možného počtu souběžných připojení protokolem TCP.
Record Number: 2105
Source Name: Tcpip
Time Written: 20100528164929.000000+120
Event Type: Upozornění
User:
Computer Name: VAMPIRE
Event Code: 4226
Message: Došlo k překročení limitu možného počtu souběžných připojení protokolem TCP.
Record Number: 2104
Source Name: Tcpip
Time Written: 20100528161949.000000+120
Event Type: Upozornění
User:
Computer Name: VAMPIRE
Event Code: 26
Message: Místní nabídka aplikace: GameOverlayUI.exe - Chyba aplikace : Instrukce na adrese 0x5b25aabe odkazovala na adresu paměi 0x016f000c. S pamětí nelze provést operaci: read.
Klepnutím na tlačítko OK ukončete program.
Record Number: 2103
Source Name: Application Popup
Time Written: 20100528082023.000000+120
Event Type: Informace
User:
=====Application event log=====
Computer Name: VAMPIRE
Event Code: 100
Message: wuauclt (2160) Databázový stroj 5.01.2600.2180 byl spuštěn.
Record Number: 653
Source Name: ESENT
Time Written: 20100607170147.000000+120
Event Type: Informace
User:
Computer Name: VAMPIRE
Event Code: 101
Message: wuauclt (1468) Databázový stroj byl zastaven.
Record Number: 652
Source Name: ESENT
Time Written: 20100606231855.000000+120
Event Type: Informace
User:
Computer Name: VAMPIRE
Event Code: 103
Message: wuaueng.dll (1468) SUS20ClientDataStore: Databázový stroj zastavil instanci (0).
Record Number: 651
Source Name: ESENT
Time Written: 20100606231855.000000+120
Event Type: Informace
User:
Computer Name: VAMPIRE
Event Code: 102
Message: wuaueng.dll (1468) SUS20ClientDataStore: Databázový stroj spustil novou instanci (0).
Record Number: 650
Source Name: ESENT
Time Written: 20100606231332.000000+120
Event Type: Informace
User:
Computer Name: VAMPIRE
Event Code: 100
Message: wuauclt (1468) Databázový stroj 5.01.2600.2180 byl spuštěn.
Record Number: 649
Source Name: ESENT
Time Written: 20100606231332.000000+120
Event Type: Informace
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=c:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 95 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=5f02
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"tvdumpflags"=8
"FP_NO_HOST_CHECK"=NO
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vysoká latency ve hrách ...
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vysoká latency ve hrách ...
Dejte log z RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vysoká latency ve hrách ...
Logfile of random's system information tool 1.08 (written by random/random)
Run by Vampirek at 2010-08-05 08:43:28
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 27 GB (21%) free of 131 GB
Total RAM: 1023 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:43:33, on 5.8.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Miranda IM\miranda32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Vampirek\Plocha\RSIT.exe
C:\Program Files\trend micro\Vampirek.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2090540
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 3701 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
ZoneAlarm Spy Blocker BHO - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2002-10-02 262144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - ZoneAlarm Spy Blocker - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2002-10-02 262144]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"nwiz"=nwiz.exe /installquiet []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-10 16126464]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayNC Launcher]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe [2010-05-07 1238352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Vampirek^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\kos\game_sting_pak\sting.exe"="C:\kos\game_sting_pak\sting.exe:*:Enabled:˝şĆÿ¶óŔÎ"
"C:\Program Files\eFusion\BlackShot\system\BlackShot.exe"="C:\Program Files\eFusion\BlackShot\system\BlackShot.exe:*:Enabled:BlackShot"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\GamerKraft\Priston Tale 2\PT2Start.exe"="C:\Program Files\GamerKraft\Priston Tale 2\PT2Start.exe:*:Enabled:PT2Start"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\GamesCampus\Heroes In the Sky\HIS.exe"="C:\GamesCampus\Heroes In the Sky\HIS.exe:*:Enabled:his"
"C:\Documents and Settings\Vampirek\Plocha\Pro Evolution Soccer 2008\PES2008.exe"="C:\Documents and Settings\Vampirek\Plocha\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server"
"C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm"
"C:\Program Files\Steam\steamapps\jarous1337\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\jarous1337\counter-strike\hl.exe:*:Enabled:Counter-Strike"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\kos\game_sting_pak\sting.exe"="C:\kos\game_sting_pak\sting.exe:*:Enabled:˝şĆÿ¶óŔÎ"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
======File associations======
.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 months======
2010-08-04 10:44:13 ----D---- C:\Program Files\trend micro
2010-08-04 10:44:12 ----D---- C:\rsit
2010-07-31 23:24:35 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\Sony Online Entertainment
2010-07-31 23:05:57 ----D---- C:\Program Files\3Djam
2010-07-27 19:59:49 ----D---- C:\GamesCampus
2010-07-26 02:11:30 ----A---- C:\WINDOWS\system32\unicows.dll
2010-07-25 14:35:32 ----D---- C:\Program Files\Three Rings Design
2010-07-23 17:26:48 ----D---- C:\Program Files\LogMeIn Hamachi
2010-07-23 14:37:14 ----A---- C:\error.txt
2010-07-23 14:34:45 ----D---- C:\Program Files\Codemasters
2010-07-23 14:34:45 ----A---- C:\WINDOWS\system32\MSOSS.DLL
2010-07-23 13:28:35 ----D---- C:\Program Files\GameTop.com
2010-07-22 19:08:06 ----D---- C:\Program Files\DFIGames
2010-07-22 10:41:37 ----D---- C:\wally
2010-07-20 16:59:43 ----D---- C:\Program Files\Team Exyhodu
2010-07-20 16:41:35 ----N---- C:\WINDOWS\UniFISH.exe
2010-07-20 16:41:32 ----D---- C:\TTD
2010-07-14 01:41:27 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2010-07-12 10:46:37 ----D---- C:\Vietcong
2010-07-12 00:11:04 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-07-12 00:11:04 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-07-12 00:11:04 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-07-12 00:11:03 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-07-12 00:11:03 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-07-12 00:11:02 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-07-12 00:10:59 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-07-12 00:10:52 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-07-11 15:59:13 ----D---- C:\PlayOMG
2010-07-10 20:39:52 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\Help
2010-07-10 20:30:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\SecTaskMan
2010-07-10 20:30:48 ----D---- C:\Program Files\Security Task Manager
2010-07-07 21:52:27 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\Need for Speed World
2010-07-07 21:29:20 ----D---- C:\Program Files\Electronic Arts
2010-07-07 21:29:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2010-07-07 17:51:06 ----A---- C:\WINDOWS\IsUninst.exe
2010-07-07 16:53:47 ----A---- C:\WINDOWS\Thps3.INI
2010-07-07 14:16:04 ----D---- C:\Program Files\Simbin
2010-07-07 13:51:59 ----D---- C:\Program Files\Microsoft Games
2010-07-06 14:36:12 ----D---- C:\CAVEDOG
2010-07-06 13:26:06 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-07-06 13:08:28 ----D---- C:\Program Files\Headup Games
2010-07-06 04:52:34 ----D---- C:\WINDOWS\pss
======List of files/folders modified in the last 1 months======
2010-08-05 08:42:50 ----D---- C:\Program Files\Mozilla Firefox
2010-08-05 08:29:22 ----D---- C:\WINDOWS\Internet Logs
2010-08-05 08:28:56 ----SD---- C:\WINDOWS\Tasks
2010-08-05 08:28:56 ----D---- C:\WINDOWS\Temp
2010-08-05 08:28:26 ----D---- C:\Program Files\Common Files\Akamai
2010-08-05 08:28:10 ----D---- C:\WINDOWS
2010-08-05 08:28:07 ----D---- C:\WINDOWS\system32\LogFiles
2010-08-04 19:43:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-04 18:16:27 ----D---- C:\Program Files\Steam
2010-08-04 11:40:02 ----SHD---- C:\WINDOWS\Installer
2010-08-04 10:44:27 ----D---- C:\WINDOWS\Prefetch
2010-08-04 10:44:13 ----D---- C:\Program Files
2010-08-04 10:30:01 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-27 20:02:15 ----D---- C:\WINDOWS\system32\DirectX
2010-07-27 20:02:14 ----HD---- C:\WINDOWS\inf
2010-07-27 18:32:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2010-07-26 09:24:29 ----D---- C:\Perfect World Entertainment
2010-07-26 02:11:39 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\GetRightToGo
2010-07-26 02:11:30 ----D---- C:\WINDOWS\system32
2010-07-25 21:19:49 ----D---- C:\Program Files\AOA
2010-07-24 21:37:37 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\BitTorrent
2010-07-24 21:23:28 ----D---- C:\hry
2010-07-24 19:09:26 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-23 17:26:49 ----D---- C:\WINDOWS\system32\drivers
2010-07-23 17:26:40 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\Hamachi
2010-07-23 13:57:26 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\Macromedia
2010-07-23 13:56:44 ----D---- C:\WINDOWS\system32\Macromed
2010-07-23 13:48:20 ----D---- C:\WINDOWS\system32\Adobe
2010-07-19 11:31:28 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2010-07-19 11:31:28 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2010-07-16 01:05:51 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\DivX
2010-07-14 21:06:36 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\XnView
2010-07-12 19:42:54 ----RSD---- C:\WINDOWS\Fonts
2010-07-12 00:10:45 ----HD---- C:\WINDOWS\msdownld.tmp
2010-07-11 16:31:37 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-07-10 20:37:59 ----D---- C:\Program Files\Common Files
2010-07-10 20:36:03 ----RSD---- C:\WINDOWS\assembly
2010-07-10 20:36:00 ----D---- C:\Program Files\OpenOffice.org 3
2010-07-07 17:51:20 ----D---- C:\Program Files\Activision
2010-07-07 14:21:15 ----SD---- C:\Documents and Settings\Vampirek\Data aplikací\Microsoft
2010-07-06 14:19:09 ----D---- C:\Program Files\MyPlayCity.com
2010-07-06 04:53:36 ----RASH---- C:\boot.ini
2010-07-06 04:53:36 ----A---- C:\WINDOWS\win.ini
2010-07-06 04:53:36 ----A---- C:\WINDOWS\system.ini
2010-07-06 03:56:09 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\mIRC
2010-07-06 03:50:11 ----D---- C:\Program Files\mIRC
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-07-02 64288]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 srescan;srescan; C:\WINDOWS\System32\ZoneLabs\srescan.sys [2008-02-27 51176]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-10 4397568]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2007-02-06 90880]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S3 EagleNT;EagleNT; \??\C:\DOCUME~1\Vampirek\LOCALS~1\Temp\EagleNT.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\Vampirek\LOCALS~1\Temp\BCM43.tmp []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 vtany;vtany; \??\C:\WINDOWS\vtany.sys []
S3 xhunter1;xhunter1; \??\C:\WINDOWS\xhunter1.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-06-12 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-06-14 214592]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-02 1352832]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2010-02-21 3494124]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Vampirek at 2010-08-05 08:43:28
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 27 GB (21%) free of 131 GB
Total RAM: 1023 MB (64% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:43:33, on 5.8.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Miranda IM\miranda32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Vampirek\Plocha\RSIT.exe
C:\Program Files\trend micro\Vampirek.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2090540
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 3701 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
ZoneAlarm Spy Blocker BHO - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2002-10-02 262144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - ZoneAlarm Spy Blocker - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2002-10-02 262144]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"nwiz"=nwiz.exe /installquiet []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-04-10 16126464]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-08-17 1667584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayNC Launcher]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe [2010-05-07 1238352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Vampirek^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\kos\game_sting_pak\sting.exe"="C:\kos\game_sting_pak\sting.exe:*:Enabled:˝şĆÿ¶óŔÎ"
"C:\Program Files\eFusion\BlackShot\system\BlackShot.exe"="C:\Program Files\eFusion\BlackShot\system\BlackShot.exe:*:Enabled:BlackShot"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\GamerKraft\Priston Tale 2\PT2Start.exe"="C:\Program Files\GamerKraft\Priston Tale 2\PT2Start.exe:*:Enabled:PT2Start"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\GamesCampus\Heroes In the Sky\HIS.exe"="C:\GamesCampus\Heroes In the Sky\HIS.exe:*:Enabled:his"
"C:\Documents and Settings\Vampirek\Plocha\Pro Evolution Soccer 2008\PES2008.exe"="C:\Documents and Settings\Vampirek\Plocha\Pro Evolution Soccer 2008\PES2008.exe:*:Enabled:Pro Evolution Soccer 2008"
"C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server"
"C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm"
"C:\Program Files\Steam\steamapps\jarous1337\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\jarous1337\counter-strike\hl.exe:*:Enabled:Counter-Strike"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\kos\game_sting_pak\sting.exe"="C:\kos\game_sting_pak\sting.exe:*:Enabled:˝şĆÿ¶óŔÎ"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
======File associations======
.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"
======List of files/folders created in the last 1 months======
2010-08-04 10:44:13 ----D---- C:\Program Files\trend micro
2010-08-04 10:44:12 ----D---- C:\rsit
2010-07-31 23:24:35 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\Sony Online Entertainment
2010-07-31 23:05:57 ----D---- C:\Program Files\3Djam
2010-07-27 19:59:49 ----D---- C:\GamesCampus
2010-07-26 02:11:30 ----A---- C:\WINDOWS\system32\unicows.dll
2010-07-25 14:35:32 ----D---- C:\Program Files\Three Rings Design
2010-07-23 17:26:48 ----D---- C:\Program Files\LogMeIn Hamachi
2010-07-23 14:37:14 ----A---- C:\error.txt
2010-07-23 14:34:45 ----D---- C:\Program Files\Codemasters
2010-07-23 14:34:45 ----A---- C:\WINDOWS\system32\MSOSS.DLL
2010-07-23 13:28:35 ----D---- C:\Program Files\GameTop.com
2010-07-22 19:08:06 ----D---- C:\Program Files\DFIGames
2010-07-22 10:41:37 ----D---- C:\wally
2010-07-20 16:59:43 ----D---- C:\Program Files\Team Exyhodu
2010-07-20 16:41:35 ----N---- C:\WINDOWS\UniFISH.exe
2010-07-20 16:41:32 ----D---- C:\TTD
2010-07-14 01:41:27 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2010-07-12 10:46:37 ----D---- C:\Vietcong
2010-07-12 00:11:04 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-07-12 00:11:04 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-07-12 00:11:04 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-07-12 00:11:03 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-07-12 00:11:03 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-07-12 00:11:02 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-07-12 00:10:59 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-07-12 00:10:52 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-07-11 15:59:13 ----D---- C:\PlayOMG
2010-07-10 20:39:52 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\Help
2010-07-10 20:30:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\SecTaskMan
2010-07-10 20:30:48 ----D---- C:\Program Files\Security Task Manager
2010-07-07 21:52:27 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\Need for Speed World
2010-07-07 21:29:20 ----D---- C:\Program Files\Electronic Arts
2010-07-07 21:29:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2010-07-07 17:51:06 ----A---- C:\WINDOWS\IsUninst.exe
2010-07-07 16:53:47 ----A---- C:\WINDOWS\Thps3.INI
2010-07-07 14:16:04 ----D---- C:\Program Files\Simbin
2010-07-07 13:51:59 ----D---- C:\Program Files\Microsoft Games
2010-07-06 14:36:12 ----D---- C:\CAVEDOG
2010-07-06 13:26:06 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-07-06 13:08:28 ----D---- C:\Program Files\Headup Games
2010-07-06 04:52:34 ----D---- C:\WINDOWS\pss
======List of files/folders modified in the last 1 months======
2010-08-05 08:42:50 ----D---- C:\Program Files\Mozilla Firefox
2010-08-05 08:29:22 ----D---- C:\WINDOWS\Internet Logs
2010-08-05 08:28:56 ----SD---- C:\WINDOWS\Tasks
2010-08-05 08:28:56 ----D---- C:\WINDOWS\Temp
2010-08-05 08:28:26 ----D---- C:\Program Files\Common Files\Akamai
2010-08-05 08:28:10 ----D---- C:\WINDOWS
2010-08-05 08:28:07 ----D---- C:\WINDOWS\system32\LogFiles
2010-08-04 19:43:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-04 18:16:27 ----D---- C:\Program Files\Steam
2010-08-04 11:40:02 ----SHD---- C:\WINDOWS\Installer
2010-08-04 10:44:27 ----D---- C:\WINDOWS\Prefetch
2010-08-04 10:44:13 ----D---- C:\Program Files
2010-08-04 10:30:01 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-27 20:02:15 ----D---- C:\WINDOWS\system32\DirectX
2010-07-27 20:02:14 ----HD---- C:\WINDOWS\inf
2010-07-27 18:32:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\PMB Files
2010-07-26 09:24:29 ----D---- C:\Perfect World Entertainment
2010-07-26 02:11:39 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\GetRightToGo
2010-07-26 02:11:30 ----D---- C:\WINDOWS\system32
2010-07-25 21:19:49 ----D---- C:\Program Files\AOA
2010-07-24 21:37:37 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\BitTorrent
2010-07-24 21:23:28 ----D---- C:\hry
2010-07-24 19:09:26 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-23 17:26:49 ----D---- C:\WINDOWS\system32\drivers
2010-07-23 17:26:40 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\Hamachi
2010-07-23 13:57:26 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\Macromedia
2010-07-23 13:56:44 ----D---- C:\WINDOWS\system32\Macromed
2010-07-23 13:48:20 ----D---- C:\WINDOWS\system32\Adobe
2010-07-19 11:31:28 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2010-07-19 11:31:28 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2010-07-16 01:05:51 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\DivX
2010-07-14 21:06:36 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\XnView
2010-07-12 19:42:54 ----RSD---- C:\WINDOWS\Fonts
2010-07-12 00:10:45 ----HD---- C:\WINDOWS\msdownld.tmp
2010-07-11 16:31:37 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-07-10 20:37:59 ----D---- C:\Program Files\Common Files
2010-07-10 20:36:03 ----RSD---- C:\WINDOWS\assembly
2010-07-10 20:36:00 ----D---- C:\Program Files\OpenOffice.org 3
2010-07-07 17:51:20 ----D---- C:\Program Files\Activision
2010-07-07 14:21:15 ----SD---- C:\Documents and Settings\Vampirek\Data aplikací\Microsoft
2010-07-06 14:19:09 ----D---- C:\Program Files\MyPlayCity.com
2010-07-06 04:53:36 ----RASH---- C:\boot.ini
2010-07-06 04:53:36 ----A---- C:\WINDOWS\win.ini
2010-07-06 04:53:36 ----A---- C:\WINDOWS\system.ini
2010-07-06 03:56:09 ----D---- C:\Documents and Settings\Vampirek\Data aplikací\mIRC
2010-07-06 03:50:11 ----D---- C:\Program Files\mIRC
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-07-02 64288]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2004-08-03 61056]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 srescan;srescan; C:\WINDOWS\System32\ZoneLabs\srescan.sys [2008-02-27 51176]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2004-08-03 60800]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-04-10 4397568]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2004-08-03 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtenicxp.sys [2007-02-06 90880]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-08-09 29696]
S3 EagleNT;EagleNT; \??\C:\DOCUME~1\Vampirek\LOCALS~1\Temp\EagleNT.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\Vampirek\LOCALS~1\Temp\BCM43.tmp []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 vtany;vtany; \??\C:\WINDOWS\vtany.sys []
S3 xhunter1;xhunter1; \??\C:\WINDOWS\xhunter1.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-06-12 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-06-14 214592]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-07-02 1352832]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S3 idsvc;Služba Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2010-02-21 3494124]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vysoká latency ve hrách ...
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vysoká latency ve hrách ...
ComboFix 10-08-10.07 - Vampirek 11.08.2010 19:49:56.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.669 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vampirek\Plocha\ComboFix.exe
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\Temp
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-11 do 2010-08-11 )))))))))))))))))))))))))))))))
.
2010-08-07 12:47 . 2010-08-07 12:47 -------- d-----w- c:\program files\Stunlock Studios
2010-08-07 12:45 . 2010-08-07 12:45 -------- d-----w- c:\program files\Microsoft XNA
2010-08-05 18:04 . 2010-08-05 18:33 -------- d-----w- c:\program files\Perpetuum
2010-08-04 08:44 . 2010-08-05 06:43 -------- d-----w- c:\program files\trend micro
2010-08-04 08:44 . 2010-08-04 08:44 -------- d-----w- C:\rsit
2010-07-31 21:14 . 2010-07-31 21:14 4096 ----a-w- c:\windows\d3dx.dat
2010-07-31 21:05 . 2010-07-31 21:05 -------- d-----w- c:\program files\3Djam
2010-07-27 17:59 . 2010-07-27 17:59 -------- d-----w- C:\GamesCampus
2010-07-26 00:11 . 2010-07-26 00:11 258352 ----a-w- c:\windows\system32\unicows.dll
2010-07-25 12:42 . 2010-05-26 12:42 32 ----a-r- c:\documents and settings\All Users\hash.dat
2010-07-25 12:35 . 2010-07-25 12:35 -------- d-----w- c:\program files\Three Rings Design
2010-07-23 15:26 . 2010-07-23 15:26 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-07-23 12:34 . 2010-07-23 12:34 -------- d-----w- c:\program files\Codemasters
2010-07-23 12:34 . 1999-04-23 20:22 151552 ----a-w- c:\windows\system32\MSOSS.DLL
2010-07-23 11:28 . 2010-08-05 23:20 -------- d-----w- c:\program files\GameTop.com
2010-07-22 17:08 . 2010-07-22 17:08 -------- d-----w- c:\program files\DFIGames
2010-07-22 08:41 . 2010-07-22 08:41 -------- d-----w- C:\wally
2010-07-20 14:59 . 2010-07-20 14:59 -------- d-----w- c:\program files\Team Exyhodu
2010-07-20 14:41 . 1996-09-30 17:46 24576 ------w- c:\windows\UniFISH.exe
2010-07-20 14:41 . 2010-07-20 14:41 -------- d-----w- C:\TTD
2010-07-13 23:41 . 2010-07-13 23:41 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-11 17:55 . 2010-06-04 02:51 -------- d-----w- c:\program files\Common Files\Akamai
2010-08-09 16:44 . 2010-04-23 23:39 -------- d-----w- c:\program files\Steam
2010-08-05 20:21 . 2010-05-12 23:45 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-07-25 19:19 . 2010-06-25 04:53 -------- d-----w- c:\program files\AOA
2010-07-24 17:09 . 2002-10-02 20:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-19 09:31 . 2010-06-06 19:26 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-07-19 09:31 . 2010-06-06 19:26 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2010-07-18 03:25 . 2010-07-18 03:25 2091335 ----a-w- c:\windows\Internet Logs\tvDebug.zip
2010-07-10 18:39 . 2010-07-10 18:30 -------- d-----w- c:\program files\Security Task Manager
2010-07-10 18:36 . 2010-04-26 15:06 -------- d-----w- c:\program files\OpenOffice.org 3
2010-07-09 00:45 . 2010-07-09 11:12 2860544 ----a-w- c:\windows\Internet Logs\xDB5.tmp
2010-07-07 19:29 . 2010-07-07 19:29 -------- d-----w- c:\program files\Electronic Arts
2010-07-07 15:51 . 2010-06-08 20:34 -------- d-----w- c:\program files\Activision
2010-07-07 14:47 . 2010-07-07 11:51 -------- d-----w- c:\program files\Microsoft Games
2010-07-07 12:16 . 2010-07-07 12:16 -------- d-----w- c:\program files\Simbin
2010-07-06 12:19 . 2010-07-05 20:55 -------- d-----w- c:\program files\MyPlayCity.com
2010-07-06 11:26 . 2010-07-06 11:26 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-07-06 11:08 . 2010-07-06 11:08 -------- d-----w- c:\program files\Headup Games
2010-07-06 01:50 . 2010-04-26 23:22 -------- d-----w- c:\program files\mIRC
2010-07-04 17:18 . 2010-06-29 23:02 96 ---ha-w- c:\windows\system32\HsInfo.dat
2010-07-03 11:59 . 2010-07-03 11:59 -------- d-----w- c:\program files\PSPad editor
2010-07-02 15:25 . 2010-07-02 15:25 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-02 15:25 . 2010-07-02 16:22 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-07-02 15:25 . 2010-07-02 15:26 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-07-02 15:18 . 2010-07-02 15:17 -------- d-----w- c:\program files\Lavasoft
2010-07-02 12:26 . 2010-07-02 12:26 -------- d-----w- c:\program files\changyou
2010-07-01 08:50 . 2010-07-01 08:57 1760256 ----a-w- c:\windows\Internet Logs\xDB4.tmp
2010-07-01 08:49 . 2010-07-01 08:57 83456 ----a-w- c:\windows\Internet Logs\xDB3.tmp
2010-06-29 16:49 . 2010-06-29 16:51 1735680 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2010-06-29 16:49 . 2010-06-29 16:51 3121664 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2010-06-25 05:00 . 2010-06-25 05:00 -------- d-----w- c:\program files\SnailWeb
2010-06-23 11:44 . 2010-06-22 21:19 -------- d-----w- c:\program files\Garena
2010-06-20 15:03 . 2010-06-13 15:43 -------- d-----w- c:\program files\OGPlanet
2010-06-17 19:55 . 2010-06-17 19:55 -------- d-----w- c:\program files\CCleaner
2010-06-17 18:09 . 2010-06-09 18:18 -------- d-----w- c:\program files\GamerKraft
2010-06-15 13:16 . 2001-10-25 12:00 82462 ----a-w- c:\windows\system32\perfc005.dat
2010-06-15 13:16 . 2001-10-25 12:00 437062 ----a-w- c:\windows\system32\perfh005.dat
2010-06-13 22:48 . 2010-04-26 21:55 138968 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-13 22:48 . 2010-04-26 21:43 214592 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-13 17:41 . 2010-06-13 17:37 -------- d-----w- c:\program files\DivX
2010-06-13 17:40 . 2010-06-13 17:39 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-06-12 18:43 . 2010-04-26 21:43 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-12 18:17 . 2010-04-26 21:43 794408 ----a-w- c:\windows\system32\pbsvc.exe
2010-06-12 18:17 . 2010-04-24 08:41 -------- d-----w- c:\program files\EA Sports
2010-06-04 00:27 . 2010-06-04 00:22 61267 ----a-w- c:\windows\War3Unin.dat
2010-06-04 00:26 . 2010-06-04 00:21 2829 ----a-w- c:\windows\War3Unin.pif
2010-06-04 00:26 . 2010-06-04 00:21 139264 ----a-w- c:\windows\War3Unin.exe
2010-06-02 21:49 . 2010-06-02 21:04 531 ----a-w- c:\windows\eReg.dat
2010-06-02 21:31 . 2001-10-25 12:00 12464 ----a-w- c:\windows\system32\drivers\secdrv.sys
2010-06-02 02:55 . 2010-07-11 22:11 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55 . 2010-07-11 22:11 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55 . 2010-07-11 22:11 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-05-26 09:41 . 2010-07-11 22:11 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-05-26 09:41 . 2010-07-11 22:11 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-05-26 09:41 . 2010-07-11 22:11 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-05-26 09:41 . 2010-07-11 22:10 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-05-26 09:41 . 2010-07-11 22:10 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
.
------- Sigcheck -------
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2004-08-03 . C1783498EDB152656303B5D5BCABD86C . 359040 . . [5.1.2600.2180] . . c:\windows\system32\drivers\tcpip.sys
[-] 2001-10-25 . E7774698BB0D14B0710A9A31E209F9B6 . 327168 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16126464]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Vampirek^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\Vampirek\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-21 23:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-17 13:49 1667584 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-05-07 08:17 1238352 ----a-w- c:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-06-17 11:44 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Documents and Settings\\Vampirek\\Plocha\\Pro Evolution Soccer 2008\\PES2008.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\srcds.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"=
"c:\\Program Files\\Steam\\steamapps\\jarous1337\\counter-strike\\hl.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56661:TCP"= 56661:TCP:Pando Media Booster
"56661:UDP"= 56661:UDP:Pando Media Booster
"4938:TCP"= 4938:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2.7.2010 17:26 64288]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [25.10.2001 14:00 14336]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [30.3.2010 11:16 1107336]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [4.2.2010 17:52 1352832]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Vampirek\LOCALS~1\Temp\BCM43.tmp --> c:\docume~1\Vampirek\LOCALS~1\Temp\BCM43.tmp [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]
S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2010-08-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2090540
FF - ProfilePath - c:\documents and settings\Vampirek\Data aplikací\Mozilla\Firefox\Profiles\gebsyw4f.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2090540&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - OnRPG Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2090540&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2090540&SearchSource=2&q=
FF - component: c:\documents and settings\Vampirek\Data aplikací\Mozilla\Firefox\Profiles\gebsyw4f.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\components\FFExternalAlert.dll
FF - plugin: c:\docume~1\Vampirek\DATAAP~1\POWERC~1\nppowerloader.dll
FF - plugin: c:\documents and settings\Vampirek\Dokumenty\Sparkplay Media\Sparkplayer (Beta)\npSparkPlayerNS.dll
FF - plugin: c:\program files\3Djam\Roozz\nproozz.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGPPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll
FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: c:\windows\system32\npOGPPlugin.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-nwiz - nwiz.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe
AddRemove-Kos (usa) - c:\kos\Uninstall.exe
AddRemove-NCsoft-AionEU - c:\program files\NCSoft\Launcher\NCLauncher.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-11 19:55
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Vampirek\LOCALS~1\Temp\BCM43.tmp"
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\ćHőwć*]
"DisplayName"="???\17?\11\09"
"DeviceDesc"="???\17?\11\09"
"ProviderName"="?U?\11?\17?\11??"
"MFG"="???????"
"ReinstallString"=".10.1000.7"
"DeviceInstanceIds"=multi:"d:\\ati\\atidrv\\sbdrv\\smbus\\smbusati.inf\00"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(2984)
c:\windows\system32\wmploc.dll
.
Celkový čas: 2010-08-11 19:57:11
ComboFix-quarantined-files.txt 2010-08-11 17:57
Před spuštěním: Volných bajtů: 24 195 670 016
Po spuštění: Volných bajtů: 24 256 311 296
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 9F5ED41FB40D0A70536417904A8CFE52
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.669 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vampirek\Plocha\ComboFix.exe
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\Temp
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-11 do 2010-08-11 )))))))))))))))))))))))))))))))
.
2010-08-07 12:47 . 2010-08-07 12:47 -------- d-----w- c:\program files\Stunlock Studios
2010-08-07 12:45 . 2010-08-07 12:45 -------- d-----w- c:\program files\Microsoft XNA
2010-08-05 18:04 . 2010-08-05 18:33 -------- d-----w- c:\program files\Perpetuum
2010-08-04 08:44 . 2010-08-05 06:43 -------- d-----w- c:\program files\trend micro
2010-08-04 08:44 . 2010-08-04 08:44 -------- d-----w- C:\rsit
2010-07-31 21:14 . 2010-07-31 21:14 4096 ----a-w- c:\windows\d3dx.dat
2010-07-31 21:05 . 2010-07-31 21:05 -------- d-----w- c:\program files\3Djam
2010-07-27 17:59 . 2010-07-27 17:59 -------- d-----w- C:\GamesCampus
2010-07-26 00:11 . 2010-07-26 00:11 258352 ----a-w- c:\windows\system32\unicows.dll
2010-07-25 12:42 . 2010-05-26 12:42 32 ----a-r- c:\documents and settings\All Users\hash.dat
2010-07-25 12:35 . 2010-07-25 12:35 -------- d-----w- c:\program files\Three Rings Design
2010-07-23 15:26 . 2010-07-23 15:26 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-07-23 12:34 . 2010-07-23 12:34 -------- d-----w- c:\program files\Codemasters
2010-07-23 12:34 . 1999-04-23 20:22 151552 ----a-w- c:\windows\system32\MSOSS.DLL
2010-07-23 11:28 . 2010-08-05 23:20 -------- d-----w- c:\program files\GameTop.com
2010-07-22 17:08 . 2010-07-22 17:08 -------- d-----w- c:\program files\DFIGames
2010-07-22 08:41 . 2010-07-22 08:41 -------- d-----w- C:\wally
2010-07-20 14:59 . 2010-07-20 14:59 -------- d-----w- c:\program files\Team Exyhodu
2010-07-20 14:41 . 1996-09-30 17:46 24576 ------w- c:\windows\UniFISH.exe
2010-07-20 14:41 . 2010-07-20 14:41 -------- d-----w- C:\TTD
2010-07-13 23:41 . 2010-07-13 23:41 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-11 17:55 . 2010-06-04 02:51 -------- d-----w- c:\program files\Common Files\Akamai
2010-08-09 16:44 . 2010-04-23 23:39 -------- d-----w- c:\program files\Steam
2010-08-05 20:21 . 2010-05-12 23:45 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-07-25 19:19 . 2010-06-25 04:53 -------- d-----w- c:\program files\AOA
2010-07-24 17:09 . 2002-10-02 20:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-19 09:31 . 2010-06-06 19:26 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-07-19 09:31 . 2010-06-06 19:26 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2010-07-18 03:25 . 2010-07-18 03:25 2091335 ----a-w- c:\windows\Internet Logs\tvDebug.zip
2010-07-10 18:39 . 2010-07-10 18:30 -------- d-----w- c:\program files\Security Task Manager
2010-07-10 18:36 . 2010-04-26 15:06 -------- d-----w- c:\program files\OpenOffice.org 3
2010-07-09 00:45 . 2010-07-09 11:12 2860544 ----a-w- c:\windows\Internet Logs\xDB5.tmp
2010-07-07 19:29 . 2010-07-07 19:29 -------- d-----w- c:\program files\Electronic Arts
2010-07-07 15:51 . 2010-06-08 20:34 -------- d-----w- c:\program files\Activision
2010-07-07 14:47 . 2010-07-07 11:51 -------- d-----w- c:\program files\Microsoft Games
2010-07-07 12:16 . 2010-07-07 12:16 -------- d-----w- c:\program files\Simbin
2010-07-06 12:19 . 2010-07-05 20:55 -------- d-----w- c:\program files\MyPlayCity.com
2010-07-06 11:26 . 2010-07-06 11:26 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-07-06 11:08 . 2010-07-06 11:08 -------- d-----w- c:\program files\Headup Games
2010-07-06 01:50 . 2010-04-26 23:22 -------- d-----w- c:\program files\mIRC
2010-07-04 17:18 . 2010-06-29 23:02 96 ---ha-w- c:\windows\system32\HsInfo.dat
2010-07-03 11:59 . 2010-07-03 11:59 -------- d-----w- c:\program files\PSPad editor
2010-07-02 15:25 . 2010-07-02 15:25 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-02 15:25 . 2010-07-02 16:22 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-07-02 15:25 . 2010-07-02 15:26 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-07-02 15:18 . 2010-07-02 15:17 -------- d-----w- c:\program files\Lavasoft
2010-07-02 12:26 . 2010-07-02 12:26 -------- d-----w- c:\program files\changyou
2010-07-01 08:50 . 2010-07-01 08:57 1760256 ----a-w- c:\windows\Internet Logs\xDB4.tmp
2010-07-01 08:49 . 2010-07-01 08:57 83456 ----a-w- c:\windows\Internet Logs\xDB3.tmp
2010-06-29 16:49 . 2010-06-29 16:51 1735680 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2010-06-29 16:49 . 2010-06-29 16:51 3121664 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2010-06-25 05:00 . 2010-06-25 05:00 -------- d-----w- c:\program files\SnailWeb
2010-06-23 11:44 . 2010-06-22 21:19 -------- d-----w- c:\program files\Garena
2010-06-20 15:03 . 2010-06-13 15:43 -------- d-----w- c:\program files\OGPlanet
2010-06-17 19:55 . 2010-06-17 19:55 -------- d-----w- c:\program files\CCleaner
2010-06-17 18:09 . 2010-06-09 18:18 -------- d-----w- c:\program files\GamerKraft
2010-06-15 13:16 . 2001-10-25 12:00 82462 ----a-w- c:\windows\system32\perfc005.dat
2010-06-15 13:16 . 2001-10-25 12:00 437062 ----a-w- c:\windows\system32\perfh005.dat
2010-06-13 22:48 . 2010-04-26 21:55 138968 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-13 22:48 . 2010-04-26 21:43 214592 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-13 17:41 . 2010-06-13 17:37 -------- d-----w- c:\program files\DivX
2010-06-13 17:40 . 2010-06-13 17:39 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-06-12 18:43 . 2010-04-26 21:43 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-12 18:17 . 2010-04-26 21:43 794408 ----a-w- c:\windows\system32\pbsvc.exe
2010-06-12 18:17 . 2010-04-24 08:41 -------- d-----w- c:\program files\EA Sports
2010-06-04 00:27 . 2010-06-04 00:22 61267 ----a-w- c:\windows\War3Unin.dat
2010-06-04 00:26 . 2010-06-04 00:21 2829 ----a-w- c:\windows\War3Unin.pif
2010-06-04 00:26 . 2010-06-04 00:21 139264 ----a-w- c:\windows\War3Unin.exe
2010-06-02 21:49 . 2010-06-02 21:04 531 ----a-w- c:\windows\eReg.dat
2010-06-02 21:31 . 2001-10-25 12:00 12464 ----a-w- c:\windows\system32\drivers\secdrv.sys
2010-06-02 02:55 . 2010-07-11 22:11 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55 . 2010-07-11 22:11 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55 . 2010-07-11 22:11 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-05-26 09:41 . 2010-07-11 22:11 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-05-26 09:41 . 2010-07-11 22:11 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-05-26 09:41 . 2010-07-11 22:11 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-05-26 09:41 . 2010-07-11 22:10 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-05-26 09:41 . 2010-07-11 22:10 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
.
------- Sigcheck -------
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2004-08-03 . C1783498EDB152656303B5D5BCABD86C . 359040 . . [5.1.2600.2180] . . c:\windows\system32\drivers\tcpip.sys
[-] 2001-10-25 . E7774698BB0D14B0710A9A31E209F9B6 . 327168 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16126464]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Vampirek^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\Vampirek\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-21 23:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-17 13:49 1667584 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-05-07 08:17 1238352 ----a-w- c:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-06-17 11:44 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Documents and Settings\\Vampirek\\Plocha\\Pro Evolution Soccer 2008\\PES2008.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\srcds.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"=
"c:\\Program Files\\Steam\\steamapps\\jarous1337\\counter-strike\\hl.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56661:TCP"= 56661:TCP:Pando Media Booster
"56661:UDP"= 56661:UDP:Pando Media Booster
"4938:TCP"= 4938:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2.7.2010 17:26 64288]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [25.10.2001 14:00 14336]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [30.3.2010 11:16 1107336]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [4.2.2010 17:52 1352832]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Vampirek\LOCALS~1\Temp\BCM43.tmp --> c:\docume~1\Vampirek\LOCALS~1\Temp\BCM43.tmp [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]
S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2010-08-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2090540
FF - ProfilePath - c:\documents and settings\Vampirek\Data aplikací\Mozilla\Firefox\Profiles\gebsyw4f.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2090540&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - OnRPG Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2090540&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2090540&SearchSource=2&q=
FF - component: c:\documents and settings\Vampirek\Data aplikací\Mozilla\Firefox\Profiles\gebsyw4f.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\components\FFExternalAlert.dll
FF - plugin: c:\docume~1\Vampirek\DATAAP~1\POWERC~1\nppowerloader.dll
FF - plugin: c:\documents and settings\Vampirek\Dokumenty\Sparkplay Media\Sparkplayer (Beta)\npSparkPlayerNS.dll
FF - plugin: c:\program files\3Djam\Roozz\nproozz.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGPPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll
FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: c:\windows\system32\npOGPPlugin.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-nwiz - nwiz.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe
AddRemove-Kos (usa) - c:\kos\Uninstall.exe
AddRemove-NCsoft-AionEU - c:\program files\NCSoft\Launcher\NCLauncher.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-11 19:55
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Vampirek\LOCALS~1\Temp\BCM43.tmp"
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\ćHőwć*]
"DisplayName"="???\17?\11\09"
"DeviceDesc"="???\17?\11\09"
"ProviderName"="?U?\11?\17?\11??"
"MFG"="???????"
"ReinstallString"=".10.1000.7"
"DeviceInstanceIds"=multi:"d:\\ati\\atidrv\\sbdrv\\smbus\\smbusati.inf\00"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(2984)
c:\windows\system32\wmploc.dll
.
Celkový čas: 2010-08-11 19:57:11
ComboFix-quarantined-files.txt 2010-08-11 17:57
Před spuštěním: Volných bajtů: 24 195 670 016
Po spuštění: Volných bajtů: 24 256 311 296
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 9F5ED41FB40D0A70536417904A8CFE52
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vysoká latency ve hrách ...
Otevřte poznámkový blok a zkopírujte do něj:
Po této akci ještě doporučuji PC vyčistit CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 .
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.Driver::
Akamai
Po této akci ještě doporučuji PC vyčistit CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vysoká latency ve hrách ...
provedl sem a vyskočil na mě log
ComboFix 10-08-11.02 - Vampirek 11.08.2010 20:36:16.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.524 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vampirek\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Vampirek\Plocha\CFScript.txt
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_AKAMAI
-------\Service_Akamai
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-11 do 2010-08-11 )))))))))))))))))))))))))))))))
.
2010-08-11 18:16 . 2010-08-11 18:16 -------- d-----w- c:\program files\Thoosje
2010-08-11 18:14 . 2010-08-11 18:14 -------- d-----w- c:\program files\Pmcc
2010-08-11 18:13 . 2010-08-11 18:13 -------- d-----w- C:\dadarda
2010-08-11 18:12 . 2010-08-11 18:12 -------- d-----w- C:\NVIDIA nTune 2.0 install
2010-08-07 12:47 . 2010-08-07 12:47 -------- d-----w- c:\program files\Stunlock Studios
2010-08-07 12:45 . 2010-08-07 12:45 -------- d-----w- c:\program files\Microsoft XNA
2010-08-05 18:04 . 2010-08-05 18:33 -------- d-----w- c:\program files\Perpetuum
2010-08-04 08:44 . 2010-08-05 06:43 -------- d-----w- c:\program files\trend micro
2010-08-04 08:44 . 2010-08-04 08:44 -------- d-----w- C:\rsit
2010-07-31 21:14 . 2010-07-31 21:14 4096 ----a-w- c:\windows\d3dx.dat
2010-07-31 21:05 . 2010-07-31 21:05 -------- d-----w- c:\program files\3Djam
2010-07-27 17:59 . 2010-07-27 17:59 -------- d-----w- C:\GamesCampus
2010-07-26 00:11 . 2010-07-26 00:11 258352 ----a-w- c:\windows\system32\unicows.dll
2010-07-25 12:42 . 2010-05-26 12:42 32 ----a-r- c:\documents and settings\All Users\hash.dat
2010-07-25 12:35 . 2010-07-25 12:35 -------- d-----w- c:\program files\Three Rings Design
2010-07-23 15:26 . 2010-07-23 15:26 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-07-23 12:34 . 2010-07-23 12:34 -------- d-----w- c:\program files\Codemasters
2010-07-23 12:34 . 1999-04-23 20:22 151552 ----a-w- c:\windows\system32\MSOSS.DLL
2010-07-23 11:28 . 2010-08-05 23:20 -------- d-----w- c:\program files\GameTop.com
2010-07-22 17:08 . 2010-07-22 17:08 -------- d-----w- c:\program files\DFIGames
2010-07-22 08:41 . 2010-07-22 08:41 -------- d-----w- C:\wally
2010-07-20 14:59 . 2010-07-20 14:59 -------- d-----w- c:\program files\Team Exyhodu
2010-07-20 14:41 . 1996-09-30 17:46 24576 ------w- c:\windows\UniFISH.exe
2010-07-20 14:41 . 2010-07-20 14:41 -------- d-----w- C:\TTD
2010-07-13 23:41 . 2010-07-13 23:41 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-11 18:18 . 2010-06-04 02:51 -------- d-----w- c:\program files\Common Files\Akamai
2010-08-11 18:13 . 2002-10-02 20:13 -------- d-----w- c:\program files\Common Files\InstallShield
2010-08-09 16:44 . 2010-04-23 23:39 -------- d-----w- c:\program files\Steam
2010-08-05 20:21 . 2010-05-12 23:45 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-07-25 19:19 . 2010-06-25 04:53 -------- d-----w- c:\program files\AOA
2010-07-24 17:09 . 2002-10-02 20:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-19 09:31 . 2010-06-06 19:26 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-07-19 09:31 . 2010-06-06 19:26 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2010-07-18 03:25 . 2010-07-18 03:25 2091335 ----a-w- c:\windows\Internet Logs\tvDebug.zip
2010-07-10 18:39 . 2010-07-10 18:30 -------- d-----w- c:\program files\Security Task Manager
2010-07-10 18:36 . 2010-04-26 15:06 -------- d-----w- c:\program files\OpenOffice.org 3
2010-07-09 00:45 . 2010-07-09 11:12 2860544 ----a-w- c:\windows\Internet Logs\xDB5.tmp
2010-07-07 19:29 . 2010-07-07 19:29 -------- d-----w- c:\program files\Electronic Arts
2010-07-07 15:51 . 2010-06-08 20:34 -------- d-----w- c:\program files\Activision
2010-07-07 14:47 . 2010-07-07 11:51 -------- d-----w- c:\program files\Microsoft Games
2010-07-07 12:16 . 2010-07-07 12:16 -------- d-----w- c:\program files\Simbin
2010-07-06 12:19 . 2010-07-05 20:55 -------- d-----w- c:\program files\MyPlayCity.com
2010-07-06 11:26 . 2010-07-06 11:26 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-07-06 11:08 . 2010-07-06 11:08 -------- d-----w- c:\program files\Headup Games
2010-07-06 01:50 . 2010-04-26 23:22 -------- d-----w- c:\program files\mIRC
2010-07-04 17:18 . 2010-06-29 23:02 96 ---ha-w- c:\windows\system32\HsInfo.dat
2010-07-03 11:59 . 2010-07-03 11:59 -------- d-----w- c:\program files\PSPad editor
2010-07-02 15:25 . 2010-07-02 15:25 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-02 15:25 . 2010-07-02 16:22 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-07-02 15:25 . 2010-07-02 15:26 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-07-02 15:18 . 2010-07-02 15:17 -------- d-----w- c:\program files\Lavasoft
2010-07-02 12:26 . 2010-07-02 12:26 -------- d-----w- c:\program files\changyou
2010-07-01 08:50 . 2010-07-01 08:57 1760256 ----a-w- c:\windows\Internet Logs\xDB4.tmp
2010-07-01 08:49 . 2010-07-01 08:57 83456 ----a-w- c:\windows\Internet Logs\xDB3.tmp
2010-06-29 16:49 . 2010-06-29 16:51 1735680 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2010-06-29 16:49 . 2010-06-29 16:51 3121664 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2010-06-25 05:00 . 2010-06-25 05:00 -------- d-----w- c:\program files\SnailWeb
2010-06-23 11:44 . 2010-06-22 21:19 -------- d-----w- c:\program files\Garena
2010-06-20 15:03 . 2010-06-13 15:43 -------- d-----w- c:\program files\OGPlanet
2010-06-17 19:55 . 2010-06-17 19:55 -------- d-----w- c:\program files\CCleaner
2010-06-17 18:09 . 2010-06-09 18:18 -------- d-----w- c:\program files\GamerKraft
2010-06-15 13:16 . 2001-10-25 12:00 82462 ----a-w- c:\windows\system32\perfc005.dat
2010-06-15 13:16 . 2001-10-25 12:00 437062 ----a-w- c:\windows\system32\perfh005.dat
2010-06-13 22:48 . 2010-04-26 21:55 138968 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-13 22:48 . 2010-04-26 21:43 214592 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-13 17:41 . 2010-06-13 17:37 -------- d-----w- c:\program files\DivX
2010-06-13 17:40 . 2010-06-13 17:39 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-06-12 18:43 . 2010-04-26 21:43 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-12 18:17 . 2010-04-26 21:43 794408 ----a-w- c:\windows\system32\pbsvc.exe
2010-06-04 00:27 . 2010-06-04 00:22 61267 ----a-w- c:\windows\War3Unin.dat
2010-06-04 00:26 . 2010-06-04 00:21 2829 ----a-w- c:\windows\War3Unin.pif
2010-06-04 00:26 . 2010-06-04 00:21 139264 ----a-w- c:\windows\War3Unin.exe
2010-06-02 21:49 . 2010-06-02 21:04 531 ----a-w- c:\windows\eReg.dat
2010-06-02 21:31 . 2001-10-25 12:00 12464 ----a-w- c:\windows\system32\drivers\secdrv.sys
2010-06-02 02:55 . 2010-07-11 22:11 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55 . 2010-07-11 22:11 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55 . 2010-07-11 22:11 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-05-26 09:41 . 2010-07-11 22:11 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-05-26 09:41 . 2010-07-11 22:11 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-05-26 09:41 . 2010-07-11 22:11 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-05-26 09:41 . 2010-07-11 22:10 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-05-26 09:41 . 2010-07-11 22:10 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
.
------- Sigcheck -------
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2004-08-03 . C1783498EDB152656303B5D5BCABD86C . 359040 . . [5.1.2600.2180] . . c:\windows\system32\drivers\tcpip.sys
[-] 2001-10-25 . E7774698BB0D14B0710A9A31E209F9B6 . 327168 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-08-11_17.55.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-11 18:14 . 2010-08-11 18:14 82726 c:\windows\Installer\{1A0F7950-A995-44CD-8E16-521485095050}\Baku.exe
+ 2010-08-11 18:42 . 2010-08-11 18:42 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f0e9a97ade4529d4caeccd467aa8e7db\Microsoft.VisualC.ni.dll
+ 2010-08-11 18:14 . 2010-08-11 18:14 542720 c:\windows\Installer\131fa78.msi
+ 2010-08-11 18:42 . 2010-08-11 18:42 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3736ba3ecac186f9c5d85f01bda2be98\System.Runtime.Remoting.ni.dll
+ 2010-08-11 18:42 . 2010-08-11 18:42 518656 c:\windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\7f08fd965f57f638162a2c399918e467\ICSharpCode.SharpZipLib.ni.dll
+ 2010-08-11 18:41 . 2010-08-11 18:41 659456 c:\windows\assembly\NativeImages_v2.0.50727_32\Baku\eeec6aee426f0e73c1bf24017d5c94f8\Baku.ni.exe
+ 2010-08-11 18:41 . 2010-08-11 18:41 4525056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Form#\250f4d168d71ce9c91f30ae59d6ec7ae\System.Windows.Forms.DataVisualization.ni.dll
+ 2010-08-11 18:42 . 2010-08-11 18:42 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\57f7cf02ea17b36bc3d9c75c22d0f551\System.Data.OracleClient.ni.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16126464]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Vampirek^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\Vampirek\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-21 23:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-17 13:49 1667584 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-05-07 08:17 1238352 ----a-w- c:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-06-17 11:44 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Documents and Settings\\Vampirek\\Plocha\\Pro Evolution Soccer 2008\\PES2008.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\srcds.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"=
"c:\\Program Files\\Steam\\steamapps\\jarous1337\\counter-strike\\hl.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56661:TCP"= 56661:TCP:Pando Media Booster
"56661:UDP"= 56661:UDP:Pando Media Booster
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2.7.2010 17:26 64288]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [30.3.2010 11:16 1107336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [4.2.2010 17:52 1352832]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Vampirek\LOCALS~1\Temp\BCM43.tmp --> c:\docume~1\Vampirek\LOCALS~1\Temp\BCM43.tmp [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]
S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2010-08-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2090540
FF - ProfilePath - c:\documents and settings\Vampirek\Data aplikací\Mozilla\Firefox\Profiles\gebsyw4f.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2090540&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - OnRPG Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2090540&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2090540&SearchSource=2&q=
FF - component: c:\documents and settings\Vampirek\Data aplikací\Mozilla\Firefox\Profiles\gebsyw4f.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\components\FFExternalAlert.dll
FF - plugin: c:\docume~1\Vampirek\DATAAP~1\POWERC~1\nppowerloader.dll
FF - plugin: c:\documents and settings\Vampirek\Dokumenty\Sparkplay Media\Sparkplayer (Beta)\npSparkPlayerNS.dll
FF - plugin: c:\program files\3Djam\Roozz\nproozz.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGPPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll
FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: c:\windows\system32\npOGPPlugin.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-11 20:49
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Vampirek\LOCALS~1\Temp\BCM43.tmp"
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\ćHőwć*]
"DisplayName"="???\17?\11\09"
"DeviceDesc"="???\17?\11\09"
"ProviderName"="?U?\11?\17?\11??"
"MFG"="???????"
"ReinstallString"=".10.1000.7"
"DeviceInstanceIds"=multi:"d:\\ati\\atidrv\\sbdrv\\smbus\\smbusati.inf\00"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\System32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Celkový čas: 2010-08-11 20:54:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-08-11 18:54
ComboFix2.txt 2010-08-11 17:57
Před spuštěním: Volných bajtů: 24 436 363 264
Po spuštění: Volných bajtů: 24 346 902 528
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 6AFF0AB8195B4194B5B94B5978955B6A
ComboFix 10-08-11.02 - Vampirek 11.08.2010 20:36:16.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.524 [GMT 2:00]
Spuštěný z: c:\documents and settings\Vampirek\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Vampirek\Plocha\CFScript.txt
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_AKAMAI
-------\Service_Akamai
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-11 do 2010-08-11 )))))))))))))))))))))))))))))))
.
2010-08-11 18:16 . 2010-08-11 18:16 -------- d-----w- c:\program files\Thoosje
2010-08-11 18:14 . 2010-08-11 18:14 -------- d-----w- c:\program files\Pmcc
2010-08-11 18:13 . 2010-08-11 18:13 -------- d-----w- C:\dadarda
2010-08-11 18:12 . 2010-08-11 18:12 -------- d-----w- C:\NVIDIA nTune 2.0 install
2010-08-07 12:47 . 2010-08-07 12:47 -------- d-----w- c:\program files\Stunlock Studios
2010-08-07 12:45 . 2010-08-07 12:45 -------- d-----w- c:\program files\Microsoft XNA
2010-08-05 18:04 . 2010-08-05 18:33 -------- d-----w- c:\program files\Perpetuum
2010-08-04 08:44 . 2010-08-05 06:43 -------- d-----w- c:\program files\trend micro
2010-08-04 08:44 . 2010-08-04 08:44 -------- d-----w- C:\rsit
2010-07-31 21:14 . 2010-07-31 21:14 4096 ----a-w- c:\windows\d3dx.dat
2010-07-31 21:05 . 2010-07-31 21:05 -------- d-----w- c:\program files\3Djam
2010-07-27 17:59 . 2010-07-27 17:59 -------- d-----w- C:\GamesCampus
2010-07-26 00:11 . 2010-07-26 00:11 258352 ----a-w- c:\windows\system32\unicows.dll
2010-07-25 12:42 . 2010-05-26 12:42 32 ----a-r- c:\documents and settings\All Users\hash.dat
2010-07-25 12:35 . 2010-07-25 12:35 -------- d-----w- c:\program files\Three Rings Design
2010-07-23 15:26 . 2010-07-23 15:26 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-07-23 12:34 . 2010-07-23 12:34 -------- d-----w- c:\program files\Codemasters
2010-07-23 12:34 . 1999-04-23 20:22 151552 ----a-w- c:\windows\system32\MSOSS.DLL
2010-07-23 11:28 . 2010-08-05 23:20 -------- d-----w- c:\program files\GameTop.com
2010-07-22 17:08 . 2010-07-22 17:08 -------- d-----w- c:\program files\DFIGames
2010-07-22 08:41 . 2010-07-22 08:41 -------- d-----w- C:\wally
2010-07-20 14:59 . 2010-07-20 14:59 -------- d-----w- c:\program files\Team Exyhodu
2010-07-20 14:41 . 1996-09-30 17:46 24576 ------w- c:\windows\UniFISH.exe
2010-07-20 14:41 . 2010-07-20 14:41 -------- d-----w- C:\TTD
2010-07-13 23:41 . 2010-07-13 23:41 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-11 18:18 . 2010-06-04 02:51 -------- d-----w- c:\program files\Common Files\Akamai
2010-08-11 18:13 . 2002-10-02 20:13 -------- d-----w- c:\program files\Common Files\InstallShield
2010-08-09 16:44 . 2010-04-23 23:39 -------- d-----w- c:\program files\Steam
2010-08-05 20:21 . 2010-05-12 23:45 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-07-25 19:19 . 2010-06-25 04:53 -------- d-----w- c:\program files\AOA
2010-07-24 17:09 . 2002-10-02 20:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-19 09:31 . 2010-06-06 19:26 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-07-19 09:31 . 2010-06-06 19:26 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2010-07-18 03:25 . 2010-07-18 03:25 2091335 ----a-w- c:\windows\Internet Logs\tvDebug.zip
2010-07-10 18:39 . 2010-07-10 18:30 -------- d-----w- c:\program files\Security Task Manager
2010-07-10 18:36 . 2010-04-26 15:06 -------- d-----w- c:\program files\OpenOffice.org 3
2010-07-09 00:45 . 2010-07-09 11:12 2860544 ----a-w- c:\windows\Internet Logs\xDB5.tmp
2010-07-07 19:29 . 2010-07-07 19:29 -------- d-----w- c:\program files\Electronic Arts
2010-07-07 15:51 . 2010-06-08 20:34 -------- d-----w- c:\program files\Activision
2010-07-07 14:47 . 2010-07-07 11:51 -------- d-----w- c:\program files\Microsoft Games
2010-07-07 12:16 . 2010-07-07 12:16 -------- d-----w- c:\program files\Simbin
2010-07-06 12:19 . 2010-07-05 20:55 -------- d-----w- c:\program files\MyPlayCity.com
2010-07-06 11:26 . 2010-07-06 11:26 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-07-06 11:08 . 2010-07-06 11:08 -------- d-----w- c:\program files\Headup Games
2010-07-06 01:50 . 2010-04-26 23:22 -------- d-----w- c:\program files\mIRC
2010-07-04 17:18 . 2010-06-29 23:02 96 ---ha-w- c:\windows\system32\HsInfo.dat
2010-07-03 11:59 . 2010-07-03 11:59 -------- d-----w- c:\program files\PSPad editor
2010-07-02 15:25 . 2010-07-02 15:25 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-07-02 15:25 . 2010-07-02 16:22 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-07-02 15:25 . 2010-07-02 15:26 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-07-02 15:18 . 2010-07-02 15:17 -------- d-----w- c:\program files\Lavasoft
2010-07-02 12:26 . 2010-07-02 12:26 -------- d-----w- c:\program files\changyou
2010-07-01 08:50 . 2010-07-01 08:57 1760256 ----a-w- c:\windows\Internet Logs\xDB4.tmp
2010-07-01 08:49 . 2010-07-01 08:57 83456 ----a-w- c:\windows\Internet Logs\xDB3.tmp
2010-06-29 16:49 . 2010-06-29 16:51 1735680 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2010-06-29 16:49 . 2010-06-29 16:51 3121664 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2010-06-25 05:00 . 2010-06-25 05:00 -------- d-----w- c:\program files\SnailWeb
2010-06-23 11:44 . 2010-06-22 21:19 -------- d-----w- c:\program files\Garena
2010-06-20 15:03 . 2010-06-13 15:43 -------- d-----w- c:\program files\OGPlanet
2010-06-17 19:55 . 2010-06-17 19:55 -------- d-----w- c:\program files\CCleaner
2010-06-17 18:09 . 2010-06-09 18:18 -------- d-----w- c:\program files\GamerKraft
2010-06-15 13:16 . 2001-10-25 12:00 82462 ----a-w- c:\windows\system32\perfc005.dat
2010-06-15 13:16 . 2001-10-25 12:00 437062 ----a-w- c:\windows\system32\perfh005.dat
2010-06-13 22:48 . 2010-04-26 21:55 138968 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-13 22:48 . 2010-04-26 21:43 214592 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-13 17:41 . 2010-06-13 17:37 -------- d-----w- c:\program files\DivX
2010-06-13 17:40 . 2010-06-13 17:39 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-06-12 18:43 . 2010-04-26 21:43 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-12 18:17 . 2010-04-26 21:43 794408 ----a-w- c:\windows\system32\pbsvc.exe
2010-06-04 00:27 . 2010-06-04 00:22 61267 ----a-w- c:\windows\War3Unin.dat
2010-06-04 00:26 . 2010-06-04 00:21 2829 ----a-w- c:\windows\War3Unin.pif
2010-06-04 00:26 . 2010-06-04 00:21 139264 ----a-w- c:\windows\War3Unin.exe
2010-06-02 21:49 . 2010-06-02 21:04 531 ----a-w- c:\windows\eReg.dat
2010-06-02 21:31 . 2001-10-25 12:00 12464 ----a-w- c:\windows\system32\drivers\secdrv.sys
2010-06-02 02:55 . 2010-07-11 22:11 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55 . 2010-07-11 22:11 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55 . 2010-07-11 22:11 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-05-26 09:41 . 2010-07-11 22:11 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-05-26 09:41 . 2010-07-11 22:11 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-05-26 09:41 . 2010-07-11 22:11 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-05-26 09:41 . 2010-07-11 22:10 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-05-26 09:41 . 2010-07-11 22:10 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
.
------- Sigcheck -------
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2004-08-03 . C1783498EDB152656303B5D5BCABD86C . 359040 . . [5.1.2600.2180] . . c:\windows\system32\drivers\tcpip.sys
[-] 2001-10-25 . E7774698BB0D14B0710A9A31E209F9B6 . 327168 . . [5.1.2600.0] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-08-11_17.55.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-08-11 18:14 . 2010-08-11 18:14 82726 c:\windows\Installer\{1A0F7950-A995-44CD-8E16-521485095050}\Baku.exe
+ 2010-08-11 18:42 . 2010-08-11 18:42 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\f0e9a97ade4529d4caeccd467aa8e7db\Microsoft.VisualC.ni.dll
+ 2010-08-11 18:14 . 2010-08-11 18:14 542720 c:\windows\Installer\131fa78.msi
+ 2010-08-11 18:42 . 2010-08-11 18:42 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3736ba3ecac186f9c5d85f01bda2be98\System.Runtime.Remoting.ni.dll
+ 2010-08-11 18:42 . 2010-08-11 18:42 518656 c:\windows\assembly\NativeImages_v2.0.50727_32\ICSharpCode.SharpZi#\7f08fd965f57f638162a2c399918e467\ICSharpCode.SharpZipLib.ni.dll
+ 2010-08-11 18:41 . 2010-08-11 18:41 659456 c:\windows\assembly\NativeImages_v2.0.50727_32\Baku\eeec6aee426f0e73c1bf24017d5c94f8\Baku.ni.exe
+ 2010-08-11 18:41 . 2010-08-11 18:41 4525056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Form#\250f4d168d71ce9c91f30ae59d6ec7ae\System.Windows.Forms.DataVisualization.ni.dll
+ 2010-08-11 18:42 . 2010-08-11 18:42 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\57f7cf02ea17b36bc3d9c75c22d0f551\System.Data.OracleClient.ni.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-07-09 919016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-10 16126464]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^Vampirek^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.2.lnk]
path=c:\documents and settings\Vampirek\Nabídka Start\Programy\Po spuštění\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-21 23:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-08-17 13:49 1667584 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-05-07 08:17 1238352 ----a-w- c:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-06-17 11:44 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Documents and Settings\\Vampirek\\Plocha\\Pro Evolution Soccer 2008\\PES2008.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\srcds.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\alien swarm\\swarm.exe"=
"c:\\Program Files\\Steam\\steamapps\\jarous1337\\counter-strike\\hl.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56661:TCP"= 56661:TCP:Pando Media Booster
"56661:UDP"= 56661:UDP:Pando Media Booster
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2.7.2010 17:26 64288]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [30.3.2010 11:16 1107336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [4.2.2010 17:52 1352832]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\Vampirek\LOCALS~1\Temp\BCM43.tmp --> c:\docume~1\Vampirek\LOCALS~1\Temp\BCM43.tmp [?]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]
S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2010-08-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2090540
FF - ProfilePath - c:\documents and settings\Vampirek\Data aplikací\Mozilla\Firefox\Profiles\gebsyw4f.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2090540&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - OnRPG Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2090540&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2090540&SearchSource=2&q=
FF - component: c:\documents and settings\Vampirek\Data aplikací\Mozilla\Firefox\Profiles\gebsyw4f.default\extensions\{d22f6f66-2f47-4184-8625-fbfa4cbdb7ce}\components\FFExternalAlert.dll
FF - plugin: c:\docume~1\Vampirek\DATAAP~1\POWERC~1\nppowerloader.dll
FF - plugin: c:\documents and settings\Vampirek\Dokumenty\Sparkplay Media\Sparkplayer (Beta)\npSparkPlayerNS.dll
FF - plugin: c:\program files\3Djam\Roozz\nproozz.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGPPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPZoneSB.dll
FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: c:\windows\system32\npOGPPlugin.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-11 20:49
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\Vampirek\LOCALS~1\Temp\BCM43.tmp"
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Reinstall\ćHőwć*]
"DisplayName"="???\17?\11\09"
"DeviceDesc"="???\17?\11\09"
"ProviderName"="?U?\11?\17?\11??"
"MFG"="???????"
"ReinstallString"=".10.1000.7"
"DeviceInstanceIds"=multi:"d:\\ati\\atidrv\\sbdrv\\smbus\\smbusati.inf\00"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\System32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
.
**************************************************************************
.
Celkový čas: 2010-08-11 20:54:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-08-11 18:54
ComboFix2.txt 2010-08-11 17:57
Před spuštěním: Volných bajtů: 24 436 363 264
Po spuštění: Volných bajtů: 24 346 902 528
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 6AFF0AB8195B4194B5B94B5978955B6A
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vysoká latency ve hrách ...
Log již vypadá čistý. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vysoká latency ve hrách ...
jojo ještě sem odstranil asi 60gb bordelu + pročistil CCleanerem a vypadá vše ok díky moc.
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vysoká latency ve hrách ...
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?