VIRY.CZ

Zdravím, notebook je neúměrně pomalý a také nejdou instalovat aktualizace "Aktualizace rozhraní Microsoft .NET Frameworks 3.5 SP1 ... (KB982168)" a "Aktualizace zabezpečení programu Flash Player (KB923789)".

Log z UPM:

Windows XP SP 3 (build 2600)
Boot Mode: Normal
Ověření souborů Microsoftu: Ano
Whitelist: Ano
Internet Explorer v8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
Log vygenerován: 24.8.2010 16:27:08
================================================================

SmallARK
================================================================
[?]NtCreateKey -> spib.sys
[?]NtEnumerateKey -> spib.sys
[?]NtEnumerateValueKey -> spib.sys
[?]NtOpenKey -> spib.sys
[?]NtQueryKey -> spib.sys
[?]NtQueryValueKey -> spib.sys
[?]NtSetValueKey -> spib.sys

MBR ROOTKIT DETECTED!

Běžící procesy
================================================================

C:\ACER\EMANAGER\ANBMSERV.EXE
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
C:\PROGRAM FILES\LAUNCH MANAGER\LAUNCHAP.EXE
C:\PROGRAM FILES\LAUNCH MANAGER\POWERKEY.EXE
C:\PROGRAM FILES\LAUNCH MANAGER\HOTKEYAPP.EXE
C:\PROGRAM FILES\LAUNCH MANAGER\CTRLVOL.EXE
C:\PROGRAM FILES\LAUNCH MANAGER\OSDCTRL.EXE
C:\PROGRAM FILES\LAUNCH MANAGER\WBUTTON.EXE
C:\WINDOWS\SYSTEM32\VTTIMER.EXE
C:\WINDOWS\AGRSMMSG.EXE
C:\PROGRAM FILES\LTMOH\LTMOH.EXE

Scanner
================================================================
[R] MsMpEng.exe
Ověřený Microsoft: Ne

[?] anbmServ.exe
EntryPoint v sekci: CODE
|_ Celkový počet sekcí: 8
Soubor 63%

[?] NVSVC32.EXE
Non Microsoft v System32:

[S] EXPLORER.EXE
Spouští se po startu HKLM Winlogon [Shell]

[?] SynTPLpr.exe
Spouští se po startu HKLM Run [SynTPLpr]

[?] SynTPEnh.exe
Spouští se po startu HKLM Run [SynTPEnh]

[?] LaunchAp.exe
Spouští se po startu HKLM Run [LaunchAp]
Soubor 7%

[?] Powerkey.exe
Spouští se po startu HKLM Run [PowerKey]
Soubor 7%

[?] HotkeyApp.exe
Spouští se po startu HKLM Run [LManager]
Soubor 7%

[?] CTRLVOL.EXE
Spouští se po startu HKLM Run [CtrlVol]
Soubor 14%

[?] OSDCtrl.exe
Spouští se po startu HKLM Run [LMgrOSD]
Soubor 7%

[?] WButton.exe
Spouští se po startu HKLM Run [Wbutton]
Soubor 7%

[?] VTTimer.exe
Non Microsoft v System32:
Spouští se po startu HKLM Run [VTTimer]

[?] AGRSMMSG.EXE
Spouští se po startu HKLM Run [AGRSMMSG]

[?] LTMOH.EXE
Spouští se po startu HKLM Run [LtMoh]
Soubor 14%

[R] msseces.exe
Ověřený Microsoft: Ne
Spouští se po startu HKLM Run [MSSE]

[S] CTFMON.EXE
Spouští se po startu HKCU Run [CTFMON.EXE]

Po spuštění
================================================================

HKLM Run
|_ [?][preload] C:\Windows\RUNXMLPL.exe
|_ [?][SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
|_ [?][SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
|_ [?][LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
|_ [?][PowerKey] C:\Program Files\Launch Manager\PowerKey.exe
|_ [?][LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
|_ [?][CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
|_ [?][LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
|_ [?][Wbutton] C:\Program Files\Launch Manager\Wbutton.exe
|_ [?][VTTrayp] C:\WINDOWS\system32\VTtrayp.exe
|_ [?][VTTimer] C:\WINDOWS\system32\VTTimer.exe
|_ [?][NvCplDaemon] C:\WINDOWS\system32\NvCpl.dll ,NvStartup
|_ [?][nwiz] nwiz.exe /install
|_ [?][AGRSMMSG] C:\WINDOWS\AGRSMMSG.exe
|_ [?][LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
|_ [R][MSSE] C:\Program Files\Microsoft Security Essentials\msseces.exe -hide -runkey

HKLM IC
|_ [X][>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP (Soubor nenalezen)
|_ [?][{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] C:\WINDOWS\INF\msnetmtg.inf ,NetMtg.Install.PerUser.NT
|_ [?][{5945c046-1e7d-11d1-bc44-00c04fd912be}] C:\WINDOWS\INF\msmsgs.inf ,BLC.QuietInstall.PerUser
|_ [?][{6BF52A52-394A-11d3-B153-00C04F79FAA6}] C:\WINDOWS\INF\wmp.inf ,PerUserStub
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll
|_ [?][{8b15971b-5355-4c82-8c07-7e181ea07608}] C:\WINDOWS\INF\fxsocm.inf ,Fax.Install.PerUser

Služby (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[!] Notebook Manager Service
|_ Cesta: C:\Acer\eManager\anbmServ.exe
| |_ Výrobce: OSA Technologies Inc.
| |_ Popis: Service Program for Acer eManager
| |_ MD5: C10D0FAE427EA464EDEA2EE5DC40F056
|
|_ Jméno: anbmService
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ:
|_ Dependency:

[?] NVIDIA Display Driver Service
|_ Cesta: C:\WINDOWS\system32\nvsvc32.exe
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA Driver Helper Service, Version 62.12
| |_ MD5: 145F0A9AAC5F3CBA1837324A08D2B3D9
|
|_ Jméno: NVSvc
|_ StartName: LocalSystem
|_ Typ spouštění: Auto Start
|_ Status: Spuštěno
|_ Typ: Win32 Own Process
|_ Dependency:

Ovladače (Zobraz běžící: True, Zobraz zastavené: False, Zobraz i bezpečné služby: False)
================================================================
[?] abp480n5
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
| |_ Výrobce: Microsoft Corporation
| |_ Popis: AdvanSys SCSI Controller Driver
| |_ MD5: 6ABB91494FE6C59089B9336452AB2EA3
|
|_ Jméno: abp480n5
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] adpu160m
|_ Cesta: C:\WINDOWS\system32\DRIVERS\adpu160m.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Adaptec Ultra160 SCSI miniport
| |_ MD5: 9A11864873DA202C996558B2106B0BBC
|
|_ Jméno: adpu160m
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Agere Systems Soft Modem
|_ Cesta: C:\WINDOWS\system32\DRIVERS\AGRSM.sys
| |_ Výrobce: Agere Systems
| |_ Popis: SoftModem Device Driver
| |_ MD5: 5A2A96B15FA7E766D0FD1AC08EFF2ACB
|
|_ Jméno: AgereSoftModem
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Aha154x
|_ Cesta: C:\WINDOWS\system32\DRIVERS\aha154x.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Adaptec AHA-154x series SCSI miniport
| |_ MD5: C23EA9B5F46C7F7910DB3EAB648FF013
|
|_ Jméno: Aha154x
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] aic78u2
|_ Cesta: C:\WINDOWS\system32\DRIVERS\aic78u2.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Adaptec Ultra2 SCSI miniport
| |_ MD5: 19DD0FB48B0C18892F70E2E7D61A1529
|
|_ Jméno: aic78u2
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] aic78xx
|_ Cesta: C:\WINDOWS\system32\DRIVERS\aic78xx.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Adaptec Ultra SCSI miniport
| |_ MD5: B7FE594A7468AA0132DEB03FB8E34326
|
|_ Jméno: aic78xx
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Ovladač filtru AMD portu AGP
|_ Cesta: C:\WINDOWS\system32\DRIVERS\amdagp.sys
| |_ Výrobce: Advanced Micro Devices, Inc.
| |_ Popis: AMD Win2000 AGP Filter
| |_ MD5: 95B4FB835E28AA1336CEEB07FD5B9398
|
|_ Jméno: amdagp
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] asc
|_ Cesta: C:\WINDOWS\system32\DRIVERS\asc.sys
| |_ Výrobce: Advanced System Products, Inc.
| |_ Popis: AdvanSys SCSI Controller Driver
| |_ MD5: 62D318E9A0C8FC9B780008E724283707
|
|_ Jméno: asc
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] asc3350p
|_ Cesta: C:\WINDOWS\system32\DRIVERS\asc3350p.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: AdvanSys SCSI Card Driver
| |_ MD5: 69EB0CC7714B32896CCBFD5EDCBEA447
|
|_ Jméno: asc3350p
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] asc3550
|_ Cesta: C:\WINDOWS\system32\DRIVERS\asc3550.sys
| |_ Výrobce: Advanced System Products, Inc.
| |_ Popis: AdvanSys Ultra-Wide PCI SCSI Driver
| |_ MD5: 5D8DE112AA0254B907861E9E9C31D597
|
|_ Jméno: asc3550
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] cd20xrnt
|_ Cesta: C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: IBM Portable CD-ROM Drive Miniport
| |_ MD5: F3EC03299634490E97BBCE94CD2954C7
|
|_ Jméno: cd20xrnt
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] CmdIde
|_ Cesta: C:\WINDOWS\system32\DRIVERS\cmdide.sys
| |_ Výrobce: CMD Technology, Inc.
| |_ Popis: CMD PCI IDE Bus Driver
| |_ MD5: 964D0F042ACA51D5644779EB9D9EE40F
|
|_ Jméno: CmdIde
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] dac2w2k
|_ Cesta: C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
| |_ Výrobce: Mylex Corporation
| |_ Popis: Mylex Disk Array Controller Driver
| |_ MD5: E550E7418984B65A78299D248F0A7F36
|
|_ Jméno: dac2w2k
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] dpti2o
|_ Cesta: C:\WINDOWS\system32\DRIVERS\dpti2o.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: DPT SmartRAID miniport
| |_ MD5: 40F3B93B4E5B0126F2F5C0A7A5E22660
|
|_ Jméno: dpti2o
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] VIA Rhine Family Fast Ethernet Adapter Driver Service
|_ Cesta: C:\WINDOWS\system32\DRIVERS\fetnd5b.sys
| |_ Výrobce: VIA Technologies, Inc.
| |_ Popis: NDIS 5.0 miniport driver
| |_ MD5: B0F11E97B051E7DCCA40B0453F985636
|
|_ Jméno: FETNDISB
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Hotkey
|_ Cesta: C:\WINDOWS\system32\drivers\Hotkey.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5: 8B566EA71D5B76157A9CDB78F25A5731
|
|_ Jméno: Hotkey
|_ StartName:
|_ Typ spouštění: System Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] ini910u
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ini910u.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: INITIO ini910u SCSI miniport
| |_ MD5: 4A40E045FAEE58631FD8D91AFC620719
|
|_ Jméno: ini910u
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] acer IPN2220 Wireless LAN Card Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\i2220ntx.sys
| |_ Výrobce: Inprocomm, Inc.
| |_ Popis: NT 5 (NDIS 5.1/5.0) x86 Driver
| |_ MD5: 79BDD03E45FF33F40B7DF06F9ACBC32F
|
|_ Jméno: IPN2220
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] mraid35x
|_ Cesta: C:\WINDOWS\system32\DRIVERS\mraid35x.sys
| |_ Výrobce: American Megatrends Inc.
| |_ Popis: MegaRAID RAID Controller Driver for Windows Whistler 32
| |_ MD5: 3F4BB95E5A44F3BE34824E8E7CAF0737
|
|_ Jméno: mraid35x
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] NSC Infrared Device Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\nscirda.sys
| |_ Výrobce: National Semiconductor Corporation
| |_ Popis: NSC Fast Infrared Driver.
| |_ MD5: 2ADC0CA9945C65284B3D19BC18765974
|
|_ Jméno: NSCIRDA
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Upper Class Filter Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
| |_ Výrobce: NewTech Infosystems, Inc.
| |_ Popis: NTI CD-ROM Filter Driver
| |_ MD5: 15A72D5B8F0B6A718207F14BD5EBB8FF
|
|_ Jméno: NTIDrvr
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] nv
|_ Cesta: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
| |_ Výrobce: NVIDIA Corporation
| |_ Popis: NVIDIA Compatible Windows 2000 Miniport Driver, Version 62.12
| |_ MD5: 3EFCD99EFD5D2EA48DD8F5A5045ED595
|
|_ Jméno: nv
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] POWERKEY
|_ Cesta: C:\Program Files\Launch Manager\POWERKEY.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5: 582099B89753BDC29DB151E73C3FD4D9
|
|_ Jméno: POWERKEY
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] ql1080
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ql1080.sys
| |_ Výrobce: QLogic Corporation
| |_ Popis: Miniport Driver for QLogic ISP PCI Adapters
| |_ MD5: 0A63FB54039EB5662433CABA3B26DBA7
|
|_ Jméno: ql1080
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Ql10wnt
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Miniport Driver for QLogic ISP PCI Adapters
| |_ MD5: 6503449E1D43A0FF0201AD5CB1B8C706
|
|_ Jméno: Ql10wnt
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] ql12160
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ql12160.sys
| |_ Výrobce: QLogic Corporation
| |_ Popis: Miniport Driver for QLogic ISP PCI Adapters
| |_ MD5: 156ED0EF20C15114CA097A34A30D8A01
|
|_ Jméno: ql12160
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] ql1280
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ql1280.sys
| |_ Výrobce: QLogic Corporation
| |_ Popis: Miniport Driver for QLogic ISP PCI Adapters
| |_ MD5: 907F0AEEA6BC451011611E732BD31FCF
|
|_ Jméno: ql1280
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Sparrow
|_ Cesta: C:\WINDOWS\system32\DRIVERS\sparrow.sys
| |_ Výrobce: Adaptec, Inc.
| |_ Popis: Adaptec AIC-6x60 series SCSI miniport
| |_ MD5: 83C0F71F86D3BDAF915685F3D568B20E
|
|_ Jméno: Sparrow
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] sptd
|_ Cesta: C:\WINDOWS\System32\Drivers\sptd.sys
| |_ Výrobce:
| |_ Popis:
| |_ MD5:
|
|_ Jméno: sptd
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] symc810
|_ Cesta: C:\WINDOWS\system32\DRIVERS\symc810.sys
| |_ Výrobce: Symbios Logic Inc.
| |_ Popis: Symbios Logic Inc. SCSI Miniport Driver
| |_ MD5: 1FF3217614018630D0A6758630FC698C
|
|_ Jméno: symc810
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] symc8xx
|_ Cesta: C:\WINDOWS\system32\DRIVERS\symc8xx.sys
| |_ Výrobce: LSI Logic
| |_ Popis: Symbios 8XX SCSI Miniport Driver
| |_ MD5: 070E001D95CF725186EF8B20335F933C
|
|_ Jméno: symc8xx
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] sym_hi
|_ Cesta: C:\WINDOWS\system32\DRIVERS\sym_hi.sys
| |_ Výrobce: LSI Logic
| |_ Popis: Symbios Hi-Perf SCSI Miniport Driver
| |_ MD5: 80AC1C4ABBE2DF3B738BF15517A51F2C
|
|_ Jméno: sym_hi
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Synaptics TouchPad Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\SynTP.sys
| |_ Výrobce: Synaptics, Inc.
| |_ Popis: Synaptics Touchpad Driver
| |_ MD5: 065D6EFC03486C2039B8C2B4C56E6EDB
|
|_ Jméno: SynTP
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] TosIde
|_ Cesta: C:\WINDOWS\system32\DRIVERS\toside.sys
| |_ Výrobce: Microsoft Corporation
| |_ Popis: Toshiba PCI IDE Controller
| |_ MD5: FD4FD7D6FDA5C019ED86025D7BE1510F
|
|_ Jméno: TosIde
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] ultra
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ultra.sys
| |_ Výrobce: Promise Technology, Inc.
| |_ Popis: Promise Ultra66 Miniport Driver
| |_ MD5: 1B698A51CD528D8DA4FFAED66DFC51B9
|
|_ Jméno: ultra
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] VIA AGP Filter
|_ Cesta: C:\WINDOWS\system32\DRIVERS\viaagp1.sys
| |_ Výrobce: VIA Technologies, Inc.
| |_ Popis: VIA NT AGP Filter
| |_ MD5: 4B039BBD037B01F5DB5A144C837F283A
|
|_ Jméno: viaagp1
|_ StartName:
|_ Typ spouštění: Boot Start
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

[?] Vinyl AC'97 Audio Controller (WDM)
|_ Cesta: C:\WINDOWS\system32\drivers\viaudios.sys
| |_ Výrobce: VIA Technologies, Inc.
| |_ Popis: Vinyl AC'97 Codec Combo WDM Driver
| |_ MD5: 82E33B1F9BD95B51AE5878DBDB197B54
|
|_ Jméno: VIAudio
|_ StartName:
|_ Typ spouštění: Ruční spuštění
|_ Status: Spuštěno
|_ Typ: Kernel Driver
|_ Dependency:

lNetStat
================================================================
Typ: PID Proces Local <-> Remote Status
-----------------------------------------------------------------------------------------
TCP (1124) SVCHOST.EXE 0.0.0.0:135 LISTENING
TCP (4) Systém 0.0.0.0:445 LISTENING
TCP (1864) anbmServ.exe 0.0.0.0:2804 LISTENING
TCP (1060) ALG.EXE 127.0.0.1:1028 LISTENING
TCP (228) firefox.exe 127.0.0.1:1269 <-> 127.0.0.1:1270 ESTABLISHED
TCP (228) firefox.exe 127.0.0.1:1270 <-> 127.0.0.1:1269 ESTABLISHED
TCP (228) firefox.exe 127.0.0.1:1274 <-> 127.0.0.1:1275 ESTABLISHED
TCP (228) firefox.exe 127.0.0.1:1275 <-> 127.0.0.1:1274 ESTABLISHED
TCP (1884) mDNSResponder.exe 127.0.0.1:5354 LISTENING
TCP (4) Systém 192.168.1.100:139 LISTENING
TCP (228) firefox.exe 192.168.1.100:1355 <-> 74.125.43.113:80 ESTABLISHED
TCP (3948) UPM.exe 192.168.1.100:1357 <-> 199.7.51.190:80 ESTABLISHED
TCP (3948) UPM.exe 192.168.1.100:1361 <-> 199.7.52.190:80 ESTABLISHED
TCP (3948) UPM.exe 192.168.1.100:1362 <-> 199.7.48.190:80 ESTABLISHED
UDP (4) Systém 0.0.0.0:445 <-> 65.55.94.222:443 ESTABLISHED
UDP (896) LSASS.EXE 0.0.0.0:500
UDP (1884) mDNSResponder.exe 0.0.0.0:1026
UDP (896) LSASS.EXE 0.0.0.0:4500
UDP (1864) anbmServ.exe 0.0.0.0:9999
UDP (1200) SVCHOST.EXE 127.0.0.1:123
UDP (1424) SVCHOST.EXE 127.0.0.1:1900
UDP (1200) SVCHOST.EXE 192.168.1.100:123
UDP (4) Systém 192.168.1.100:137
UDP (4) Systém 192.168.1.100:138
UDP (1424) SVCHOST.EXE 192.168.1.100:1900
UDP (1884) mDNSResponder.exe 192.168.1.100:5353

Moduly (Zobraz i bezpečné DLL: False, Jen bez výrobce: True, Zobraz registrované: False)
================================================================
[?] mdnsnsp.dll
|_ Cesta: C:\Program Files\Bonjour\mdnsNSP.dll
|_ MD5: 1F5A570AD942DFCFE4500326ABDD72B2
|_ Výrobce: Apple Computer, Inc.
|_ Procesy
|_ SVCHOST.EXE (1124)
|_ SVCHOST.EXE (1200)
|_ SPOOLSV.EXE (1760)
|_ anbmServ.exe (1864)
|_ firefox.exe (228)
|_ UPM.exe (3948)
|_ MpCmdRun.exe (3964)

[?] ipmitrans.dll
|_ Cesta: C:\Acer\eManager\IpmiTrans.dll
|_ MD5: 680A40E23A111842A5D240040D806817
|_ Výrobce: OSA Technologies Inc. Taiwan Branch
|_ Procesy
|_ anbmServ.exe (1864)

[?] sysapi.dll
|_ Cesta: C:\Acer\eManager\SYSAPI.DLL
|_ MD5: E5B0C995E60FFE9DCEE3EF4819065BFC
|_ Výrobce: OSA Technologies Inc. Taiwan Branch
|_ Procesy
|_ anbmServ.exe (1864)

[?] nbapi.dll
|_ Cesta: C:\Acer\eManager\NBAPI.DLL
|_ MD5: 0D3C225272E5F8192110711DA9F1D227
|_ Výrobce: OSA Technologies Inc. Taiwan Branch
|_ Procesy
|_ anbmServ.exe (1864)

[?] cpuid_dll.dll
|_ Cesta: C:\Acer\eManager\cpuid_dll.dll
|_ MD5: 2CBD8B58E0616A6626BB25DF9707D8E7
|_ Výrobce: OSA Technologies, Inc.
|_ Procesy
|_ anbmServ.exe (1864)

[?] nvshell.dll
|_ Cesta: C:\WINDOWS\System32\nvshell.dll
|_ MD5: ABB0DEE97EA7B56954C31A2AD5EC6DA4
|_ Výrobce: NVIDIA Corporation
|_ Procesy
|_ EXPLORER.EXE (628)

[?] kbhook.dll
|_ Cesta: C:\Program Files\Launch Manager\KBHook.dll
|_ MD5: 697A860FD08D65F70BDD568BEDBF98A0
|_ Výrobce: Wistron Corp.
|_ Procesy
|_ HotkeyApp.exe (1372)

[?] mohapi.dll
|_ Cesta: C:\Program Files\LTMOH\MOHAPI.DLL
|_ MD5: 6AB21403F778C44BCECCFE2D8CFB6F6F
|_ Výrobce: Agere Systems
|_ Procesy
|_ LTMOH.EXE (2344)

[?] softokn3.dll
|_ Cesta: C:\Program Files\Mozilla Firefox\softokn3.dll
|_ MD5: 7206DA15F187595389741F85DC47D2A5
|_ Výrobce: Mozilla Foundation
|_ Procesy
|_ firefox.exe (228)

[?] nssdbm3.dll
|_ Cesta: C:\Program Files\Mozilla Firefox\nssdbm3.dll
|_ MD5: A0B507E037C3D2369F42A7BBFD08D878
|_ Výrobce: Mozilla Foundation
|_ Procesy
|_ firefox.exe (228)

[?] freebl3.dll
|_ Cesta: C:\Program Files\Mozilla Firefox\freebl3.dll
|_ MD5: 6F9B85C270D7287011670411801C9DBF
|_ Výrobce: Mozilla Foundation
|_ Procesy
|_ firefox.exe (228)

================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ]

Dejte log z RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 .

Logfile of random's system information tool 1.08 (written by random/random)
Run by HK at 2010-08-24 18:41:45
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 16 GB (57%) free of 28 GB
Total RAM: 511 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:43:59, on 24.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\HK\Plocha\RSIT.exe
C:\Program Files\trend micro\HK.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60327
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.crawler.com/homepage.aspx?tbid=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60327
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9121625296
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6991 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-08-10 1242064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-08-10 1242064]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"preload"=C:\Windows\RUNXMLPL.exe [2004-04-20 40960]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-07 98304]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-07 536576]
"LaunchAp"=C:\Program Files\Launch Manager\LaunchAp.exe [2004-08-06 32768]
"PowerKey"=C:\Program Files\Launch Manager\PowerKey.exe [2002-08-30 94208]
"LManager"=C:\Program Files\Launch Manager\HotkeyApp.exe [2004-07-15 49152]
"CtrlVol"=C:\Program Files\Launch Manager\CtrlVol.exe [2004-01-28 184320]
"LMgrOSD"=C:\Program Files\Launch Manager\OSDCtrl.exe [2004-09-08 245760]
"Wbutton"=C:\Program Files\Launch Manager\Wbutton.exe [2004-08-13 73728]
"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2004-06-22 143360]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2004-09-01 53248]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-07-13 4141056]
"nwiz"=nwiz.exe /install []
"AGRSMMSG"=C:\WINDOWS\AGRSMMSG.exe [2003-07-25 88363]
"LtMoh"=C:\Program Files\ltmoh\Ltmoh.exe [2002-11-25 172032]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"MSSE"=C:\Program Files\Microsoft Security Essentials\msseces.exe [2010-06-01 1093208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\totalcmd\TOTALCMD.EXE"="C:\Program Files\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-08-24 17:12:19 ----D---- C:\rsit
2010-08-24 17:12:19 ----D---- C:\Program Files\trend micro
2010-08-24 16:25:46 ----D---- C:\Program Files\Ultimate Process Manager
2010-08-24 11:02:05 ----D---- C:\Program Files\Microsoft Security Essentials
2010-08-24 10:21:25 ----D---- C:\Program Files\Crawler
2010-08-24 09:56:05 ----D---- C:\Program Files\CCleaner
2010-08-21 17:52:38 ----D---- C:\WINDOWS\pss
2010-08-20 11:03:57 ----D---- C:\Documents and Settings\HK\Data aplikací\Canon
2010-08-12 17:15:43 ----HD---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-12 17:15:38 ----HD---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-12 17:15:27 ----HD---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-12 17:15:14 ----HD---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-12 17:10:03 ----HD---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-12 17:09:58 ----HD---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-12 17:09:50 ----HD---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-12 17:05:13 ----HD---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-04 11:29:34 ----HD---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-01 09:58:07 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2010-08-01 09:53:34 ----HD---- C:\WINDOWS\$NtUninstallWdf01005$
2010-07-31 16:39:33 ----A---- C:\WINDOWS\system32\ptpusb.dll
2010-07-31 16:39:32 ----A---- C:\WINDOWS\system32\ptpusd.dll

======List of files/folders modified in the last 1 months======

2010-08-24 18:28:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-24 18:04:22 ----A---- C:\WINDOWS\ModemLog_Agere Systems AC'97 Modem.txt
2010-08-24 18:03:18 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-03 20:09:32 ----A---- C:\WINDOWS\system32\MRT.exe
2010-07-27 08:30:32 ----A---- C:\WINDOWS\system32\shell32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
R0 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
R0 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-14 691696]
R0 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-02 27904]
R1 AmdK8;Ovladač procesoru AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-05-08 38400]
R1 Hotkey;Hotkey; C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 9867]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-03-25 151216]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2003-07-25 1196460]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-07-22 42496]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IPN2220;acer IPN2220 Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\i2220ntx.sys [2004-08-16 160896]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2010-07-14 6912]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-07-13 2488640]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-12-05 10368]
R3 POWERKEY;POWERKEY; \??\C:\Program Files\Launch Manager\POWERKEY.sys []
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-05-07 182688]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2004-03-17 117248]
S1 mailKmd;mailKmd; C:\WINDOWS\system32\drivers\mailKmd.sys []
S1 Wbutton;Wbutton; C:\WINDOWS\system32\drivers\Wbutton.sys []
S3 a80aeuoo;a80aeuoo; C:\WINDOWS\system32\drivers\a80aeuoo.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-04-13 70144]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2004-09-01 171392]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 anbmService;Notebook Manager Service; C:\Acer\eManager\anbmServ.exe [2004-08-16 1287168]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe [2010-03-25 17904]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-07-13 114754]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-07-14 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Ještě poprosím o log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

ComboFix 10-08-24.02 - HK 24.08.2010 19:29:38.1.1 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.511.231 [GMT 2:00]
Spuštěný z: c:\documents and settings\HK\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *On-access scanning disabled* (Updated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-07-24 do 2010-08-24 )))))))))))))))))))))))))))))))
.

2010-08-24 15:12 . 2010-08-24 15:12 -------- d-----w- C:\rsit
2010-08-24 15:12 . 2010-08-24 15:12 -------- d-----w- c:\program files\trend micro
2010-08-24 14:25 . 2010-08-24 14:25 -------- d-----w- c:\program files\Ultimate Process Manager
2010-08-24 09:02 . 2010-08-24 09:02 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-08-24 07:56 . 2010-08-24 07:56 -------- d-----w- c:\program files\CCleaner
2010-08-14 13:41 . 2010-08-14 13:41 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-08-01 07:58 . 2008-04-13 18:45 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2010-08-01 07:58 . 2008-04-13 18:45 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys
2010-07-31 14:39 . 2001-10-24 10:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-07-31 14:39 . 2008-04-14 03:21 159232 ----a-w- c:\windows\system32\ptpusd.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-24 17:11 . 1979-12-31 22:00 84234 ----a-w- c:\windows\system32\perfc005.dat
2010-08-24 17:11 . 1979-12-31 22:00 439452 ----a-w- c:\windows\system32\perfh005.dat
2010-08-01 07:54 . 2010-08-01 07:54 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2010-08-01 07:54 . 2010-08-01 07:54 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-07-23 18:42 . 2010-07-23 18:42 -------- d-----w- c:\program files\Reference Assemblies
2010-07-15 15:48 . 2010-07-15 15:48 -------- d--h--w- c:\program files\CanonBJ
2010-07-15 15:34 . 2010-07-15 15:34 -------- d-----w- c:\program files\acer
2010-07-14 20:26 . 2010-07-14 20:26 -------- d-----w- c:\program files\XnView
2010-07-14 19:59 . 2010-07-14 19:59 -------- d-----w- c:\program files\Common Files\Nero
2010-07-14 19:59 . 2010-07-14 19:59 -------- d-----w- c:\program files\Nero
2010-07-14 19:34 . 2010-07-14 19:34 -------- d-----w- c:\program files\MSBuild
2010-07-14 18:54 . 2010-07-14 18:54 -------- d-----w- c:\program files\VideoLAN
2010-07-14 18:41 . 2010-07-14 18:41 -------- d-----w- c:\program files\Bonjour
2010-07-14 18:23 . 2010-07-14 18:23 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-07-14 17:55 . 2010-07-14 17:55 -------- d-----w- c:\program files\Microsoft Works
2010-07-14 17:54 . 2010-07-14 17:54 -------- d-----w- c:\program files\Microsoft.NET
2010-07-14 17:17 . 2010-07-14 17:17 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-07-14 17:16 . 2010-07-14 17:16 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-07-14 17:00 . 2010-07-14 17:00 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-14 16:37 . 2010-07-14 16:37 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-07-14 16:25 . 2004-09-17 10:11 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-07-14 16:25 . 2004-09-17 10:11 2684 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-06-14 14:31 . 2004-09-17 10:10 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
2010-06-14 07:43 . 1979-12-31 22:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-02 08:00 . 2010-07-14 16:37 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-06-01 17:37 . 2010-07-14 15:34 221568 ------w- c:\windows\system32\MpSigStub.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"preload"="c:\windows\RUNXMLPL.exe" [2004-04-20 40960]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-07 98304]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-07 536576]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2004-08-06 32768]
"PowerKey"="c:\program files\Launch Manager\PowerKey.exe" [2002-08-30 94208]
"LManager"="c:\program files\Launch Manager\HotkeyApp.exe" [2004-07-15 49152]
"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2004-01-28 184320]
"LMgrOSD"="c:\program files\Launch Manager\OSDCtrl.exe" [2004-09-08 245760]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2004-08-13 73728]
"VTTrayp"="VTtrayp.exe" [2004-06-22 143360]
"VTTimer"="VTTimer.exe" [2004-09-01 53248]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-13 4141056]
"nwiz"="nwiz.exe" [2004-07-13 880640]
"AGRSMMSG"="AGRSMMSG.exe" [2003-07-25 88363]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2002-11-25 172032]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\totalcmd\\TOTALCMD.EXE"=

R3 IPN2220;acer IPN2220 Wireless LAN Card Driver;c:\windows\system32\drivers\i2220ntx.sys [27.9.2004 18:18 160896]
R3 POWERKEY;POWERKEY;c:\program files\Launch Manager\POWERKEY.SYS [27.9.2004 22:33 2343]
S1 mailKmd;mailKmd; [x]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14.7.2010 19:17 691696]
.
Obsah adresáře 'Naplánované úlohy'

2010-08-24 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2010-03-25 19:40]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = hxxp://global.acer.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\HK\Data aplikací\Mozilla\Firefox\Profiles\l3kcjnma.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-24 19:33
Windows 5.1.2600 Service Pack 3 FAT NTAPI

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3680)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
Celkový čas: 2010-08-24 19:35:16
ComboFix-quarantined-files.txt 2010-08-24 17:35

Před spuštěním: Volných bajtů: 16 339 025 920
Po spuštění: Volných bajtů: 16 944 676 864

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect

- - End Of File - - D7F160CA9D979E45EE9F30ADB807BEC7

OK. Zkuste toto:

otevřete si poznámkový blok.
zkopírujte do něj následující text:

cd /d %SystemRoot%\system32
regsvr32 comcat.dll /s
regsvr32 shdoc401.dll /s
regsvr32 shdoc401.dll /i /s
regsvr32 asctrls.ocx /s
regsvr32 oleaut32.dll /s
regsvr32 shdocvw.dll /I /s
regsvr32 shdocvw.dll /s
regsvr32 browseui.dll /s
regsvr32 browseui.dll /I /s
regsvr32 msrating.dll /s
regsvr32 mlang.dll /s
regsvr32 hlink.dll /s
regsvr32 mshtmled.dll /s
regsvr32 urlmon.dll /s
regsvr32 plugin.ocx /s
regsvr32 sendmail.dll /s
regsvr32 scrobj.dll /s
regsvr32 mmefxe.ocx /s
regsvr32 corpol.dll /s
regsvr32 jscript.dll /s
regsvr32 msxml.dll /s
regsvr32 imgutil.dll /s
regsvr32 thumbvw.dll /s
regsvr32 cryptext.dll /s
regsvr32 rsabase.dll /s
regsvr32 inseng.dll /s
regsvr32 iesetup.dll /i /s
regsvr32 cryptdlg.dll /s
regsvr32 actxprxy.dll /s
regsvr32 dispex.dll /s
regsvr32 occache.dll /s
regsvr32 occache.dll /i /s
regsvr32 iepeers.dll /s
regsvr32 urlmon.dll /i /s
regsvr32 cdfview.dll /s
regsvr32 webcheck.dll /s
regsvr32 mobsync.dll /s
regsvr32 pngfilt.dll /s
regsvr32 licmgr10.dll /s
regsvr32 icmfilter.dll /s
regsvr32 hhctrl.ocx /s
regsvr32 inetcfg.dll /s
regsvr32 tdc.ocx /s
regsvr32 MSR2C.DLL /s
regsvr32 msident.dll /s
regsvr32 msieftp.dll /s
regsvr32 xmsconf.ocx /s
regsvr32 ils.dll /s
regsvr32 msoeacct.dll /s
regsvr32 inetcomm.dll /s
regsvr32 msdxm.ocx /s
regsvr32 dxmasf.dll /s
regsvr32 l3codecx.ax /s
regsvr32 acelpdec.ax /s
regsvr32 mpg4ds32.ax /s
regsvr32 voxmsdec.ax /s
regsvr32 danim.dll /s
regsvr32 Daxctle.ocx /s
regsvr32 lmrt.dll /s
regsvr32 datime.dll /s
regsvr32 dxtrans.dll /s
regsvr32 dxtmsft.dll /s
regsvr32 WEBPOST.DLL /s
regsvr32 WPWIZDLL.DLL /s
regsvr32 POSTWPP.DLL /s
regsvr32 CRSWPP.DLL /s
regsvr32 FTPWPP.DLL /s
regsvr32 FPWPP.DLL /s
regsvr32 WUAPI.DLL /s
regsvr32 WUAUENG.DLL /s
regsvr32 WUAUENG1.DLL /s
regsvr32 ATL.DLL /s
regsvr32 WUCLTUI.DLL /s
regsvr32 WUPS.DLL /s
regsvr32 WUPS2.DLL /s
regsvr32 WUWEB.DLL /s
regsvr32 wshom.ocx /s
regsvr32 wshext.dll /s
regsvr32 vbscript.dll /s
regsvr32 scrrun.dll mstinit.exe /setup /s
regsvr32 msnsspc.dll /SspcCreateSspiReg /s
regsvr32 msapsspc.dll /SspcCreateSspiReg /s
exit

uložte soubor jako IEreg.bat na plochu.
dvojklikem ho rozbalte.

VIRY.CZ

Pomalý ntb + nejdou instalovat aktualizace

Pomalý ntb + nejdou instalovat aktualizace

Re: Pomalý ntb + nejdou instalovat aktualizace

Re: Pomalý ntb + nejdou instalovat aktualizace

Re: Pomalý ntb + nejdou instalovat aktualizace

Re: Pomalý ntb + nejdou instalovat aktualizace

Re: Pomalý ntb + nejdou instalovat aktualizace