Před požitím RSITu jsem PC vyčistil Spyware Terminatorem a CCleanerem
Logfile of random's system information tool 1.08 (written by random/random)
Run by Uživatel at 2010-09-07 13:01:59
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 759 GB (80%) free of 954 GB
Total RAM: 3326 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:02:06, on 7.9.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Uživatel\Dokumenty\Stáhnuto\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" BOOT
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C2B8C5F-652B-4D3E-9C7F-8B2ACFDE103F}: NameServer = 93.188.162.233,93.188.161.233
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 93.188.162.233,93.188.161.233
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 93.188.162.233,93.188.161.233
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 93.188.162.233,93.188.161.233
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
--
End of file - 7003 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1249561313.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-21 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-21 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-02-22 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-02-22 110696]
"IntelAudioStudio"=C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe [2006-04-19 9125888]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2008-09-04 2524416]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-03 1144104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe [2006-04-19 9125888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InvisibleBrowsing]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2010-02-22 13670504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2010-02-22 110696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /installquiet []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-03-28 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-21 148888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOY5KNQ8OC]
C:\DOCUME~1\UIVATE~1\LOCALS~1\Temp\Xsh.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpohmr08.exe [2003-04-06 147456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpotdd01.exe [2003-04-06 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Uživatel^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="acaptuser32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 72208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Disabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="C:\Program Files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
"C:\Program Files\Valve\Steam\SteamApps\User\Half-Life 2\hl2.exe"="C:\Program Files\Valve\Steam\SteamApps\User\Half-Life 2\hl2.exe:*:Enabled:hl2"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe"="C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Activision\Modern Warfare 2\iw4mp.exe"="C:\Program Files\Activision\Modern Warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"C:\Program Files\Activision\Modern Warfare 2\iw4mpcrk.exe"="C:\Program Files\Activision\Modern Warfare 2\iw4mpcrk.exe:*:Enabled:iw4mpcrk"
"C:\Program Files\Activision\Modern Warfare 2\iw4sp.exe"="C:\Program Files\Activision\Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"C:\Program Files\TrackMania United\TmUnited.exe"="C:\Program Files\TrackMania United\TmUnited.exe:*:Enabled:TmUnited"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (CLI)"
"C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe"="C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\dedicated\XR_3DA.exe:*:Enabled:S.T.A.L.K.E.R. - Shadow of Chernobyl (SRV)"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"C:\Program Files\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\UPlayBrowser.exe"="C:\Program Files\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\UPlayBrowser.exe:*:Disabled:UPlayBrowser Application"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"C:\Documents and Settings\All Users\Data aplikací\Electronic Arts\Need For Speed World\Data\nfsw.exe"="C:\Documents and Settings\All Users\Data aplikací\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-09-07 13:02:00 ----D---- C:\Program Files\trend micro
2010-09-07 13:01:59 ----D---- C:\rsit
2010-09-04 21:12:32 ----AH---- C:\aaw7boot.cmd
2010-08-29 14:48:50 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\HighAndes
2010-08-29 14:48:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\HighAndes
2010-08-28 19:48:31 ----A---- C:\WINDOWS\system32\unrar.dll
2010-08-28 19:48:30 ----A---- C:\WINDOWS\avisplitter.ini
2010-08-28 19:48:27 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2010-08-28 19:48:27 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-08-28 19:48:27 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-08-28 19:48:26 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2010-08-28 19:48:26 ----A---- C:\WINDOWS\system32\dpl100.dll
2010-08-28 19:48:15 ----A---- C:\WINDOWS\system32\divx.dll
2010-08-28 19:48:13 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-08-28 19:48:13 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-08-28 19:48:11 ----D---- C:\Program Files\K-Lite Codec Pack
2010-08-28 18:51:37 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\BSplayer Pro
2010-08-28 18:51:20 ----D---- C:\Program Files\Webteh
2010-08-27 20:14:01 ----D---- C:\Program Files\FreeTime
2010-08-14 11:17:36 ----D---- C:\Program Files\Common Files\Skype
======List of files/folders modified in the last 1 months======
2010-09-07 13:02:07 ----D---- C:\WINDOWS\Prefetch
2010-09-07 13:02:01 ----D---- C:\WINDOWS\Temp
2010-09-07 13:02:00 ----RD---- C:\Program Files
2010-09-07 13:00:47 ----D---- C:\WINDOWS\system32\drivers
2010-09-07 13:00:25 ----D---- C:\WINDOWS\system32\LogFiles
2010-09-07 13:00:25 ----D---- C:\WINDOWS
2010-09-07 12:36:44 ----D---- C:\Program Files\Common Files\Akamai
2010-09-07 00:32:24 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-09-06 19:40:40 ----A---- C:\WINDOWS\NeroDigital.ini
2010-09-06 18:20:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-09-06 18:00:15 ----D---- C:\Program Files\World of Warcraft
2010-09-06 12:33:40 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2010-09-06 12:13:51 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\skypePM
2010-09-05 17:39:02 ----D---- C:\WINDOWS\system32
2010-09-05 12:06:43 ----SHD---- C:\Config.Msi
2010-09-04 23:34:28 ----SHD---- C:\WINDOWS\Installer
2010-09-04 23:34:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-09-04 23:34:01 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-04 23:33:06 ----SD---- C:\WINDOWS\Tasks
2010-09-04 15:44:30 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-04 15:36:03 ----HD---- C:\WINDOWS\inf
2010-09-04 14:59:23 ----D---- C:\WINDOWS\WinSxS
2010-08-30 14:32:31 ----D---- C:\Program Files\TrackMania Nations ESWC
2010-08-28 18:59:51 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\DivX
2010-08-27 16:07:35 ----D---- C:\Program Files\Steam
2010-08-14 22:19:37 ----RD---- C:\Program Files\Skype
2010-08-14 11:17:36 ----D---- C:\Program Files\Common Files
2010-08-14 11:17:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-08-10 22:17:03 ----D---- C:\WINDOWS\system32\oodag
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-07-29 717296]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-08-06 82380]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-02-06 93336]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-08-23 279712]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-08-23 25888]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-01-12 163328]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2009-06-17 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2009-06-17 28560]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-02-22 10231936]
R3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-12-02 41728]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-03-20 1156648]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R4 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-04-07 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-04-07 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-04-07 21456]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-06-03 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-06-03 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-06-03 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-06-03 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-06-03 79488]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2009-06-17 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2009-06-17 79248]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Akamai;Akamai NetSession Interface; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-21 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-02-22 154216]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-09-04 1295616]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-06-18 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-06-18 215016]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-23 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-04-17 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-04-07 65795]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
Zdravim a pekne odpoledne preji 
Havet tam vsak stale je
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Havet tam vsak stale je
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Vložte do PC vsechny USB klice (flash disky, ext.disky apod.)
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
Stáhl jsem si ComboFix ale když ho chci spustit nic se nestane
edit: na tomto fóru jsem našel, že když nejde spustit ComboFix.exe tak se má zkusit přejmenovat na 123.com. Mám to udělat?
edit2: tak po přejmenování combofix.exe na 123.com se mi podařilo (po několika restartech a 1 zaseknutí combofixu při generování logu) vygenerovat log:
ComboFix 10-09-06.04 - Uživatel 07.09.2010 15:47:37.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3326.2845 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\123.com
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\documents and settings\Uživatel\Data aplikací\addon.dat
c:\windows\Config\System.exe
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-07 do 2010-09-07 )))))))))))))))))))))))))))))))
.
2010-09-07 11:02 . 2010-09-07 11:02 -------- d-----w- c:\program files\trend micro
2010-09-07 11:01 . 2010-09-07 11:02 -------- d-----w- C:\rsit
2010-09-04 19:12 . 2010-09-04 19:12 1848 ---ha-w- C:\aaw7boot.cmd
2010-09-04 13:47 . 2010-09-04 13:47 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-08-28 17:48 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2010-08-28 17:48 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-08-28 17:48 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-08-28 17:48 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-08-28 17:48 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2010-08-28 17:48 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2010-08-28 17:48 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\divx.dll
2010-08-28 17:48 . 2009-06-02 16:11 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-08-28 17:48 . 2010-08-28 17:48 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-08-28 16:51 . 2010-08-28 16:51 -------- d-----w- c:\program files\Webteh
2010-08-27 18:14 . 2010-08-27 18:14 -------- d-----w- c:\program files\FreeTime
2010-08-14 09:17 . 2010-08-14 09:17 -------- d-----w- c:\program files\Common Files\Skype
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 13:45 . 2010-05-21 15:22 -------- d-----w- c:\program files\Common Files\Akamai
2010-09-06 16:00 . 2010-07-21 14:09 -------- d-----w- c:\program files\World of Warcraft
2010-08-30 12:32 . 2009-08-29 13:43 -------- d-----w- c:\program files\TrackMania Nations ESWC
2010-08-27 14:07 . 2009-11-14 19:47 -------- d-----w- c:\program files\Steam
2010-08-14 20:19 . 2009-07-29 13:04 -------- d-----r- c:\program files\Skype
2010-07-28 09:05 . 2009-08-08 08:17 -------- d-----w- c:\program files\Electronic Arts
2010-07-25 18:45 . 2010-06-21 13:15 -------- d-----w- c:\program files\Ubisoft
2010-07-25 18:45 . 2009-07-28 14:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-21 15:01 . 2009-08-26 15:15 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-06-30 19:44 . 2010-06-30 19:44 29696 ----a-w- c:\windows\mickey32.dll
2010-06-30 19:44 . 2010-06-30 19:44 232784 ----a-w- c:\windows\Matrix Code.scr
2010-06-30 19:44 . 2010-06-30 19:44 2285222 ----a-w- c:\windows\Matrix Code.exe
2010-06-19 16:05 . 2001-10-25 12:00 79062 ----a-w- c:\windows\system32\perfc005.dat
2010-06-19 16:05 . 2001-10-25 12:00 432004 ----a-w- c:\windows\system32\perfh005.dat
2010-06-18 16:38 . 2010-06-16 13:05 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-18 16:37 . 2010-06-16 13:05 215016 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-18 16:13 . 2010-06-16 13:05 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-18 16:13 . 2010-06-18 16:13 2427248 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2010-06-16 13:05 . 2009-07-30 06:24 669184 ----a-w- c:\windows\system32\pbsvc.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-21 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-02-21 110696]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2006-04-19 9125888]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-09-04 2524416]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-3 813584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Uživatel^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 15:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 05:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2006-04-19 15:40 9125888 ----a-w- c:\program files\Intel Audio Studio\IntelAudioStudio.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-02-21 22:35 13670504 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-02-21 22:35 110696 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-03-28 21:37 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2005-10-26 14:17 159744 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-09-21 18:25 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\TrackMania United\\TmUnited.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"1042:TCP"= 1042:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [6.2.2009 14:24 93336]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [17.8.2004 15:49 14336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 14:23 727720]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.9.2009 18:05 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.7.2009 14:07 717296]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2009-11-08 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8249561313.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]
2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 16:05]
2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 16:05]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: battlefieldheroes.com\www
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2opk9ugp.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
MSConfigStartUp-Acrobat Assistant 8 - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
MSConfigStartUp-Adobe Acrobat Speed Launcher - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
MSConfigStartUp-nwiz - nwiz.exe
MSConfigStartUp-TOY5KNQ8OC - c:\docume~1\UIVATE~1\LOCALS~1\Temp\Xsh.exe
ActiveSetup-{7E429072-A1A7-8789-6BE5-932D6223F4E5} - c:\documents and settings\Uživatel\Data aplikací\Bifrost\server.exe
ActiveSetup-{AD1A16D8-EF4C-3876-8D49-07E8BA72B86D} - c:\documents and settings\Uživatel\Data aplikací\Logs\Microsoft.log
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-07 15:53
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"7B97E000527E10F478A01C92247B8F4E"="c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Game\\Localized\\Video\\Hungarian\\"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="8447941B6B7E587F710CBD71492D37DF9B5EB7F41D194F4D4BAE67598CF9F7CEB7E25B2E4253B144A129DDA09FCAA0F3A6D357CCC614D89FFACA059D7661FAB4EA8681C72F6DA20221200F43AC122108547146612FE9894B2D410571120F0D478B02B570375BA9E218A1DFC93CBE257EA0E7112F0729590CCEE21178968251BA20E7601337A8B532BC21940A7090095C9AAB79935263B33E63C605380FBCE0E5BE909B025D6C2DE05FD6253D3B4D204CE1767351EBADF6E602C5F39E5546C7C59495B56F2C3C69065EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452A2D97226D213B5558EDD5E5BE2F6E6676CDCBD24B6C912CBDD5D2196A07B1D86FC6BB1D1D336EFFE2BBE1FBC3867CCF4B075BAE60C956A4A3715EAB4DFD136D8D7612ED237731A8E3D00A9062526DA614F6D51BA8C3FFD0AEF4196F55E75C71B4E44A907F454C55F4351D094F80BE408BB8CC675D88CA12E3E6730534BF74027F477992B6E54171F4E13110E64A3E70B2AD0C04090B54D709643289EDADC30E92391D8D407E7DA8E3B5BCE6A1E6C09A495EBCB1B5DE41B1C3542D3F7441F4C63F45F24EBA973FC062471CD77DDD90E9D3DC356D4E63CCD911A076AD7432A6D2AC9DF9BAABFD28FEE6CD1BA5563D2E1D52171B595DE4E47C58667880817DF10E8C64646233CD249C7382EA3F7EE3394400A439ED57524104004EF2F280494D559D4FA0DB693350423706A7929474757E400B9ADE362B9549CDA5DC3AAD11204CF9E983C1FBD313D26C21E1485B45481DD518AE1E061FDE28D1DA20C554B95023115EE07E6B7EE170CA0972E7E86128E5C111FA043AE55B0551C67B5C341CE5DF46B0102EE820FD724BED4E4D78D299DA195162ED48E98554CEE84526586E448A99B0826692221684D160E3BA91F3A7086F7BFB833C7930D5FF189D3FBF2ED15F060EDD15F9EACD681E328976316D8EE7517A1CE502586B70EC3B8951FE2F9BF7F3A53C52C87AA55C9A9C144C24E8923ED14F6E1F1F3A3586EC609D1B8B487E21FEC0A2800690ABA432DAA6F5DAAC93D82D62A4CB0871597A6A3A3A8094D0EBFAB019C015E5CACFEA1F5672D1E11888F5C0860C7FBB676C174C369A0A013F43C984343BE9F7668422A513171BFE9A69035966C74155CD64527D76AA0E7F2196069C26F33EDD607443852731753237D5A5C35D85491D63B3824516E7598DACC5938D444914A9C47ECB9CB4FDEBDAF562EB55863505A091CD0E1696F4F43C0D3783110987688EB5AC430591AE7B70472ECB7BBFDB3AFD8636AEE9A1D42481AE7B197D1795C50EEE67932D45BBBCE1A829EEE5CCCAE21B1F287E923D8C761E3359EBEBA25A69DD1065EEAE2CEC262EF2EED79FC2AD115811EC9"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(684)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
- - - - - - - > 'explorer.exe'(620)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\msi.dll
.
Celkový čas: 2010-09-07 15:55:36
ComboFix-quarantined-files.txt 2010-09-07 13:55
Před spuštěním: Volných bajtů: 796 760 358 912
Po spuštění: Volných bajtů: 796 725 211 136
- - End Of File - - 8246BC17879EB0B6ED0C90E3B16CF55D
edit: na tomto fóru jsem našel, že když nejde spustit ComboFix.exe tak se má zkusit přejmenovat na 123.com. Mám to udělat?
edit2: tak po přejmenování combofix.exe na 123.com se mi podařilo (po několika restartech a 1 zaseknutí combofixu při generování logu) vygenerovat log:
ComboFix 10-09-06.04 - Uživatel 07.09.2010 15:47:37.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3326.2845 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\123.com
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\documents and settings\Uživatel\Data aplikací\addon.dat
c:\windows\Config\System.exe
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-07 do 2010-09-07 )))))))))))))))))))))))))))))))
.
2010-09-07 11:02 . 2010-09-07 11:02 -------- d-----w- c:\program files\trend micro
2010-09-07 11:01 . 2010-09-07 11:02 -------- d-----w- C:\rsit
2010-09-04 19:12 . 2010-09-04 19:12 1848 ---ha-w- C:\aaw7boot.cmd
2010-09-04 13:47 . 2010-09-04 13:47 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-08-28 17:48 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2010-08-28 17:48 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-08-28 17:48 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-08-28 17:48 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-08-28 17:48 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2010-08-28 17:48 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2010-08-28 17:48 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\divx.dll
2010-08-28 17:48 . 2009-06-02 16:11 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-08-28 17:48 . 2010-08-28 17:48 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-08-28 16:51 . 2010-08-28 16:51 -------- d-----w- c:\program files\Webteh
2010-08-27 18:14 . 2010-08-27 18:14 -------- d-----w- c:\program files\FreeTime
2010-08-14 09:17 . 2010-08-14 09:17 -------- d-----w- c:\program files\Common Files\Skype
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 13:45 . 2010-05-21 15:22 -------- d-----w- c:\program files\Common Files\Akamai
2010-09-06 16:00 . 2010-07-21 14:09 -------- d-----w- c:\program files\World of Warcraft
2010-08-30 12:32 . 2009-08-29 13:43 -------- d-----w- c:\program files\TrackMania Nations ESWC
2010-08-27 14:07 . 2009-11-14 19:47 -------- d-----w- c:\program files\Steam
2010-08-14 20:19 . 2009-07-29 13:04 -------- d-----r- c:\program files\Skype
2010-07-28 09:05 . 2009-08-08 08:17 -------- d-----w- c:\program files\Electronic Arts
2010-07-25 18:45 . 2010-06-21 13:15 -------- d-----w- c:\program files\Ubisoft
2010-07-25 18:45 . 2009-07-28 14:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-21 15:01 . 2009-08-26 15:15 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-06-30 19:44 . 2010-06-30 19:44 29696 ----a-w- c:\windows\mickey32.dll
2010-06-30 19:44 . 2010-06-30 19:44 232784 ----a-w- c:\windows\Matrix Code.scr
2010-06-30 19:44 . 2010-06-30 19:44 2285222 ----a-w- c:\windows\Matrix Code.exe
2010-06-19 16:05 . 2001-10-25 12:00 79062 ----a-w- c:\windows\system32\perfc005.dat
2010-06-19 16:05 . 2001-10-25 12:00 432004 ----a-w- c:\windows\system32\perfh005.dat
2010-06-18 16:38 . 2010-06-16 13:05 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-18 16:37 . 2010-06-16 13:05 215016 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-18 16:13 . 2010-06-16 13:05 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-18 16:13 . 2010-06-18 16:13 2427248 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2010-06-16 13:05 . 2009-07-30 06:24 669184 ----a-w- c:\windows\system32\pbsvc.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-21 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-02-21 110696]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2006-04-19 9125888]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-09-04 2524416]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-3 813584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Uživatel^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 15:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 05:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-06-03 00:50 1144104 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2006-04-19 15:40 9125888 ----a-w- c:\program files\Intel Audio Studio\IntelAudioStudio.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-02-21 22:35 13670504 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-02-21 22:35 110696 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-03-28 21:37 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2005-10-26 14:17 159744 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-09-21 18:25 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\TrackMania United\\TmUnited.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"1042:TCP"= 1042:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [6.2.2009 14:24 93336]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [17.8.2004 15:49 14336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 14:23 727720]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.9.2009 18:05 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.7.2009 14:07 717296]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2009-11-08 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8249561313.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]
2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 16:05]
2010-09-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 16:05]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: battlefieldheroes.com\www
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2opk9ugp.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
MSConfigStartUp-Acrobat Assistant 8 - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
MSConfigStartUp-Adobe Acrobat Speed Launcher - c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe
MSConfigStartUp-nwiz - nwiz.exe
MSConfigStartUp-TOY5KNQ8OC - c:\docume~1\UIVATE~1\LOCALS~1\Temp\Xsh.exe
ActiveSetup-{7E429072-A1A7-8789-6BE5-932D6223F4E5} - c:\documents and settings\Uživatel\Data aplikací\Bifrost\server.exe
ActiveSetup-{AD1A16D8-EF4C-3876-8D49-07E8BA72B86D} - c:\documents and settings\Uživatel\Data aplikací\Logs\Microsoft.log
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-07 15:53
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"7B97E000527E10F478A01C92247B8F4E"="c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Game\\Localized\\Video\\Hungarian\\"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="8447941B6B7E587F710CBD71492D37DF9B5EB7F41D194F4D4BAE67598CF9F7CEB7E25B2E4253B144A129DDA09FCAA0F3A6D357CCC614D89FFACA059D7661FAB4EA8681C72F6DA20221200F43AC122108547146612FE9894B2D410571120F0D478B02B570375BA9E218A1DFC93CBE257EA0E7112F0729590CCEE21178968251BA20E7601337A8B532BC21940A7090095C9AAB79935263B33E63C605380FBCE0E5BE909B025D6C2DE05FD6253D3B4D204CE1767351EBADF6E602C5F39E5546C7C59495B56F2C3C69065EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452A2D97226D213B5558EDD5E5BE2F6E6676CDCBD24B6C912CBDD5D2196A07B1D86FC6BB1D1D336EFFE2BBE1FBC3867CCF4B075BAE60C956A4A3715EAB4DFD136D8D7612ED237731A8E3D00A9062526DA614F6D51BA8C3FFD0AEF4196F55E75C71B4E44A907F454C55F4351D094F80BE408BB8CC675D88CA12E3E6730534BF74027F477992B6E54171F4E13110E64A3E70B2AD0C04090B54D709643289EDADC30E92391D8D407E7DA8E3B5BCE6A1E6C09A495EBCB1B5DE41B1C3542D3F7441F4C63F45F24EBA973FC062471CD77DDD90E9D3DC356D4E63CCD911A076AD7432A6D2AC9DF9BAABFD28FEE6CD1BA5563D2E1D52171B595DE4E47C58667880817DF10E8C64646233CD249C7382EA3F7EE3394400A439ED57524104004EF2F280494D559D4FA0DB693350423706A7929474757E400B9ADE362B9549CDA5DC3AAD11204CF9E983C1FBD313D26C21E1485B45481DD518AE1E061FDE28D1DA20C554B95023115EE07E6B7EE170CA0972E7E86128E5C111FA043AE55B0551C67B5C341CE5DF46B0102EE820FD724BED4E4D78D299DA195162ED48E98554CEE84526586E448A99B0826692221684D160E3BA91F3A7086F7BFB833C7930D5FF189D3FBF2ED15F060EDD15F9EACD681E328976316D8EE7517A1CE502586B70EC3B8951FE2F9BF7F3A53C52C87AA55C9A9C144C24E8923ED14F6E1F1F3A3586EC609D1B8B487E21FEC0A2800690ABA432DAA6F5DAAC93D82D62A4CB0871597A6A3A3A8094D0EBFAB019C015E5CACFEA1F5672D1E11888F5C0860C7FBB676C174C369A0A013F43C984343BE9F7668422A513171BFE9A69035966C74155CD64527D76AA0E7F2196069C26F33EDD607443852731753237D5A5C35D85491D63B3824516E7598DACC5938D444914A9C47ECB9CB4FDEBDAF562EB55863505A091CD0E1696F4F43C0D3783110987688EB5AC430591AE7B70472ECB7BBFDB3AFD8636AEE9A1D42481AE7B197D1795C50EEE67932D45BBBCE1A829EEE5CCCAE21B1F287E923D8C761E3359EBEBA25A69DD1065EEAE2CEC262EF2EED79FC2AD115811EC9"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(684)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
- - - - - - - > 'explorer.exe'(620)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\msi.dll
.
Celkový čas: 2010-09-07 15:55:36
ComboFix-quarantined-files.txt 2010-09-07 13:55
Před spuštěním: Volných bajtů: 796 760 358 912
Po spuštění: Volných bajtů: 796 725 211 136
- - End Of File - - 8246BC17879EB0B6ED0C90E3B16CF55D
Re: Prosím o kontrolu logu
Dekuji a chvalim za dohledani apliakce CF prejmenovani 
Pokud nemate, tak presunte Combofix na plochu
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1042:TCP"=- "5000:UDP"=- Driver:: Akamai File:: c:\windows\Tasks\GoogleUpdateTaskMachineCore.job c:\windows\Tasks\GoogleUpdateTaskMachineUA.job RegLock:: [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*] [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*] DDS:: Trusted Zone: battlefieldheroes.com\www- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
po spuštení vyskočil Error: The content of folder C:\Windows\erdnt\Hiv-backup could not be completely deleted! Dal jsem OK a ComboFix pokračoval dál, Windows naběhly normálně
ComboFix 10-09-07.01 - Uživatel 08.09.2010 11:37:38.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3326.2812 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Uživatel\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_AKAMAI
-------\Service_Akamai
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-08 do 2010-09-08 )))))))))))))))))))))))))))))))
.
2010-09-07 11:02 . 2010-09-07 11:02 -------- d-----w- c:\program files\trend micro
2010-09-07 11:01 . 2010-09-07 11:02 -------- d-----w- C:\rsit
2010-09-04 19:12 . 2010-09-04 19:12 1848 ---ha-w- C:\aaw7boot.cmd
2010-09-04 13:47 . 2010-09-04 13:47 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-08-28 17:48 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2010-08-28 17:48 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-08-28 17:48 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-08-28 17:48 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-08-28 17:48 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2010-08-28 17:48 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2010-08-28 17:48 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\divx.dll
2010-08-28 17:48 . 2009-06-02 16:11 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-08-28 17:48 . 2010-08-28 17:48 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-08-28 16:51 . 2010-08-28 16:51 -------- d-----w- c:\program files\Webteh
2010-08-27 18:14 . 2010-08-27 18:14 -------- d-----w- c:\program files\FreeTime
2010-08-14 09:17 . 2010-08-14 09:17 -------- d-----w- c:\program files\Common Files\Skype
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-08 08:54 . 2010-05-21 15:22 -------- d-----w- c:\program files\Common Files\Akamai
2010-09-06 16:00 . 2010-07-21 14:09 -------- d-----w- c:\program files\World of Warcraft
2010-08-30 12:32 . 2009-08-29 13:43 -------- d-----w- c:\program files\TrackMania Nations ESWC
2010-08-27 14:07 . 2009-11-14 19:47 -------- d-----w- c:\program files\Steam
2010-08-14 20:19 . 2009-07-29 13:04 -------- d-----r- c:\program files\Skype
2010-07-28 09:05 . 2009-08-08 08:17 -------- d-----w- c:\program files\Electronic Arts
2010-07-25 18:45 . 2010-06-21 13:15 -------- d-----w- c:\program files\Ubisoft
2010-07-25 18:45 . 2009-07-28 14:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-21 15:01 . 2009-08-26 15:15 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-06-30 19:44 . 2010-06-30 19:44 29696 ----a-w- c:\windows\mickey32.dll
2010-06-30 19:44 . 2010-06-30 19:44 232784 ----a-w- c:\windows\Matrix Code.scr
2010-06-30 19:44 . 2010-06-30 19:44 2285222 ----a-w- c:\windows\Matrix Code.exe
2010-06-19 16:05 . 2001-10-25 12:00 79062 ----a-w- c:\windows\system32\perfc005.dat
2010-06-19 16:05 . 2001-10-25 12:00 432004 ----a-w- c:\windows\system32\perfh005.dat
2010-06-18 16:38 . 2010-06-16 13:05 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-18 16:37 . 2010-06-16 13:05 215016 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-18 16:13 . 2010-06-16 13:05 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-18 16:13 . 2010-06-18 16:13 2427248 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2010-06-16 13:05 . 2009-07-30 06:24 669184 ----a-w- c:\windows\system32\pbsvc.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-09-07_13.53.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-08 09:44 . 2010-09-08 09:44 16384 c:\windows\Temp\Perflib_Perfdata_530.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-21 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-02-21 110696]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2006-04-19 9125888]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-09-04 2524416]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-3 813584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Uživatel^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2006-04-19 15:40 9125888 ----a-w- c:\program files\Intel Audio Studio\IntelAudioStudio.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-02-21 22:35 13670504 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-02-21 22:35 110696 ----a-w- c:\windows\system32\nvmctray.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\TrackMania United\\TmUnited.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"1040:TCP"= 1040:TCP:Akamai NetSession Interface
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [6.2.2009 14:24 93336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 14:23 727720]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.9.2009 18:05 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.7.2009 14:07 717296]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2009-11-08 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8249561313.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2opk9ugp.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-08 11:44
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"7B97E000527E10F478A01C92247B8F4E"="c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Game\\Localized\\Video\\Hungarian\\"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="8447941B6B7E587F710CBD71492D37DF9B5EB7F41D194F4D4BAE67598CF9F7CEB7E25B2E4253B144A129DDA09FCAA0F3A6D357CCC614D89FFACA059D7661FAB4EA8681C72F6DA20221200F43AC122108547146612FE9894B2D410571120F0D478B02B570375BA9E218A1DFC93CBE257EA0E7112F0729590CCEE21178968251BA20E7601337A8B532BC21940A7090095C9AAB79935263B33E63C605380FBCE0E5BE909B025D6C2DE05FD6253D3B4D204CE1767351EBADF6E602C5F39E5546C7C59495B56F2C3C69065EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452A2D97226D213B5558EDD5E5BE2F6E6676CDCBD24B6C912CBDD5D2196A07B1D86FC6BB1D1D336EFFE2BBE1FBC3867CCF4B075BAE60C956A4A3715EAB4DFD136D8D7612ED237731A8E3D00A9062526DA614F6D51BA8C3FFD0AEF4196F55E75C71B4E44A907F454C55F4351D094F80BE408BB8CC675D88CA12E3E6730534BF74027F477992B6E54171F4E13110E64A3E70B2AD0C04090B54D709643289EDADC30E92391D8D407E7DA8E3B5BCE6A1E6C09A495EBCB1B5DE41B1C3542D3F7441F4C63F45F24EBA973FC062471CD77DDD90E9D3DC356D4E63CCD911A076AD7432A6D2AC9DF9BAABFD28FEE6CD1BA5563D2E1D52171B595DE4E47C58667880817DF10E8C64646233CD249C7382EA3F7EE3394400A439ED57524104004EF2F280494D559D4FA0DB693350423706A7929474757E400B9ADE362B9549CDA5DC3AAD11204CF9E983C1FBD313D26C21E1485B45481DD518AE1E061FDE28D1DA20C554B95023115EE07E6B7EE170CA0972E7E86128E5C111FA043AE55B0551C67B5C341CE5DF46B0102EE820FD724BED4E4D78D299DA195162ED48E98554CEE84526586E448A99B0826692221684D160E3BA91F3A7086F7BFB833C7930D5FF189D3FBF2ED15F060EDD15F9EACD681E328976316D8EE7517A1CE502586B70EC3B8951FE2F9BF7F3A53C52C87AA55C9A9C144C24E8923ED14F6E1F1F3A3586EC609D1B8B487E21FEC0A2800690ABA432DAA6F5DAAC93D82D62A4CB0871597A6A3A3A8094D0EBFAB019C015E5CACFEA1F5672D1E11888F5C0860C7FBB676C174C369A0A013F43C984343BE9F7668422A513171BFE9A69035966C74155CD64527D76AA0E7F2196069C26F33EDD607443852731753237D5A5C35D85491D63B3824516E7598DACC5938D444914A9C47ECB9CB4FDEBDAF562EB55863505A091CD0E1696F4F43C0D3783110987688EB5AC430591AE7B70472ECB7BBFDB3AFD8636AEE9A1D42481AE7B197D1795C50EEE67932D45BBBCE1A829EEE5CCCAE21B1F287E923D8C761E3359EBEBA25A69DD1065EEAE2CEC262EF2EED79FC2AD115811EC9"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(688)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
- - - - - - - > 'explorer.exe'(1228)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\oodag.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-09-08 11:48:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-08 09:48
ComboFix2.txt 2010-09-07 13:55
Před spuštěním: Volných bajtů: 794 944 536 576
Po spuštění: Volných bajtů: 794 937 774 080
- - End Of File - - 77096C3763B0374E90B74EB1E6DC77AC
ComboFix 10-09-07.01 - Uživatel 08.09.2010 11:37:38.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3326.2812 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Uživatel\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_AKAMAI
-------\Service_Akamai
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-08 do 2010-09-08 )))))))))))))))))))))))))))))))
.
2010-09-07 11:02 . 2010-09-07 11:02 -------- d-----w- c:\program files\trend micro
2010-09-07 11:01 . 2010-09-07 11:02 -------- d-----w- C:\rsit
2010-09-04 19:12 . 2010-09-04 19:12 1848 ---ha-w- C:\aaw7boot.cmd
2010-09-04 13:47 . 2010-09-04 13:47 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-08-28 17:48 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2010-08-28 17:48 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-08-28 17:48 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-08-28 17:48 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-08-28 17:48 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2010-08-28 17:48 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2010-08-28 17:48 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\divx.dll
2010-08-28 17:48 . 2009-06-02 16:11 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-08-28 17:48 . 2010-08-28 17:48 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-08-28 16:51 . 2010-08-28 16:51 -------- d-----w- c:\program files\Webteh
2010-08-27 18:14 . 2010-08-27 18:14 -------- d-----w- c:\program files\FreeTime
2010-08-14 09:17 . 2010-08-14 09:17 -------- d-----w- c:\program files\Common Files\Skype
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-08 08:54 . 2010-05-21 15:22 -------- d-----w- c:\program files\Common Files\Akamai
2010-09-06 16:00 . 2010-07-21 14:09 -------- d-----w- c:\program files\World of Warcraft
2010-08-30 12:32 . 2009-08-29 13:43 -------- d-----w- c:\program files\TrackMania Nations ESWC
2010-08-27 14:07 . 2009-11-14 19:47 -------- d-----w- c:\program files\Steam
2010-08-14 20:19 . 2009-07-29 13:04 -------- d-----r- c:\program files\Skype
2010-07-28 09:05 . 2009-08-08 08:17 -------- d-----w- c:\program files\Electronic Arts
2010-07-25 18:45 . 2010-06-21 13:15 -------- d-----w- c:\program files\Ubisoft
2010-07-25 18:45 . 2009-07-28 14:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-21 15:01 . 2009-08-26 15:15 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-06-30 19:44 . 2010-06-30 19:44 29696 ----a-w- c:\windows\mickey32.dll
2010-06-30 19:44 . 2010-06-30 19:44 232784 ----a-w- c:\windows\Matrix Code.scr
2010-06-30 19:44 . 2010-06-30 19:44 2285222 ----a-w- c:\windows\Matrix Code.exe
2010-06-19 16:05 . 2001-10-25 12:00 79062 ----a-w- c:\windows\system32\perfc005.dat
2010-06-19 16:05 . 2001-10-25 12:00 432004 ----a-w- c:\windows\system32\perfh005.dat
2010-06-18 16:38 . 2010-06-16 13:05 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-18 16:37 . 2010-06-16 13:05 215016 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-18 16:13 . 2010-06-16 13:05 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-18 16:13 . 2010-06-18 16:13 2427248 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2010-06-16 13:05 . 2009-07-30 06:24 669184 ----a-w- c:\windows\system32\pbsvc.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-09-07_13.53.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-08 09:44 . 2010-09-08 09:44 16384 c:\windows\Temp\Perflib_Perfdata_530.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-21 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-02-21 110696]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2006-04-19 9125888]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-09-04 2524416]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-3 813584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Uživatel^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2006-04-19 15:40 9125888 ----a-w- c:\program files\Intel Audio Studio\IntelAudioStudio.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-02-21 22:35 13670504 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-02-21 22:35 110696 ----a-w- c:\windows\system32\nvmctray.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\TrackMania United\\TmUnited.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"1040:TCP"= 1040:TCP:Akamai NetSession Interface
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [6.2.2009 14:24 93336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 14:23 727720]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.9.2009 18:05 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.7.2009 14:07 717296]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2009-11-08 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8249561313.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2opk9ugp.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-08 11:44
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"7B97E000527E10F478A01C92247B8F4E"="c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Game\\Localized\\Video\\Hungarian\\"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="8447941B6B7E587F710CBD71492D37DF9B5EB7F41D194F4D4BAE67598CF9F7CEB7E25B2E4253B144A129DDA09FCAA0F3A6D357CCC614D89FFACA059D7661FAB4EA8681C72F6DA20221200F43AC122108547146612FE9894B2D410571120F0D478B02B570375BA9E218A1DFC93CBE257EA0E7112F0729590CCEE21178968251BA20E7601337A8B532BC21940A7090095C9AAB79935263B33E63C605380FBCE0E5BE909B025D6C2DE05FD6253D3B4D204CE1767351EBADF6E602C5F39E5546C7C59495B56F2C3C69065EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452A2D97226D213B5558EDD5E5BE2F6E6676CDCBD24B6C912CBDD5D2196A07B1D86FC6BB1D1D336EFFE2BBE1FBC3867CCF4B075BAE60C956A4A3715EAB4DFD136D8D7612ED237731A8E3D00A9062526DA614F6D51BA8C3FFD0AEF4196F55E75C71B4E44A907F454C55F4351D094F80BE408BB8CC675D88CA12E3E6730534BF74027F477992B6E54171F4E13110E64A3E70B2AD0C04090B54D709643289EDADC30E92391D8D407E7DA8E3B5BCE6A1E6C09A495EBCB1B5DE41B1C3542D3F7441F4C63F45F24EBA973FC062471CD77DDD90E9D3DC356D4E63CCD911A076AD7432A6D2AC9DF9BAABFD28FEE6CD1BA5563D2E1D52171B595DE4E47C58667880817DF10E8C64646233CD249C7382EA3F7EE3394400A439ED57524104004EF2F280494D559D4FA0DB693350423706A7929474757E400B9ADE362B9549CDA5DC3AAD11204CF9E983C1FBD313D26C21E1485B45481DD518AE1E061FDE28D1DA20C554B95023115EE07E6B7EE170CA0972E7E86128E5C111FA043AE55B0551C67B5C341CE5DF46B0102EE820FD724BED4E4D78D299DA195162ED48E98554CEE84526586E448A99B0826692221684D160E3BA91F3A7086F7BFB833C7930D5FF189D3FBF2ED15F060EDD15F9EACD681E328976316D8EE7517A1CE502586B70EC3B8951FE2F9BF7F3A53C52C87AA55C9A9C144C24E8923ED14F6E1F1F3A3586EC609D1B8B487E21FEC0A2800690ABA432DAA6F5DAAC93D82D62A4CB0871597A6A3A3A8094D0EBFAB019C015E5CACFEA1F5672D1E11888F5C0860C7FBB676C174C369A0A013F43C984343BE9F7668422A513171BFE9A69035966C74155CD64527D76AA0E7F2196069C26F33EDD607443852731753237D5A5C35D85491D63B3824516E7598DACC5938D444914A9C47ECB9CB4FDEBDAF562EB55863505A091CD0E1696F4F43C0D3783110987688EB5AC430591AE7B70472ECB7BBFDB3AFD8636AEE9A1D42481AE7B197D1795C50EEE67932D45BBBCE1A829EEE5CCCAE21B1F287E923D8C761E3359EBEBA25A69DD1065EEAE2CEC262EF2EED79FC2AD115811EC9"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(688)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
- - - - - - - > 'explorer.exe'(1228)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\oodag.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-09-08 11:48:03 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-08 09:48
ComboFix2.txt 2010-09-07 13:55
Před spuštěním: Volných bajtů: 794 944 536 576
Po spuštění: Volných bajtů: 794 937 774 080
- - End Of File - - 77096C3763B0374E90B74EB1E6DC77AC
Re: Prosím o kontrolu logu
Tak jeste jeden skript pro ComboFix - postup je opet stejny - log pak sem
Kód: Vybrat vše
Netsvc::
Akamai
Folder::
c:\program files\Common Files\Akamai
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1040:TCP"=-"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
Log po aplikaci scriptu:
ComboFix 10-09-07.01 - Uživatel 08.09.2010 12:11:22.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3326.2833 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Uživatel\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Common Files\Akamai
c:\program files\Common Files\Akamai\AdminTool.exe
c:\program files\Common Files\Akamai\appregistry.dat
c:\program files\Common Files\Akamai\client.ini
c:\program files\Common Files\Akamai\client.ini.json
c:\program files\Common Files\Akamai\data.dat
c:\program files\Common Files\Akamai\debug.log
c:\program files\Common Files\Akamai\euc_state.json
c:\program files\Common Files\Akamai\guid.ini
c:\program files\Common Files\Akamai\installer.txt
c:\program files\Common Files\Akamai\Readme.txt
c:\program files\Common Files\Akamai\root.pem
c:\program files\Common Files\Akamai\rswin_3745.dll
c:\program files\Common Files\Akamai\rswinui.exe
c:\program files\Common Files\Akamai\uninstall.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-08 do 2010-09-08 )))))))))))))))))))))))))))))))
.
2010-09-07 11:02 . 2010-09-07 11:02 -------- d-----w- c:\program files\trend micro
2010-09-07 11:01 . 2010-09-07 11:02 -------- d-----w- C:\rsit
2010-09-04 19:12 . 2010-09-04 19:12 1848 ---ha-w- C:\aaw7boot.cmd
2010-09-04 13:47 . 2010-09-04 13:47 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-08-28 17:48 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2010-08-28 17:48 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-08-28 17:48 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-08-28 17:48 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-08-28 17:48 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2010-08-28 17:48 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2010-08-28 17:48 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\divx.dll
2010-08-28 17:48 . 2009-06-02 16:11 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-08-28 17:48 . 2010-08-28 17:48 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-08-28 16:51 . 2010-08-28 16:51 -------- d-----w- c:\program files\Webteh
2010-08-27 18:14 . 2010-08-27 18:14 -------- d-----w- c:\program files\FreeTime
2010-08-14 09:17 . 2010-08-14 09:17 -------- d-----w- c:\program files\Common Files\Skype
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-06 16:00 . 2010-07-21 14:09 -------- d-----w- c:\program files\World of Warcraft
2010-08-30 12:32 . 2009-08-29 13:43 -------- d-----w- c:\program files\TrackMania Nations ESWC
2010-08-27 14:07 . 2009-11-14 19:47 -------- d-----w- c:\program files\Steam
2010-08-14 20:19 . 2009-07-29 13:04 -------- d-----r- c:\program files\Skype
2010-07-28 09:05 . 2009-08-08 08:17 -------- d-----w- c:\program files\Electronic Arts
2010-07-25 18:45 . 2010-06-21 13:15 -------- d-----w- c:\program files\Ubisoft
2010-07-25 18:45 . 2009-07-28 14:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-21 15:01 . 2009-08-26 15:15 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-06-30 19:44 . 2010-06-30 19:44 29696 ----a-w- c:\windows\mickey32.dll
2010-06-30 19:44 . 2010-06-30 19:44 232784 ----a-w- c:\windows\Matrix Code.scr
2010-06-30 19:44 . 2010-06-30 19:44 2285222 ----a-w- c:\windows\Matrix Code.exe
2010-06-19 16:05 . 2001-10-25 12:00 79062 ----a-w- c:\windows\system32\perfc005.dat
2010-06-19 16:05 . 2001-10-25 12:00 432004 ----a-w- c:\windows\system32\perfh005.dat
2010-06-18 16:38 . 2010-06-16 13:05 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-18 16:37 . 2010-06-16 13:05 215016 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-18 16:13 . 2010-06-16 13:05 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-18 16:13 . 2010-06-18 16:13 2427248 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2010-06-16 13:05 . 2009-07-30 06:24 669184 ----a-w- c:\windows\system32\pbsvc.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-09-07_13.53.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-08 09:44 . 2010-09-08 09:44 16384 c:\windows\Temp\Perflib_Perfdata_530.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-21 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-02-21 110696]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2006-04-19 9125888]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-09-04 2524416]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-3 813584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Uživatel^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2006-04-19 15:40 9125888 ----a-w- c:\program files\Intel Audio Studio\IntelAudioStudio.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-02-21 22:35 13670504 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-02-21 22:35 110696 ----a-w- c:\windows\system32\nvmctray.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\TrackMania United\\TmUnited.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [6.2.2009 14:24 93336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 14:23 727720]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.9.2009 18:05 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.7.2009 14:07 717296]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2009-11-08 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8249561313.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2opk9ugp.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-Akamai - c:\program files\Common Files\Akamai\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-08 12:15
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"7B97E000527E10F478A01C92247B8F4E"="c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Game\\Localized\\Video\\Hungarian\\"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="8447941B6B7E587F710CBD71492D37DF9B5EB7F41D194F4D4BAE67598CF9F7CEB7E25B2E4253B144A129DDA09FCAA0F3A6D357CCC614D89FFACA059D7661FAB4EA8681C72F6DA20221200F43AC122108547146612FE9894B2D410571120F0D478B02B570375BA9E218A1DFC93CBE257EA0E7112F0729590CCEE21178968251BA20E7601337A8B532BC21940A7090095C9AAB79935263B33E63C605380FBCE0E5BE909B025D6C2DE05FD6253D3B4D204CE1767351EBADF6E602C5F39E5546C7C59495B56F2C3C69065EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452A2D97226D213B5558EDD5E5BE2F6E6676CDCBD24B6C912CBDD5D2196A07B1D86FC6BB1D1D336EFFE2BBE1FBC3867CCF4B075BAE60C956A4A3715EAB4DFD136D8D7612ED237731A8E3D00A9062526DA614F6D51BA8C3FFD0AEF4196F55E75C71B4E44A907F454C55F4351D094F80BE408BB8CC675D88CA12E3E6730534BF74027F477992B6E54171F4E13110E64A3E70B2AD0C04090B54D709643289EDADC30E92391D8D407E7DA8E3B5BCE6A1E6C09A495EBCB1B5DE41B1C3542D3F7441F4C63F45F24EBA973FC062471CD77DDD90E9D3DC356D4E63CCD911A076AD7432A6D2AC9DF9BAABFD28FEE6CD1BA5563D2E1D52171B595DE4E47C58667880817DF10E8C64646233CD249C7382EA3F7EE3394400A439ED57524104004EF2F280494D559D4FA0DB693350423706A7929474757E400B9ADE362B9549CDA5DC3AAD11204CF9E983C1FBD313D26C21E1485B45481DD518AE1E061FDE28D1DA20C554B95023115EE07E6B7EE170CA0972E7E86128E5C111FA043AE55B0551C67B5C341CE5DF46B0102EE820FD724BED4E4D78D299DA195162ED48E98554CEE84526586E448A99B0826692221684D160E3BA91F3A7086F7BFB833C7930D5FF189D3FBF2ED15F060EDD15F9EACD681E328976316D8EE7517A1CE502586B70EC3B8951FE2F9BF7F3A53C52C87AA55C9A9C144C24E8923ED14F6E1F1F3A3586EC609D1B8B487E21FEC0A2800690ABA432DAA6F5DAAC93D82D62A4CB0871597A6A3A3A8094D0EBFAB019C015E5CACFEA1F5672D1E11888F5C0860C7FBB676C174C369A0A013F43C984343BE9F7668422A513171BFE9A69035966C74155CD64527D76AA0E7F2196069C26F33EDD607443852731753237D5A5C35D85491D63B3824516E7598DACC5938D444914A9C47ECB9CB4FDEBDAF562EB55863505A091CD0E1696F4F43C0D3783110987688EB5AC430591AE7B70472ECB7BBFDB3AFD8636AEE9A1D42481AE7B197D1795C50EEE67932D45BBBCE1A829EEE5CCCAE21B1F287E923D8C761E3359EBEBA25A69DD1065EEAE2CEC262EF2EED79FC2AD115811EC9"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(688)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2010-09-08 12:17:32
ComboFix-quarantined-files.txt 2010-09-08 10:17
ComboFix2.txt 2010-09-08 09:48
ComboFix3.txt 2010-09-07 13:55
Před spuštěním: Volných bajtů: 794 925 780 992
Po spuštění: Volných bajtů: 794 911 649 792
- - End Of File - - FAD62B9A56C73FB7C0235F7F4E60EB4E
ComboFix 10-09-07.01 - Uživatel 08.09.2010 12:11:22.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.3326.2833 [GMT 2:00]
Spuštěný z: c:\documents and settings\Uživatel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Uživatel\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Common Files\Akamai
c:\program files\Common Files\Akamai\AdminTool.exe
c:\program files\Common Files\Akamai\appregistry.dat
c:\program files\Common Files\Akamai\client.ini
c:\program files\Common Files\Akamai\client.ini.json
c:\program files\Common Files\Akamai\data.dat
c:\program files\Common Files\Akamai\debug.log
c:\program files\Common Files\Akamai\euc_state.json
c:\program files\Common Files\Akamai\guid.ini
c:\program files\Common Files\Akamai\installer.txt
c:\program files\Common Files\Akamai\Readme.txt
c:\program files\Common Files\Akamai\root.pem
c:\program files\Common Files\Akamai\rswin_3745.dll
c:\program files\Common Files\Akamai\rswinui.exe
c:\program files\Common Files\Akamai\uninstall.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-08 do 2010-09-08 )))))))))))))))))))))))))))))))
.
2010-09-07 11:02 . 2010-09-07 11:02 -------- d-----w- c:\program files\trend micro
2010-09-07 11:01 . 2010-09-07 11:02 -------- d-----w- C:\rsit
2010-09-04 19:12 . 2010-09-04 19:12 1848 ---ha-w- C:\aaw7boot.cmd
2010-09-04 13:47 . 2010-09-04 13:47 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-08-28 17:48 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2010-08-28 17:48 . 2009-05-29 21:37 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2010-08-28 17:48 . 2009-05-29 21:31 881664 ----a-w- c:\windows\system32\xvidcore.dll
2010-08-28 17:48 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-08-28 17:48 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2010-08-28 17:48 . 2008-11-06 16:37 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2010-08-28 17:48 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\divx.dll
2010-08-28 17:48 . 2009-06-02 16:11 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-08-28 17:48 . 2010-08-28 17:48 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-08-28 16:51 . 2010-08-28 16:51 -------- d-----w- c:\program files\Webteh
2010-08-27 18:14 . 2010-08-27 18:14 -------- d-----w- c:\program files\FreeTime
2010-08-14 09:17 . 2010-08-14 09:17 -------- d-----w- c:\program files\Common Files\Skype
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-06 16:00 . 2010-07-21 14:09 -------- d-----w- c:\program files\World of Warcraft
2010-08-30 12:32 . 2009-08-29 13:43 -------- d-----w- c:\program files\TrackMania Nations ESWC
2010-08-27 14:07 . 2009-11-14 19:47 -------- d-----w- c:\program files\Steam
2010-08-14 20:19 . 2009-07-29 13:04 -------- d-----r- c:\program files\Skype
2010-07-28 09:05 . 2009-08-08 08:17 -------- d-----w- c:\program files\Electronic Arts
2010-07-25 18:45 . 2010-06-21 13:15 -------- d-----w- c:\program files\Ubisoft
2010-07-25 18:45 . 2009-07-28 14:09 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-21 15:01 . 2009-08-26 15:15 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-06-30 19:44 . 2010-06-30 19:44 29696 ----a-w- c:\windows\mickey32.dll
2010-06-30 19:44 . 2010-06-30 19:44 232784 ----a-w- c:\windows\Matrix Code.scr
2010-06-30 19:44 . 2010-06-30 19:44 2285222 ----a-w- c:\windows\Matrix Code.exe
2010-06-19 16:05 . 2001-10-25 12:00 79062 ----a-w- c:\windows\system32\perfc005.dat
2010-06-19 16:05 . 2001-10-25 12:00 432004 ----a-w- c:\windows\system32\perfh005.dat
2010-06-18 16:38 . 2010-06-16 13:05 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-18 16:37 . 2010-06-16 13:05 215016 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-18 16:13 . 2010-06-16 13:05 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-18 16:13 . 2010-06-18 16:13 2427248 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2010-06-16 13:05 . 2009-07-30 06:24 669184 ----a-w- c:\windows\system32\pbsvc.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-09-07_13.53.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-09-08 09:44 . 2010-09-08 09:44 16384 c:\windows\Temp\Perflib_Perfdata_530.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-02-21 13670504]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-02-21 110696]
"IntelAudioStudio"="c:\program files\Intel Audio Studio\IntelAudioStudio.exe" [2006-04-19 9125888]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-09-04 2524416]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-12-3 813584]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 10:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hp psc 1000 series.lnk
backup=c:\windows\pss\hp psc 1000 series.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\hpoddt01.exe.lnk
backup=c:\windows\pss\hpoddt01.exe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Uživatel^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Uživatel\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2006-04-19 15:40 9125888 ----a-w- c:\program files\Intel Audio Studio\IntelAudioStudio.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
2009-06-17 16:55 55824 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-02-21 22:35 13670504 ----a-w- c:\windows\system32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-02-21 22:35 110696 ----a-w- c:\windows\system32\nvmctray.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\wamp\\bin\\apache\\Apache2.2.11\\bin\\httpd.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\TrackMania United\\TmUnited.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\AssassinsCreedII.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed II\\UPlayBrowser.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Electronic Arts\\Need For Speed World\\Data\\nfsw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [6.2.2009 14:24 93336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 14:23 727720]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [23.9.2009 18:05 133104]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.7.2009 14:07 717296]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'
2009-11-08 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1200 series5E771253C1676EBED677BF361FDFC537825E15B8249561313.job
- c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Uživatel\Data aplikací\Mozilla\Firefox\Profiles\2opk9ugp.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-Akamai - c:\program files\Common Files\Akamai\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-08 12:15
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\•€|˙˙˙˙"•€|ţ»Ów*]
"7B97E000527E10F478A01C92247B8F4E"="c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Game\\Localized\\Video\\Hungarian\\"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="8447941B6B7E587F710CBD71492D37DF9B5EB7F41D194F4D4BAE67598CF9F7CEB7E25B2E4253B144A129DDA09FCAA0F3A6D357CCC614D89FFACA059D7661FAB4EA8681C72F6DA20221200F43AC122108547146612FE9894B2D410571120F0D478B02B570375BA9E218A1DFC93CBE257EA0E7112F0729590CCEE21178968251BA20E7601337A8B532BC21940A7090095C9AAB79935263B33E63C605380FBCE0E5BE909B025D6C2DE05FD6253D3B4D204CE1767351EBADF6E602C5F39E5546C7C59495B56F2C3C69065EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933C038D530D6EB3452A2D97226D213B5558EDD5E5BE2F6E6676CDCBD24B6C912CBDD5D2196A07B1D86FC6BB1D1D336EFFE2BBE1FBC3867CCF4B075BAE60C956A4A3715EAB4DFD136D8D7612ED237731A8E3D00A9062526DA614F6D51BA8C3FFD0AEF4196F55E75C71B4E44A907F454C55F4351D094F80BE408BB8CC675D88CA12E3E6730534BF74027F477992B6E54171F4E13110E64A3E70B2AD0C04090B54D709643289EDADC30E92391D8D407E7DA8E3B5BCE6A1E6C09A495EBCB1B5DE41B1C3542D3F7441F4C63F45F24EBA973FC062471CD77DDD90E9D3DC356D4E63CCD911A076AD7432A6D2AC9DF9BAABFD28FEE6CD1BA5563D2E1D52171B595DE4E47C58667880817DF10E8C64646233CD249C7382EA3F7EE3394400A439ED57524104004EF2F280494D559D4FA0DB693350423706A7929474757E400B9ADE362B9549CDA5DC3AAD11204CF9E983C1FBD313D26C21E1485B45481DD518AE1E061FDE28D1DA20C554B95023115EE07E6B7EE170CA0972E7E86128E5C111FA043AE55B0551C67B5C341CE5DF46B0102EE820FD724BED4E4D78D299DA195162ED48E98554CEE84526586E448A99B0826692221684D160E3BA91F3A7086F7BFB833C7930D5FF189D3FBF2ED15F060EDD15F9EACD681E328976316D8EE7517A1CE502586B70EC3B8951FE2F9BF7F3A53C52C87AA55C9A9C144C24E8923ED14F6E1F1F3A3586EC609D1B8B487E21FEC0A2800690ABA432DAA6F5DAAC93D82D62A4CB0871597A6A3A3A8094D0EBFAB019C015E5CACFEA1F5672D1E11888F5C0860C7FBB676C174C369A0A013F43C984343BE9F7668422A513171BFE9A69035966C74155CD64527D76AA0E7F2196069C26F33EDD607443852731753237D5A5C35D85491D63B3824516E7598DACC5938D444914A9C47ECB9CB4FDEBDAF562EB55863505A091CD0E1696F4F43C0D3783110987688EB5AC430591AE7B70472ECB7BBFDB3AFD8636AEE9A1D42481AE7B197D1795C50EEE67932D45BBBCE1A829EEE5CCCAE21B1F287E923D8C761E3359EBEBA25A69DD1065EEAE2CEC262EF2EED79FC2AD115811EC9"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(688)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2010-09-08 12:17:32
ComboFix-quarantined-files.txt 2010-09-08 10:17
ComboFix2.txt 2010-09-08 09:48
ComboFix3.txt 2010-09-07 13:55
Před spuštěním: Volných bajtů: 794 925 780 992
Po spuštění: Volných bajtů: 794 911 649 792
- - End Of File - - FAD62B9A56C73FB7C0235F7F4E60EB4E
Re: Prosím o kontrolu logu
Jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
Až na to že se mi na ploše zase objevila ikona Internet Exploreru 
nic neobvyklého nepozoruju
nic neobvyklého nepozorujuRe: Prosím o kontrolu logu
Jak tomu obnoveni ikonky mam rozumet? Vy jste ji z plochy smazal umyslne? je mozne ze ji CF obnovil...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
už přesně nevím jak jsem to udělal ale nesmazal jsem ji - myslím že v nejakém nastavení plochy jsem nastavil, aby se nezobrazovala
Edit: pravýp tlačitkem na plochu-vlastnosti-záložka plocha-vlastní nastavení plochy
Edit: pravýp tlačitkem na plochu-vlastnosti-záložka plocha-vlastní nastavení plochy
Naposledy upravil(a) franta05 dne 08 zář 2010 11:50, celkem upraveno 1 x.
Re: Prosím o kontrolu logu
Asi vim co myslite, ovsem tez si nevybavuji kde se to meni...kdyztak si ji smazte kdyz Vas irituje Nebo na to nahodne narazite a zmenite na nezobrazovat
Odinstalujte Combofix
T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič
Vlozte novy log ze RSITu
Nebo na to nahodne narazite a zmenite na nezobrazovat Odinstalujte Combofix
- Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
- Napiste ComboFix /Uninstall
- Stisknete Enter
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaruPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Vlozte novy log ze RSITu"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.08 (written by random/random)
Run by Uživatel at 2010-09-08 13:40:37
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 763 GB (80%) free of 954 GB
Total RAM: 3326 MB (84% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:40:43, on 8.9.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Uživatel\Dokumenty\Stáhnuto\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" BOOT
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\acaptuser32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
--
End of file - 6280 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1249561313.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-21 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-21 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-02-22 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-02-22 110696]
"IntelAudioStudio"=C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe [2006-04-19 9125888]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2008-09-04 2524416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe [2006-04-19 9125888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2010-02-22 13670504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2010-02-22 110696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpohmr08.exe [2003-04-06 147456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpotdd01.exe [2003-04-06 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Uživatel^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\acaptuser32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 72208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Disabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe"="C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\TrackMania United\TmUnited.exe"="C:\Program Files\TrackMania United\TmUnited.exe:*:Enabled:TmUnited"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"C:\Documents and Settings\All Users\Data aplikací\Electronic Arts\Need For Speed World\Data\nfsw.exe"="C:\Documents and Settings\All Users\Data aplikací\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-09-08 13:40:37 ----D---- C:\rsit
2010-09-08 13:38:05 ----D---- C:\Program Files\CCleaner
2010-09-08 13:07:55 ----SHD---- C:\RECYCLER
2010-09-07 15:16:05 ----A---- C:\Boot.bak
2010-09-07 15:15:57 ----RASHD---- C:\cmdcons
2010-09-07 15:10:53 ----D---- C:\WINDOWS\ERDNT
2010-09-07 13:02:00 ----D---- C:\Program Files\trend micro
2010-09-04 21:12:32 ----AH---- C:\aaw7boot.cmd
2010-08-29 14:48:50 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\HighAndes
2010-08-29 14:48:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\HighAndes
2010-08-28 19:48:31 ----A---- C:\WINDOWS\system32\unrar.dll
2010-08-28 19:48:30 ----A---- C:\WINDOWS\avisplitter.ini
2010-08-28 19:48:27 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2010-08-28 19:48:27 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-08-28 19:48:27 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-08-28 19:48:26 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2010-08-28 19:48:26 ----A---- C:\WINDOWS\system32\dpl100.dll
2010-08-28 19:48:15 ----A---- C:\WINDOWS\system32\divx.dll
2010-08-28 19:48:13 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-08-28 19:48:13 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-08-28 19:48:11 ----D---- C:\Program Files\K-Lite Codec Pack
2010-08-28 18:51:37 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\BSplayer Pro
2010-08-28 18:51:20 ----D---- C:\Program Files\Webteh
2010-08-27 20:14:01 ----D---- C:\Program Files\FreeTime
2010-08-14 11:17:36 ----D---- C:\Program Files\Common Files\Skype
======List of files/folders modified in the last 1 months======
2010-09-08 13:38:35 ----D---- C:\WINDOWS
2010-09-08 13:38:29 ----D---- C:\WINDOWS\Temp
2010-09-08 13:38:05 ----RD---- C:\Program Files
2010-09-08 13:30:31 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-09-08 13:30:18 ----D---- C:\WINDOWS\system32
2010-09-08 13:26:52 ----D---- C:\WINDOWS\Prefetch
2010-09-08 13:06:47 ----D---- C:\Program Files\Common Files
2010-09-08 13:05:59 ----SHD---- C:\System Volume Information
2010-09-08 13:05:53 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-08 12:16:02 ----A---- C:\WINDOWS\system.ini
2010-09-08 12:15:54 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-08 12:13:49 ----D---- C:\WINDOWS\system32\drivers
2010-09-08 12:13:49 ----D---- C:\WINDOWS\AppPatch
2010-09-08 11:42:35 ----D---- C:\WINDOWS\system32\config
2010-09-08 11:42:07 ----SD---- C:\WINDOWS\Tasks
2010-09-08 10:07:13 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2010-09-08 09:52:27 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\skypePM
2010-09-07 15:28:41 ----D---- C:\WINDOWS\Config
2010-09-07 15:16:06 ----RASH---- C:\boot.ini
2010-09-07 13:49:56 ----D---- C:\WINDOWS\system32\LogFiles
2010-09-06 19:40:40 ----A---- C:\WINDOWS\NeroDigital.ini
2010-09-06 18:20:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-09-06 18:00:15 ----D---- C:\Program Files\World of Warcraft
2010-09-05 12:06:43 ----D---- C:\Config.Msi
2010-09-04 23:34:28 ----SHD---- C:\WINDOWS\Installer
2010-09-04 23:34:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-09-04 23:34:01 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-04 15:36:03 ----HD---- C:\WINDOWS\inf
2010-09-04 14:59:23 ----D---- C:\WINDOWS\WinSxS
2010-08-30 14:32:31 ----D---- C:\Program Files\TrackMania Nations ESWC
2010-08-28 18:59:51 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\DivX
2010-08-27 16:07:35 ----D---- C:\Program Files\Steam
2010-08-14 22:19:37 ----RD---- C:\Program Files\Skype
2010-08-14 11:17:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-08-10 22:17:03 ----D---- C:\WINDOWS\system32\oodag
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-07-29 717296]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-08-06 82380]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-02-06 93336]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-08-23 279712]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-08-23 25888]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-01-12 163328]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2009-06-17 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2009-06-17 28560]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-02-22 10231936]
R3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-12-02 41728]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-03-20 1156648]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-04-07 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-04-07 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-04-07 21456]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-06-03 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-06-03 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-06-03 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-06-03 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-06-03 79488]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2009-06-17 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2009-06-17 79248]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-21 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-02-22 154216]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-09-04 1295616]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-06-18 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-06-18 215016]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-23 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-04-17 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-04-07 65795]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Uživatel at 2010-09-08 13:40:37
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 763 GB (80%) free of 954 GB
Total RAM: 3326 MB (84% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:40:43, on 8.9.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Uživatel\Dokumenty\Stáhnuto\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IntelAudioStudio] "C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe" BOOT
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\acaptuser32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe
--
End of file - 6280 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1249561313.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-21 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-21 73728]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-02-22 13670504]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-02-22 110696]
"IntelAudioStudio"=C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe [2006-04-19 9125888]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2008-09-04 2524416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe [2006-04-19 9125888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]
C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2010-02-22 13670504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2010-02-22 110696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpohmr08.exe [2003-04-06 147456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
C:\PROGRA~1\HEWLET~1\DIGITA~1\bin\hpotdd01.exe [2003-04-06 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Uživatel^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2006-10-26 98632]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\acaptuser32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 72208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Disabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe"="C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe"="C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe"="C:\Program Files\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\World of Warcraft\Launcher.exe"="C:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\TrackMania United\TmUnited.exe"="C:\Program Files\TrackMania United\TmUnited.exe:*:Enabled:TmUnited"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe"="C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="C:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe"="C:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"C:\Documents and Settings\All Users\Data aplikací\Electronic Arts\Need For Speed World\Data\nfsw.exe"="C:\Documents and Settings\All Users\Data aplikací\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-09-08 13:40:37 ----D---- C:\rsit
2010-09-08 13:38:05 ----D---- C:\Program Files\CCleaner
2010-09-08 13:07:55 ----SHD---- C:\RECYCLER
2010-09-07 15:16:05 ----A---- C:\Boot.bak
2010-09-07 15:15:57 ----RASHD---- C:\cmdcons
2010-09-07 15:10:53 ----D---- C:\WINDOWS\ERDNT
2010-09-07 13:02:00 ----D---- C:\Program Files\trend micro
2010-09-04 21:12:32 ----AH---- C:\aaw7boot.cmd
2010-08-29 14:48:50 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\HighAndes
2010-08-29 14:48:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\HighAndes
2010-08-28 19:48:31 ----A---- C:\WINDOWS\system32\unrar.dll
2010-08-28 19:48:30 ----A---- C:\WINDOWS\avisplitter.ini
2010-08-28 19:48:27 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2010-08-28 19:48:27 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-08-28 19:48:27 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-08-28 19:48:26 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2010-08-28 19:48:26 ----A---- C:\WINDOWS\system32\dpl100.dll
2010-08-28 19:48:15 ----A---- C:\WINDOWS\system32\divx.dll
2010-08-28 19:48:13 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-08-28 19:48:13 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-08-28 19:48:11 ----D---- C:\Program Files\K-Lite Codec Pack
2010-08-28 18:51:37 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\BSplayer Pro
2010-08-28 18:51:20 ----D---- C:\Program Files\Webteh
2010-08-27 20:14:01 ----D---- C:\Program Files\FreeTime
2010-08-14 11:17:36 ----D---- C:\Program Files\Common Files\Skype
======List of files/folders modified in the last 1 months======
2010-09-08 13:38:35 ----D---- C:\WINDOWS
2010-09-08 13:38:29 ----D---- C:\WINDOWS\Temp
2010-09-08 13:38:05 ----RD---- C:\Program Files
2010-09-08 13:30:31 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-09-08 13:30:18 ----D---- C:\WINDOWS\system32
2010-09-08 13:26:52 ----D---- C:\WINDOWS\Prefetch
2010-09-08 13:06:47 ----D---- C:\Program Files\Common Files
2010-09-08 13:05:59 ----SHD---- C:\System Volume Information
2010-09-08 13:05:53 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-08 12:16:02 ----A---- C:\WINDOWS\system.ini
2010-09-08 12:15:54 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-08 12:13:49 ----D---- C:\WINDOWS\system32\drivers
2010-09-08 12:13:49 ----D---- C:\WINDOWS\AppPatch
2010-09-08 11:42:35 ----D---- C:\WINDOWS\system32\config
2010-09-08 11:42:07 ----SD---- C:\WINDOWS\Tasks
2010-09-08 10:07:13 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\Skype
2010-09-08 09:52:27 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\skypePM
2010-09-07 15:28:41 ----D---- C:\WINDOWS\Config
2010-09-07 15:16:06 ----RASH---- C:\boot.ini
2010-09-07 13:49:56 ----D---- C:\WINDOWS\system32\LogFiles
2010-09-06 19:40:40 ----A---- C:\WINDOWS\NeroDigital.ini
2010-09-06 18:20:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-09-06 18:00:15 ----D---- C:\Program Files\World of Warcraft
2010-09-05 12:06:43 ----D---- C:\Config.Msi
2010-09-04 23:34:28 ----SHD---- C:\WINDOWS\Installer
2010-09-04 23:34:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-09-04 23:34:01 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-04 15:36:03 ----HD---- C:\WINDOWS\inf
2010-09-04 14:59:23 ----D---- C:\WINDOWS\WinSxS
2010-08-30 14:32:31 ----D---- C:\Program Files\TrackMania Nations ESWC
2010-08-28 18:59:51 ----D---- C:\Documents and Settings\Uživatel\Data aplikací\DivX
2010-08-27 16:07:35 ----D---- C:\Program Files\Steam
2010-08-14 22:19:37 ----RD---- C:\Program Files\Skype
2010-08-14 11:17:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-08-10 22:17:03 ----D---- C:\WINDOWS\system32\oodag
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-04-27 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-07-29 717296]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2009-08-06 82380]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-02-06 93336]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-17 39936]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-08-23 279712]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-08-23 25888]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-01-12 163328]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2009-06-17 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2009-06-17 28560]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-02-22 10231936]
R3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-12-02 41728]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-03-20 1156648]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-04-07 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-04-07 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-04-07 21456]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2005-06-03 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2005-06-03 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2005-06-03 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2005-06-03 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2005-06-03 79488]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2009-06-17 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2009-06-17 79248]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-21 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-02-22 154216]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-09-04 1295616]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-06-18 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-06-18 215016]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-23 133104]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-04-17 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2003-04-07 65795]
S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe [2008-12-10 24636]
S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe [2009-06-17 6582912]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Prosím o kontrolu logu
Dekuji za info k te plose Jeste neco malo pro zrychleni chodu
Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R
- Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
services.msc- Kliknete na OK
- Najdete sluzby nize
- Google Update Service
Google Updater Service
Java Quick Starter - U kazde provedte toto
- Klik na ni pravym mysidlem a zvolit Vlastnosti
- Nyní klik na Zastavit
- Typ spousteni nastavit na Zakazano
- Potvrdte kliknutim na OK
Z logu je patrno, ze nemate aktualni verzi Windows - chybi Vam ServicePack 3 - doinstalujte jej
- Vice info mate zde http://www.viry.cz/forum/viewtopic.php?f=46&t=86100
Z logu je patrno, ze nepouzivate firewall - doporucuji doinstalovat
- k cemu je dobry http://www.viry.cz/forum/viewtopic.php?f=41&t=20980
- prehled osobnich firewallu http://www.viry.cz/forum/viewtopic.php?f=41&t=6523
Z logu je patrno, ze nemate aktualni verzi Internet Exploreru - aktualizujte jej
- Aktualizaci najdete zde (pod tlacitkem "Ke stazeni") http://www.microsoft.com/cze/windows/internet-explorer/
- Doporucuji vsak pouzivat alternativni prohlizece - vice zde http://www.viry.cz/forum/viewtopic.php?f=19&t=6116
Doporucuji aktualizaci programu - aktualizace Vam pohodlne pohlida programek FileHippo UpdateChecker - staci spustit cca jednou za 14 dni Jinak by to melo byt vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu
který program máte namysli?Doporucuji aktualizaci programu - aktualizace Vam pohodlne pohlida programek FileHippo UpdateChecker - staci spustit cca jednou za 14 dni
Google Update Service, Google Updater Service, Java Quick Starter jsem zakázal
Firewall mám jenom standartní Windowsácký - měl bych ho nejak odstranit před instalací lepšího?
Místo Internet Exploreru používám Mozillu Firefox
Přispějete na provoz fóra?