VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Pomalé PC

https://forum.viry.cz:443/viewtopic.php?t=108216

Stránka 1 z 1

Pomalé PC

Napsal: 06 led 2011 13:27
od Marce
Zdravím a mám prosbu na kontrolu logu. Děkuji moc.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Cervinka at 2011-01-06 13:21:00
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 15 GB (51%) free of 30 GB
Total RAM: 703 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:21:45, on 6.1.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\carpserv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\T-Mobile Communication Centre\Centre.exe
C:\Documents and Settings\Cervinka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Cervinka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Cervinka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Cervinka\Dokumenty\Downloads\hijackthis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Cervinka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Cervinka\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Cervinka\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Cervinka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = About:Blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile Communication Centre\Centre.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Cervinka\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://speedbar.myway.com/menusearch.html?p=MG1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3127692188
O16 - DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} (WebWatch Class) - http://mail.all-electronics.cz/ftpwebs/WinWebPush.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{93399117-930A-4EB3-82CC-CFE9D0092D54}: NameServer = 10.107.4.100,10.107.4.129
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 7939 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-706699826-854245398-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-706699826-854245398-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-05-15 335872]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-11-04 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-11-04 688218]
"RoxioEngineUtility"=C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe [2003-05-01 65536]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"CARPService"=C:\WINDOWS\system32\carpserv.exe [2003-11-08 4608]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-05-29 52840]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2007-10-07 125368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile Communication Centre\Centre.exe [2006-05-04 882752]
"Google Update"=C:\Documents and Settings\Cervinka\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-02-20 135664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-06-01 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe [2003-07-18 868352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2006-09-25 20053544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2007-10-07 43448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\alS06.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bkP16.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ckQ28.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dms74.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\emR16.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hqW52.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\irX63.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\kuA05.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\lvE44.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\muA84.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mwC27.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nvC06.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nvC17.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\oyE38.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Paf27.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\pyF28.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\qaF75.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Sdi38.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tcI30.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ueJ51.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ueK52.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Vek17.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wgm06.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wgM41.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xgM63.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xiO74.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xiP16.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\yjO84.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0xFF000000
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255
"NoDrives"=0
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE:*:Enabled:Microsoft Outlook"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-01-06 13:21:00 ----DC---- C:\rsit
2011-01-04 12:11:24 ----DC---- C:\Documents and Settings\Cervinka\Data aplikací\ESET
2011-01-04 10:01:45 ----DC---- C:\Documents and Settings\Cervinka\Data aplikací\uTorrent
2011-01-03 12:03:02 ----AC---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2011-01-03 11:50:48 ----DC---- C:\Program Files\Lavasoft
2011-01-01 22:39:37 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2011-01-01 22:39:05 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2011-01-01 22:38:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2011-01-01 22:37:17 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2011-01-01 22:36:39 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-01-01 22:34:36 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-01-01 22:29:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-01-01 22:28:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-01-01 22:28:05 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-01-01 22:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2011-01-01 22:24:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-01-01 22:24:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-01-01 22:23:41 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2011-01-01 22:21:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-01-01 22:21:19 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2011-01-01 22:15:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-01-01 22:15:06 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-01-01 22:14:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-01-01 22:12:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-01-01 22:11:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-01-01 22:11:29 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-01-01 22:10:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-01-01 22:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-01-01 22:07:02 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$
2011-01-01 17:13:06 ----C---- C:\WINDOWS\system32\browserchoice.exe
2010-12-31 13:20:26 ----DC---- C:\WINDOWS\ie8updates
2010-12-31 13:17:16 ----DC---- C:\WINDOWS\WBEM
2010-12-31 13:14:23 ----HDC---- C:\WINDOWS\ie8
2010-12-31 13:14:23 ----DC---- C:\WINDOWS\system32\cs-CZ
2010-12-20 17:23:57 ----DC---- C:\Trailery
2010-12-20 17:23:57 ----DC---- C:\Program Files\MEDIA TRADE

======List of files/folders modified in the last 1 months======

2011-01-06 13:21:45 ----DC---- C:\Program Files\Trend Micro
2011-01-06 13:21:14 ----DC---- C:\Temp
2011-01-06 13:21:07 ----DC---- C:\WINDOWS\Prefetch
2011-01-06 13:03:54 ----DC---- C:\WINDOWS\Debug
2011-01-06 13:03:54 ----DC---- C:\WINDOWS
2011-01-06 12:57:23 ----RDC---- C:\Program Files
2011-01-06 08:32:05 ----DC---- C:\Program Files\Symantec AntiVirus
2011-01-04 21:49:19 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-01-04 15:45:23 ----DC---- C:\WINDOWS\system32
2011-01-04 15:45:12 ----DC---- C:\Program Files\QuickTime
2011-01-04 14:40:51 ----SHDC---- C:\WINDOWS\Installer
2011-01-04 14:39:46 ----HDC---- C:\WINDOWS\inf
2011-01-04 14:39:44 ----DC---- C:\WINDOWS\temp
2011-01-04 14:39:44 ----DC---- C:\WINDOWS\system32\drivers
2011-01-04 14:39:03 ----DC---- C:\WINDOWS\system32\CatRoot2
2011-01-04 13:47:28 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2011-01-04 13:47:13 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-01-04 13:20:53 ----SDC---- C:\WINDOWS\Tasks
2011-01-04 00:48:47 ----DC---- C:\!KillBox
2011-01-03 11:50:23 ----DC---- C:\WINDOWS\WinSxS
2011-01-03 11:49:41 ----DC---- C:\Program Files\Common Files\Wise Installation Wizard
2011-01-03 10:59:21 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-01 22:39:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-01 22:38:56 ----HDC---- C:\WINDOWS\$hf_mig$
2011-01-01 22:25:31 ----DC---- C:\Program Files\Movie Maker
2011-01-01 22:14:30 ----DC---- C:\Program Files\Outlook Express
2011-01-01 22:05:04 ----C---- C:\WINDOWS\win.ini
2011-01-01 16:31:07 ----DC---- C:\Program Files\Nokia
2011-01-01 16:29:53 ----HDC---- C:\Program Files\InstallShield Installation Information
2011-01-01 16:22:08 ----DC---- C:\Program Files\IrfanView
2010-12-31 13:45:51 ----DC---- C:\Program Files\Internet Explorer
2010-12-31 13:45:50 ----DC---- C:\WINDOWS\Help
2010-12-31 13:17:44 ----DC---- C:\WINDOWS\system32\config
2010-12-31 13:16:56 ----DC---- C:\WINDOWS\Media
2010-12-30 21:18:16 ----DC---- C:\Program Files\Common Files\Nokia
2010-12-30 21:18:16 ----DC---- C:\Program Files\Common Files
2010-12-30 21:12:36 ----DC---- C:\Program Files\ISYS_sachty
2010-12-30 20:57:04 ----SDC---- C:\Documents and Settings\Cervinka\Data aplikací\Microsoft
2010-12-30 20:57:03 ----DC---- C:\Garmin
2010-12-30 20:55:36 ----DC---- C:\Program Files\a-squared Free
2010-12-24 08:12:00 ----SHD---- C:\WINDOWS\CSC
2010-12-08 21:34:08 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-18 61056]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2003-07-16 66992]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2003-07-16 24698]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2006-09-21 259456]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2003-07-18 118409]
R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-08-27 189320]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2003-07-18 213120]
R2 Ethpdrv;Ethernet Packet Driver; C:\WINDOWS\system32\DRIVERS\ethpdrv.sys [2005-09-08 9728]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-11-08 11043]
R2 StreamDispatcher;StreamDispatcher; C:\WINDOWS\system32\DRIVERS\strmdisp.sys [2003-11-08 30592]
R3 ALiIRDA;ALi Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\alifir.sys [2001-08-17 26624]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-05-15 701952]
R3 CALIAUD;Conexant AMC 3D ENVIRONMENTAL AUDIO; C:\WINDOWS\system32\drivers\caliaud.sys [2002-11-05 291328]
R3 CALIHALA;CALIHALA; C:\WINDOWS\system32\drivers\calihal.sys [2002-11-05 244608]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 FA312;NETGEAR FA330/FA312/FA311 Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\FA312nd5.sys [2001-08-17 16074]
R3 GT43XX;GT Combo 802.11g Wireless LAN Adapter Driver GT43XX; C:\WINDOWS\system32\DRIVERS\gtwl5.sys [2005-01-28 266496]
R3 GTEDGWModem;Option NV GTEDGWModem; C:\WINDOWS\system32\DRIVERS\GTEDG.sys [2005-01-28 107904]
R3 GTEDGWWNIC;Option NV GTEDGWWNIC; C:\WINDOWS\system32\DRIVERS\GTEDGNet.sys [2005-01-28 52864]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-08 1063040]
R3 HSFHWALI;HSFHWALI; C:\WINDOWS\system32\DRIVERS\HSFHWALI.sys [2003-11-08 179712]
R3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2003-07-18 22745]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110103.001\naveng.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110103.001\navex15.sys []
R3 odysseyIM4;Odyssey Network Agent Miniport; C:\WINDOWS\system32\DRIVERS\odysseyIM4.sys [2004-06-15 173056]
R3 OptionWWSC;GT Combo EDGE SIM Card Reader; C:\WINDOWS\system32\DRIVERS\GTEDGSC.sys [2005-01-28 21888]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-02-11 14572]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-11-04 186016]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-18 20480]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-08 631296]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S3 aliadwdm;Ovladač WDM urychlovače zpracování zvuku ALi; C:\WINDOWS\system32\drivers\ac97ali.sys [2004-08-03 231552]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
S3 BIFLAK;BIFLAK; \??\C:\PCINFO\biflak.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2003-07-18 21993]
S3 ipw_bus;IPWireless; C:\WINDOWS\system32\DRIVERS\ipw_bus.sys [2005-09-27 58320]
S3 ipw_mdfl;Wireless Broadband Modem Filter; C:\WINDOWS\system32\DRIVERS\ipw_mdfl.sys [2005-09-27 8272]
S3 ipw_mdm;Wireless Broadband Modem (WDM); C:\WINDOWS\system32\DRIVERS\ipw_mdm.sys [2005-09-27 95440]
S3 IpwP;IPWireless 3G PCMCIA Network Adapter; C:\WINDOWS\system32\DRIVERS\ipwpnet.sys [2005-07-30 43184]
S3 kvpndev;Kerio VPN adapter; C:\WINDOWS\system32\DRIVERS\kvpndrv.sys [2006-01-23 59392]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-08-27 23944]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2007-05-29 192104]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2007-05-29 169576]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2007-10-07 31160]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2007-10-07 116664]
R2 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2007-07-26 1181016]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2007-10-07 1822648]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2001-05-01 53248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-08-28 2999664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2007-08-27 214408]

-----------------EOF-----------------

Re: Pomalé PC

Napsal: 06 led 2011 14:49
od JaRon
odinstaluj SpyBot aj Ad-ware - oba uz patria do historie ,,,
nainstaluj SUPERAntiSpyware a vycisti nim PC

Re: Pomalé PC

Napsal: 07 led 2011 09:44
od Marce
Postupovala jsem dle rady, odinstalovala staré antivir. programy, nainstalovala SuperAntispyreware, spustila kompletní scan, vyčistila a pořád je to pomalé. Přikládám scan a děkuji za tip.

Marce

Logfile of random's system information tool 1.08 (written by random/random)
Run by Cervinka at 2011-01-07 09:36:35
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 16 GB (52%) free of 30 GB
Total RAM: 703 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:37:26, on 7.1.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\carpserv.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\T-Mobile Communication Centre\Centre.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\Cervinka\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Cervinka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = About:Blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files\T-Mobile Communication Centre\Centre.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Cervinka\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://speedbar.myway.com/menusearch.html?p=MG1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3127692188
O16 - DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} (WebWatch Class) - http://mail.all-electronics.cz/ftpwebs/WinWebPush.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{93399117-930A-4EB3-82CC-CFE9D0092D54}: NameServer = 10.107.4.100,10.107.4.129
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 7192 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-706699826-854245398-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-706699826-854245398-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-05-15 335872]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-11-04 98394]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-11-04 688218]
"RoxioEngineUtility"=C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe [2003-05-01 65536]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"CARPService"=C:\WINDOWS\system32\carpserv.exe [2003-11-08 4608]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-05-29 52840]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2007-10-07 125368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 15360]
"T-Mobile Communication Centre"=C:\Program Files\T-Mobile Communication Centre\Centre.exe [2006-05-04 882752]
"Google Update"=C:\Documents and Settings\Cervinka\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-02-20 135664]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-12-14 2424560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-06-01 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe [2003-07-18 868352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2006-09-25 20053544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINDOWS\system32\NavLogon.dll [2007-10-07 43448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\alS06.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bkP16.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ckQ28.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dms74.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\emR16.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hqW52.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\irX63.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\kuA05.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\lvE44.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\muA84.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mwC27.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nvC06.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nvC17.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\oyE38.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Paf27.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\pyF28.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\qaF75.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Sdi38.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tcI30.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ueJ51.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ueK52.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Vek17.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wgm06.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wgM41.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xgM63.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xiO74.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xiP16.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\yjO84.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0xFF000000
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=255
"NoDrives"=0
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE:*:Enabled:Microsoft Outlook"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-01-06 15:11:48 ----DC---- C:\Documents and Settings\Cervinka\Data aplikací\SUPERAntiSpyware.com
2011-01-06 15:11:48 ----DC---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-01-06 15:11:24 ----DC---- C:\Program Files\SUPERAntiSpyware
2011-01-06 13:21:00 ----DC---- C:\rsit
2011-01-04 12:11:24 ----DC---- C:\Documents and Settings\Cervinka\Data aplikací\ESET
2011-01-04 10:01:45 ----DC---- C:\Documents and Settings\Cervinka\Data aplikací\uTorrent
2011-01-03 12:03:02 ----AC---- C:\WINDOWS\system32\drivers\SBREDrv.sys
2011-01-01 22:39:37 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2011-01-01 22:39:05 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2011-01-01 22:38:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2011-01-01 22:37:17 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2011-01-01 22:36:39 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-01-01 22:34:36 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-01-01 22:29:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-01-01 22:28:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-01-01 22:28:05 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-01-01 22:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2011-01-01 22:24:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-01-01 22:24:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-01-01 22:23:41 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2011-01-01 22:21:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-01-01 22:21:19 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2011-01-01 22:15:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-01-01 22:15:06 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-01-01 22:14:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-01-01 22:12:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-01-01 22:11:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-01-01 22:11:29 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-01-01 22:10:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-01-01 22:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-01-01 22:07:02 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$
2011-01-01 17:13:06 ----C---- C:\WINDOWS\system32\browserchoice.exe
2010-12-31 13:20:26 ----DC---- C:\WINDOWS\ie8updates
2010-12-31 13:17:16 ----DC---- C:\WINDOWS\WBEM
2010-12-31 13:14:23 ----HDC---- C:\WINDOWS\ie8
2010-12-31 13:14:23 ----DC---- C:\WINDOWS\system32\cs-CZ
2010-12-20 17:23:57 ----DC---- C:\Program Files\MEDIA TRADE

======List of files/folders modified in the last 1 months======

2011-01-07 09:36:49 ----DC---- C:\Program Files\Trend Micro
2011-01-07 09:36:48 ----DC---- C:\Temp
2011-01-07 08:37:58 ----RDC---- C:\Program Files
2011-01-07 08:37:51 ----DC---- C:\1
2011-01-07 08:22:29 ----DC---- C:\Program Files\Symantec AntiVirus
2011-01-06 22:29:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-06 22:03:27 ----SDC---- C:\WINDOWS\Tasks
2011-01-06 22:03:23 ----DC---- C:\WINDOWS\Prefetch
2011-01-06 18:28:01 ----DC---- C:\WINDOWS\system32\CatRoot2
2011-01-06 15:52:38 ----DC---- C:\WINDOWS
2011-01-06 15:05:42 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-01-06 13:03:54 ----DC---- C:\WINDOWS\Debug
2011-01-04 15:45:23 ----DC---- C:\WINDOWS\system32
2011-01-04 15:45:12 ----DC---- C:\Program Files\QuickTime
2011-01-04 14:40:51 ----SHDC---- C:\WINDOWS\Installer
2011-01-04 14:39:46 ----HDC---- C:\WINDOWS\inf
2011-01-04 14:39:44 ----DC---- C:\WINDOWS\temp
2011-01-04 14:39:44 ----DC---- C:\WINDOWS\system32\drivers
2011-01-04 13:47:28 ----DC---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2011-01-04 13:47:13 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-01-04 00:48:47 ----DC---- C:\!KillBox
2011-01-03 11:50:23 ----DC---- C:\WINDOWS\WinSxS
2011-01-03 11:49:41 ----DC---- C:\Program Files\Common Files\Wise Installation Wizard
2011-01-03 10:59:21 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-01 22:39:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-01 22:38:56 ----HDC---- C:\WINDOWS\$hf_mig$
2011-01-01 22:25:31 ----DC---- C:\Program Files\Movie Maker
2011-01-01 22:14:30 ----DC---- C:\Program Files\Outlook Express
2011-01-01 22:05:04 ----C---- C:\WINDOWS\win.ini
2011-01-01 16:31:07 ----DC---- C:\Program Files\Nokia
2011-01-01 16:29:53 ----HDC---- C:\Program Files\InstallShield Installation Information
2011-01-01 16:22:08 ----DC---- C:\Program Files\IrfanView
2010-12-31 13:45:51 ----DC---- C:\Program Files\Internet Explorer
2010-12-31 13:45:50 ----DC---- C:\WINDOWS\Help
2010-12-31 13:17:44 ----DC---- C:\WINDOWS\system32\config
2010-12-31 13:16:56 ----DC---- C:\WINDOWS\Media
2010-12-30 21:18:16 ----DC---- C:\Program Files\Common Files\Nokia
2010-12-30 21:18:16 ----DC---- C:\Program Files\Common Files
2010-12-30 21:12:36 ----DC---- C:\Program Files\ISYS_sachty
2010-12-30 20:57:04 ----SDC---- C:\Documents and Settings\Cervinka\Data aplikací\Microsoft
2010-12-30 20:57:03 ----DC---- C:\Garmin
2010-12-30 20:55:36 ----DC---- C:\Program Files\a-squared Free
2010-12-24 08:12:00 ----SHD---- C:\WINDOWS\CSC
2010-12-08 21:34:08 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-18 61056]
R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2003-07-16 66992]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2003-07-16 24698]
R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2006-09-21 259456]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-18 39936]
R1 pwd_2k;pwd_2k; C:\WINDOWS\system32\drivers\pwd_2k.sys [2003-07-18 118409]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2007-08-27 189320]
R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2003-07-18 213120]
R2 Ethpdrv;Ethernet Packet Driver; C:\WINDOWS\system32\DRIVERS\ethpdrv.sys [2005-09-08 9728]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-11-08 11043]
R2 StreamDispatcher;StreamDispatcher; C:\WINDOWS\system32\DRIVERS\strmdisp.sys [2003-11-08 30592]
R3 ALiIRDA;ALi Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\alifir.sys [2001-08-17 26624]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-05-15 701952]
R3 CALIAUD;Conexant AMC 3D ENVIRONMENTAL AUDIO; C:\WINDOWS\system32\drivers\caliaud.sys [2002-11-05 291328]
R3 CALIHALA;CALIHALA; C:\WINDOWS\system32\drivers\calihal.sys [2002-11-05 244608]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 FA312;NETGEAR FA330/FA312/FA311 Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\FA312nd5.sys [2001-08-17 16074]
R3 GT43XX;GT Combo 802.11g Wireless LAN Adapter Driver GT43XX; C:\WINDOWS\system32\DRIVERS\gtwl5.sys [2005-01-28 266496]
R3 GTEDGWModem;Option NV GTEDGWModem; C:\WINDOWS\system32\DRIVERS\GTEDG.sys [2005-01-28 107904]
R3 GTEDGWWNIC;Option NV GTEDGWWNIC; C:\WINDOWS\system32\DRIVERS\GTEDGNet.sys [2005-01-28 52864]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-18 9600]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-08 1063040]
R3 HSFHWALI;HSFHWALI; C:\WINDOWS\system32\DRIVERS\HSFHWALI.sys [2003-11-08 179712]
R3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2003-07-18 22745]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110103.001\naveng.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20110103.001\navex15.sys []
R3 odysseyIM4;Odyssey Network Agent Miniport; C:\WINDOWS\system32\DRIVERS\odysseyIM4.sys [2004-06-15 173056]
R3 OptionWWSC;GT Combo EDGE SIM Card Reader; C:\WINDOWS\system32\DRIVERS\GTEDGSC.sys [2005-01-28 21888]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-02-11 14572]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-11-04 186016]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-18 20480]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-08 631296]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S3 aliadwdm;Ovladač WDM urychlovače zpracování zvuku ALi; C:\WINDOWS\system32\drivers\ac97ali.sys [2004-08-03 231552]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-18 60800]
S3 BIFLAK;BIFLAK; \??\C:\PCINFO\biflak.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2003-07-18 21993]
S3 ipw_bus;IPWireless; C:\WINDOWS\system32\DRIVERS\ipw_bus.sys [2005-09-27 58320]
S3 ipw_mdfl;Wireless Broadband Modem Filter; C:\WINDOWS\system32\DRIVERS\ipw_mdfl.sys [2005-09-27 8272]
S3 ipw_mdm;Wireless Broadband Modem (WDM); C:\WINDOWS\system32\DRIVERS\ipw_mdm.sys [2005-09-27 95440]
S3 IpwP;IPWireless 3G PCMCIA Network Adapter; C:\WINDOWS\system32\DRIVERS\ipwpnet.sys [2005-07-30 43184]
S3 kvpndev;Kerio VPN adapter; C:\WINDOWS\system32\DRIVERS\kvpndrv.sys [2006-01-23 59392]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-18 61824]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2007-08-27 23944]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2007-05-29 192104]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2007-05-29 169576]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2007-10-07 31160]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-18 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2007-10-07 116664]
R2 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2007-07-26 1181016]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2007-10-07 1822648]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2001-05-01 53248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-08-28 2999664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-06-15 300544]
S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2007-08-27 214408]

-----------------EOF-----------------

Re: Pomalé PC

Napsal: 07 led 2011 09:52
od JaRon
tak pokracujeme :)
Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\alS06.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bkP16.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ckQ28.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dms74.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\emR16.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hqW52.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\irX63.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\kuA05.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\lvE44.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\muA84.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mwC27.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nvC06.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nvC17.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\oyE38.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Paf27.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\pyF28.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\qaF75.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Sdi38.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tcI30.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ueJ51.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ueK52.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Vek17.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wgm06.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wgM41.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xgM63.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xiO74.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\xiP16.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\yjO84.sys]
uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:

Obrázek

po aplikacii by mal vzniknut dalsi log, ten vloz sem :)

Re: Pomalé PC

Napsal: 07 led 2011 17:59
od Marce
Tak tady je ten log, snad jsem to udělala vše dobře. Děkuji za kontrolu.
Marce

ComboFix 11-01-06.06 - Cervinka 07.01.2011 17:23:16.11.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.703.234 [GMT 1:00]
Spuštěný z: c:\documents and settings\Cervinka\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Cervinka\Plocha\CFScript.txt
AV: Symantec AntiVirus Corporate Edition *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\desktop.ini
c:\documents and settings\Cervinka\Data aplikací\TMInc
c:\documents and settings\Cervinka\Data aplikací\TMInc\game.cfg
c:\documents and settings\Cervinka\Data aplikací\TMInc\user1.sav
c:\documents and settings\Cervinka\GoToAssistDownloadHelper.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-07 do 2011-01-07 )))))))))))))))))))))))))))))))
.

2011-01-07 16:43 . 2011-01-07 16:43 53248 -c--a-w- c:\temp\catchme.dll
2011-01-07 13:32 . 2011-01-07 13:15 389632 -c--a-w- c:\windows\system32\CF14527.exe
2011-01-07 09:44 . 2011-01-07 09:37 389632 -c--a-w- c:\windows\system32\CF2246.exe
2011-01-07 09:29 . 2011-01-07 09:29 389632 -c--a-w- c:\windows\system32\CF506.exe
2011-01-07 09:26 . 2011-01-07 09:19 389632 -c--a-w- c:\windows\system32\CF31327.exe
2011-01-07 09:08 . 2011-01-07 09:07 389632 -c--a-w- c:\windows\system32\CF28989.exe
2011-01-06 14:11 . 2011-01-06 14:11 -------- dc----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-01-06 12:21 . 2011-01-06 12:22 -------- dc----w- C:\rsit
2011-01-06 12:08 . 2011-01-06 12:08 -------- dcsh--w- c:\documents and settings\Cervinka\IECompatCache
2011-01-04 11:11 . 2011-01-04 11:11 -------- dc----w- c:\documents and settings\Cervinka\Local Settings\Data aplikací\ESET
2011-01-04 11:11 . 2011-01-04 11:11 -------- dc----w- c:\documents and settings\Cervinka\Data aplikací\ESET
2011-01-04 09:46 . 2011-01-04 09:46 -------- dc----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\ESET
2011-01-04 09:01 . 2011-01-06 11:57 -------- dc----w- c:\documents and settings\Cervinka\Data aplikací\uTorrent
2011-01-04 08:37 . 2011-01-04 08:37 -------- dcsh--w- c:\windows\system32\config\systemprofile\IETldCache
2011-01-03 11:58 . 2011-01-03 11:58 -------- dc----w- c:\documents and settings\LocalService\Plocha
2011-01-03 11:47 . 2011-01-03 11:47 -------- dcsh--w- c:\documents and settings\LocalService\IETldCache
2011-01-03 11:03 . 2011-01-03 11:03 98392 -c--a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-01-03 10:54 . 2011-01-03 10:54 -------- dc----w- c:\documents and settings\Cervinka\Local Settings\Data aplikací\Sunbelt Software
2011-01-01 16:13 . 2010-02-12 10:03 293376 -c----w- c:\windows\system32\browserchoice.exe
2010-12-31 16:36 . 2010-12-31 16:36 -------- dcsh--w- c:\documents and settings\Cervinka\PrivacIE
2010-12-31 15:12 . 2010-12-31 15:12 -------- dcsh--w- c:\documents and settings\Cervinka\IETldCache
2010-12-31 12:14 . 2010-12-31 12:17 -------- dc----w- c:\windows\system32\cs-CZ
2010-12-31 12:14 . 2010-12-31 12:16 -------- dc-h--w- c:\windows\ie8
2010-12-31 11:57 . 2010-05-06 10:35 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-12-31 11:57 . 2010-05-06 10:35 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-12-31 11:56 . 2010-05-06 10:35 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-12-31 11:56 . 2010-05-06 10:35 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-12-31 11:56 . 2010-05-06 10:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-12-31 11:56 . 2010-05-06 10:35 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-12-31 11:56 . 2010-05-06 10:35 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-12-20 16:25 . 2010-12-20 16:56 830794 -c--a-w- c:\windows\system32\spořič MEDIA TRADE.scr
2010-12-20 16:23 . 2010-12-20 16:55 -------- dc----w- c:\program files\MEDIA TRADE

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"="c:\program files\T-Mobile Communication Centre\Centre.exe" [2006-05-04 882752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-05-15 335872]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 688218]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 221184]
"CARPService"="carpserv.exe" [2003-11-08 4608]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-18 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2007-05-29 15:33 52840 -c--a-w- c:\program files\Common Files\Symantec Shared\ccApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-02-20 18:11 135664 -c--atw- c:\documents and settings\Cervinka\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-06-01 18:33 282624 -c--a-w- c:\program files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2003-07-18 15:23 868352 -c--a-w- c:\program files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioEngineUtility]
2003-05-01 16:44 65536 -c--a-w- c:\program files\Common Files\Roxio Shared\System\EngUtil.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2006-09-25 16:50 20053544 -c--a-w- c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
2007-10-07 19:48 125368 -c--a-w- c:\progra~1\SYMANT~1\VPTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office10\\OUTLOOK.EXE"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R2 Ethpdrv;Ethernet Packet Driver;c:\windows\system32\drivers\ethpdrv.sys [19.2.2008 20:58 9728]
R3 ALiIRDA;ALi Infrared Device Driver;c:\windows\system32\drivers\alifir.sys [17.7.2006 10:35 26624]
R3 CALIAUD;Conexant AMC 3D ENVIRONMENTAL AUDIO;c:\windows\system32\drivers\caliaud.sys [31.5.2007 12:13 291328]
R3 CALIHALA;CALIHALA;c:\windows\system32\drivers\calihal.sys [31.5.2007 12:13 244608]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [28.5.2010 17:01 102448]
R3 GT43XX;GT Combo 802.11g Wireless LAN Adapter Driver GT43XX;c:\windows\system32\drivers\gtwl5.SYS [28.1.2005 18:31 266496]
R3 GTEDGWModem;Option NV GTEDGWModem;c:\windows\system32\drivers\GTEDG.sys [28.1.2005 18:30 107904]
R3 GTEDGWWNIC;Option NV GTEDGWWNIC;c:\windows\system32\drivers\GTEDGNet.sys [28.1.2005 18:30 52864]
R3 OptionWWSC;GT Combo EDGE SIM Card Reader;c:\windows\system32\drivers\GTEDGSC.sys [28.1.2005 18:30 21888]
S3 BIFLAK;BIFLAK;c:\pcinfo\BIFLAK.SYS [17.7.2006 14:30 2822]
S3 ipw_bus;IPWireless;c:\windows\system32\drivers\ipw_bus.sys [25.2.2008 14:13 58320]
S3 ipw_mdfl;Wireless Broadband Modem Filter;c:\windows\system32\drivers\ipw_mdfl.sys [25.2.2008 14:13 8272]
S3 ipw_mdm;Wireless Broadband Modem (WDM);c:\windows\system32\drivers\ipw_mdm.sys [6.3.2008 19:22 95440]
S3 IpwP;IPWireless 3G PCMCIA Network Adapter;c:\windows\system32\drivers\ipwpnet.sys [6.3.2008 19:22 43184]
S3 kvpndev;Kerio VPN adapter;c:\windows\system32\drivers\kvpndrv.sys [23.1.2006 13:53 59392]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = About:Blank
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: {93399117-930A-4EB3-82CC-CFE9D0092D54} = 10.107.4.100,10.107.4.129
DPF: {7876E4A5-78B7-4020-B08F-C960A1ED54C9} - hxxp://mail.all-electronics.cz/ftpwebs/WinWebPush.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-07 17:43
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2011-01-07 17:54:01
ComboFix-quarantined-files.txt 2011-01-07 16:53

Před spuštěním: Volných bajtů: 16 280 780 800
Po spuštění: Volných bajtů: 16 319 696 896

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - C5A36F50F6A3C29FEAB3DC0A98D0A337

Re: Pomalé PC

Napsal: 07 led 2011 18:04
od JaRon
po AV stranke je to OK
doporucujem vycistit s CCleanerom a doinstalovat SP3
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz