Prosím o kontrolu.
Logfile of random's system information tool 1.08 (written by random/random)
Run by ADMIN1 at 2011-04-12 14:24:42
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 3 GB (9%) free of 38 GB
Total RAM: 478 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:25:10, on 12.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\HPSIsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\ADMIN1\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\ADMIN1.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = About:Blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - (no file)
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [HideIcons] C:\Documents and Settings\ADMIN1\Plocha\HideIcons.exe
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} (VatCtrl Class) - http://85.193.52.236/VatDec.cab
O16 - DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} (RtspVaPgCtrlNew Class) - http://85.193.52.237/RtspVaPgDec.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) -
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} (Java Plug-in 1.6.0_12) -
O16 - DPF: {EAA105FE-7BBD-4196-8B96-D46743894195} (MjpegControl Class) - http://85.193.52.188/plugin/mjpegcontrol.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\WINDOWS\system32\HPSIsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: SiS WirelessLan Service (SiSWLSvc) - Unknown owner - C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
--
End of file - 7499 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-1935655697-854245398-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-1935655697-854245398-1003UA.job
C:\WINDOWS\tasks\The Cleaner 2012 Smart Scan.job
C:\WINDOWS\tasks\The Cleaner 2012 Update.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-25 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-08-02 281768]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-02-07 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-02-07 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-02-07 118784]
"HideIcons"=C:\Documents and Settings\ADMIN1\Plocha\HideIcons.exe [2007-01-15 29184]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SRS Audio Sandbox"=C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe [2009-12-22 3216664]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2004-12-03 290816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\ADMIN1\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-02-10 136176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe [2006-02-07 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe [2006-02-07 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe [2006-02-07 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2010-11-29 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAOB Monitor]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tray"]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^ADMIN1^Nabídka Start^Programy^Po spuštění^WLAN Monitor & Configuration.lnk]
C:\PROGRA~1\SMC\SMC802~1.11B\WLANMO~1.EXE [2003-04-24 462848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Wireless Configuration Utility HW.32.lnk]
C:\WINDOWS\INSTAL~1\{BDC88E5A-F47B-4314-AB38-994592E32C95}\NewShortcut1.exe [2010-08-08 40960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-02-07 139264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2010-12-08 87424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-08-27 190976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"ShutdownWithoutLogon"=1
"NoDispCPL"=0
"NoDispSettingsPage"=0
"NoDispScrSavPage"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=189
"NoDriveAutoRun"=67108863
"HideClock"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=475
"NoDrives"=0
"NoResolveSearch"=1
"NoResolveTrack"=1
"NoViewContextMenu"=0
"NoFileAssociate"=0
"NoFind"=0
"NoRun"=0
"NoClose"=0
"StartMenuLogoff"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
======List of files/folders created in the last 1 months======
2011-04-12 14:24:42 ----D---- C:\rsit
2011-04-11 21:10:09 ----D---- C:\Program Files\PDF Composer
2011-04-11 21:10:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Impressions Future Media
2011-04-04 23:54:49 ----A---- C:\Documents and Settings\ADMIN1\Data aplikací\isfree3_1.tmp
2011-04-04 23:54:48 ----A---- C:\Documents and Settings\ADMIN1\Data aplikací\isfree3_0.tmp
2011-04-02 12:27:22 ----A---- C:\WINDOWS\system32\Systemdrv.sys
2011-04-02 12:25:08 ----A---- C:\WINDOWS\system32\psisdecd.dll
2011-04-02 12:24:53 ----D---- C:\Program Files\DVD X Studios
2011-04-02 12:24:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVDXStudio
2011-03-31 20:15:30 ----A---- C:\WINDOWS\system32\wbhelp2.dll
2011-03-31 20:15:30 ----A---- C:\WINDOWS\system32\unicows.dll
2011-03-31 20:15:29 ----A---- C:\WINDOWS\system32\W95INF32.DLL
2011-03-31 20:15:29 ----A---- C:\WINDOWS\system32\W95INF16.DLL
2011-03-31 20:15:29 ----A---- C:\WINDOWS\system32\gdiplus.dll
2011-03-31 20:15:29 ----A---- C:\WINDOWS\system32\anim.dll
2011-03-31 20:15:27 ----D---- C:\Program Files\WinUtilities
2011-03-25 15:30:41 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2011-03-25 00:47:33 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-03-24 15:42:57 ----D---- C:\Documents and Settings\ADMIN1\Data aplikací\thecleaner
2011-03-24 15:42:17 ----D---- C:\Program Files\The Cleaner
2011-03-20 15:02:38 ----ASH---- C:\pagefile.sys
2011-03-20 13:59:44 ----D---- C:\Documents and Settings\ADMIN1\Data aplikací\Beenokle
2011-03-20 13:59:43 ----D---- C:\Unfiled Notes
2011-03-20 13:57:39 ----D---- C:\Program Files\ZenWriter
2011-03-19 22:38:29 ----D---- C:\Program Files\Banner Generator Pro
2011-03-19 22:11:38 ----A---- C:\WINDOWS\system32\wmpns.dll
2011-03-19 22:06:13 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-03-19 22:05:58 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2011-03-18 23:54:15 ----D---- C:\Documents and Settings\ADMIN1\Data aplikací\gtk-2.0
2011-03-14 12:17:46 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2011-03-14 12:17:45 ----D---- C:\Program Files\PDFCreator
======List of files/folders modified in the last 1 months======
2011-04-12 14:25:10 ----D---- C:\Program Files\trend micro
2011-04-12 14:24:49 ----D---- C:\WINDOWS\Prefetch
2011-04-12 14:07:20 ----D---- C:\WINDOWS\Temp
2011-04-12 14:07:16 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-12 10:31:52 ----RSD---- C:\WINDOWS\assembly
2011-04-12 10:31:52 ----D---- C:\WINDOWS\Microsoft.NET
2011-04-11 22:24:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-11 22:22:31 ----D---- C:\WINDOWS
2011-04-11 22:18:11 ----D---- C:\WINDOWS\system32
2011-04-11 22:18:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-11 22:15:33 ----D---- C:\WINDOWS\system32\drivers
2011-04-11 21:59:52 ----D---- C:\Documents and Settings\ADMIN1\Data aplikací\Winamp
2011-04-11 21:59:52 ----D---- C:\Documents and Settings\ADMIN1\Data aplikací\Media Player Classic
2011-04-11 21:10:31 ----SHD---- C:\WINDOWS\Installer
2011-04-11 21:10:09 ----RD---- C:\Program Files
2011-04-11 21:02:39 ----D---- C:\WINDOWS\system32\cs-cz
2011-04-11 20:54:50 ----D---- C:\WINDOWS\WinSxS
2011-04-11 20:53:43 ----D---- C:\WINDOWS\system32\en-US
2011-04-11 20:51:56 ----D---- C:\WINDOWS\system32\mui
2011-04-10 10:55:03 ----D---- C:\Program Files\Microsoft Silverlight
2011-04-09 20:08:10 ----D---- C:\Program Files\Altiris
2011-04-07 19:46:31 ----D---- C:\Program Files\DivX
2011-04-07 19:46:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2011-04-07 16:59:37 ----D---- C:\Documents and Settings\ADMIN1\Data aplikací\PDM
2011-04-05 19:21:34 ----D---- C:\WINDOWS\system32\Macromed
2011-04-02 12:26:03 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-29 00:20:24 ----A---- C:\WINDOWS\system32\oeminfo.ini
2011-03-29 00:17:00 ----D---- C:\WINDOWS\system32\NtmsData
2011-03-28 20:38:27 ----A---- C:\WINDOWS\ModemLog_SoftV92 Data Fax Modem with SmartCP.txt
2011-03-25 13:22:54 ----D---- C:\WINDOWS\SoftwareDistribution
2011-03-25 01:28:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952011$
2011-03-25 01:28:29 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2011-03-25 01:21:07 ----D---- C:\Program Files\Common Files
2011-03-25 01:21:06 ----D---- C:\Program Files\Adobe
2011-03-25 00:50:20 ----D---- C:\WINDOWS\system32\config
2011-03-25 00:49:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2011-03-25 00:49:06 ----D---- C:\Documents and Settings\ADMIN1\Data aplikací\TuneUp Software
2011-03-24 18:58:03 ----D---- C:\Program Files\Mozilla Thunderbird
2011-03-24 18:57:50 ----D---- C:\Documents and Settings\ADMIN1\Data aplikací\Thunderbird
2011-03-24 17:57:48 ----SD---- C:\WINDOWS\Tasks
2011-03-24 17:13:48 ----D---- C:\Program Files\CCleaner
2011-03-24 15:48:02 ----HD---- C:\WINDOWS\inf
2011-03-22 22:19:24 ----D---- C:\Program Files\Mozilla Firefox
2011-03-20 13:57:46 ----RSD---- C:\WINDOWS\Fonts
2011-03-19 22:09:29 ----D---- C:\Program Files\Windows Media Player
2011-03-19 22:06:13 ----D---- C:\WINDOWS\system32\LogFiles
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-02-01 431672]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2011-03-16 137656]
R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-11-23 61960]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 tifsfilter;Seagate DiscWizard FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2010-11-18 44384]
R3 CAMCAUD;Conexant AMC 3D Environmental Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-06-28 292864]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-06-28 276480]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.SYS [2002-10-16 14543]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-03-10 1041536]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-03-10 199552]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-02-07 1399615]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2010-09-17 10144]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-14 20992]
R3 SMC_WinXP_PCMCIAFVNETR_(SMCD)(R);SMC_WinXP_PCMCIAFVNETR_(SMCD)(R) Service for SMC EZ Connect Wireless PC Card(SMC2632W); C:\WINDOWS\system32\DRIVERS\fvnetd51.sys [2002-12-11 91392]
R3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys [2009-12-15 268912]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-03-10 682624]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
S3 agyidxov;agyidxov; C:\WINDOWS\system32\drivers\agyidxov.sys []
S3 cpudrv;cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys []
S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-01-25 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-01-25 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-01-25 21568]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 mvusbews;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2009-12-04 17408]
S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []
S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis163u.sys [2004-12-31 167424]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2009-11-10 95568]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-03-16 269480]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-08-02 135336]
R2 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe [2009-12-04 99896]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-25 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 SiSWLSvc;SiS WirelessLan Service; C:\Program Files\802.11 Wireless LAN\802.11g Pen Size Wireless USB 2.0 Adapter HW.32 V1.10\SiSWLSvc.exe [2004-12-31 45056]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 UxTuneUp;TuneUp Rozšíření vzhledu; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\SHARED\HPQWMI.exe [2004-11-18 98304]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-09-03 355584]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka-dlouhé načítání stránek
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka-dlouhé načítání stránek
Zdraím, tohle fixni v HJT :
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
HJT najdeš zde :
C:\Program Files\trend micro\ADMIN1.exe
Fix znamená že spustíš HJT
v okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!
R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - (no file)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
HJT najdeš zde :
C:\Program Files\trend micro\ADMIN1.exe
Fix znamená že spustíš HJT
v okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)
čištění registru je třeba několikrát zopakovat !
Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém
Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!
Re: Preventivka-dlouhé načítání stránek
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 6341
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12.4.2011 16:20:21
mbam-log-2011-04-12 (16-20-10).txt
Typ kontroly: Rychlý test
Testované objekty: 157459
Uplynulý čas: 8 minut, 24 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
www.malwarebytes.org
Verze databáze: 6341
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
12.4.2011 16:20:21
mbam-log-2011-04-12 (16-20-10).txt
Typ kontroly: Rychlý test
Testované objekty: 157459
Uplynulý čas: 8 minut, 24 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Re: Preventivka-dlouhé načítání stránek
Stáhni a ulož na plochu ComboFix,
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.
V případě nejasností je ZDE obrázkový návod.
Re: Preventivka-dlouhé načítání stránek
ComboFix 11-04-12.01 - ADMIN1 12.04.2011 23:34:50.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.478.236 [GMT 2:00]
Spuštěný z: c:\documents and settings\ADMIN1\Plocha\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-12 do 2011-04-12 )))))))))))))))))))))))))))))))
.
.
2011-04-12 14:27 . 2011-04-12 14:33 -------- d-----w- c:\program files\AAALOGO2010
2011-04-12 14:08 . 2011-04-12 14:08 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\Malwarebytes
2011-04-12 14:08 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-12 14:08 . 2011-04-12 14:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-04-12 14:07 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-12 14:07 . 2011-04-12 14:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-12 12:24 . 2011-04-12 12:25 -------- d-----w- C:\rsit
2011-04-11 19:14 . 2011-04-11 19:14 -------- d-----w- c:\documents and settings\ADMIN1\Local Settings\Data aplikací\Impressions_Future_Media
2011-04-11 19:10 . 2011-04-11 19:10 -------- d-----w- c:\program files\PDF Composer
2011-04-11 19:10 . 2011-04-11 19:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Impressions Future Media
2011-04-02 10:27 . 2011-04-02 10:27 14 ----a-w- c:\windows\system32\Systemdrv.sys
2011-04-02 10:25 . 2008-04-14 06:51 363520 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
2011-04-02 10:25 . 2008-04-14 06:51 363520 ----a-w- c:\windows\system32\psisdecd.dll
2011-04-02 10:25 . 2008-04-14 06:52 56832 ----a-w- c:\windows\system32\msdvbnp.ax
2011-04-02 10:25 . 2008-04-14 06:52 33280 ----a-w- c:\windows\system32\psisrndr.ax
2011-04-02 10:24 . 2011-04-02 10:24 -------- d-----w- c:\program files\DVD X Studios
2011-04-02 10:24 . 2011-04-02 10:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DVDXStudio
2011-03-31 18:15 . 2010-07-25 20:23 56496 ----a-w- c:\windows\system32\wbhelp2.dll
2011-03-31 18:15 . 2010-07-25 20:23 544768 ----a-w- c:\windows\system32\wbocx.ocx
2011-03-31 18:15 . 2010-07-25 20:23 258352 ----a-w- c:\windows\system32\unicows.dll
2011-03-31 18:15 . 2010-07-25 20:23 33968 ----a-w- c:\windows\system32\anim.dll
2011-03-31 18:15 . 2010-07-25 20:23 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2011-03-31 18:15 . 2010-07-25 20:23 4608 ----a-w- c:\windows\system32\W95INF32.DLL
2011-03-31 18:15 . 2010-07-25 20:23 2272 ----a-w- c:\windows\system32\W95INF16.DLL
2011-03-31 18:15 . 2011-04-02 10:43 -------- d-----w- c:\program files\WinUtilities
2011-03-25 13:30 . 2008-06-30 09:41 22528 ----a-w- c:\windows\system32\uxtuneup.dll
2011-03-24 22:47 . 2011-03-24 22:47 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-03-24 13:42 . 2011-04-02 21:14 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\thecleaner
2011-03-24 13:42 . 2011-04-02 20:05 -------- d-----w- c:\program files\The Cleaner
2011-03-22 20:17 . 2011-03-22 20:17 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-03-22 20:17 . 2011-03-22 20:17 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-03-22 20:17 . 2011-03-22 20:17 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-03-22 20:17 . 2011-03-22 20:17 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-03-22 20:17 . 2011-03-22 20:17 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-03-22 20:17 . 2011-03-22 20:17 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-03-22 20:17 . 2011-03-22 20:17 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-03-22 20:17 . 2011-03-22 20:17 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-03-20 11:59 . 2011-03-20 11:59 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\Beenokle
2011-03-20 11:59 . 2011-03-20 11:59 -------- d-----w- C:\Unfiled Notes
2011-03-20 11:57 . 2011-03-20 11:58 -------- d-----w- c:\program files\ZenWriter
2011-03-19 20:38 . 2011-03-19 20:49 -------- d-----w- c:\program files\Banner Generator Pro
2011-03-19 20:11 . 2008-04-14 06:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2011-03-19 20:06 . 2011-03-19 20:09 -------- d-----w- c:\windows\system32\drivers\UMDF
2011-03-18 21:54 . 2011-03-18 21:54 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\gtk-2.0
2011-03-18 21:50 . 2011-03-18 21:59 -------- d-----w- c:\documents and settings\ADMIN1\.dia
2011-03-14 10:17 . 1998-06-23 23:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2011-03-14 10:17 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2011-03-14 10:17 . 2011-03-14 10:18 -------- d-----w- c:\program files\PDFCreator
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-16 19:25 . 2009-09-08 00:09 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-03-07 14:08 . 2011-03-11 16:51 1435272 ----a-w- c:\windows\system32\Flash8.ocx
2011-03-03 21:27 . 2011-03-03 21:27 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-02-01 11:44 . 2010-11-28 10:43 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-03-22 20:17 . 2011-03-22 20:17 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2009-12-22 3216664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-02-07 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-02-07 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-02-07 118784]
"HideIcons"="c:\documents and settings\ADMIN1\Plocha\HideIcons.exe" [2007-01-15 29184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-12-08 12:11 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^ADMIN1^Nabídka Start^Programy^Po spuštění^WLAN Monitor & Configuration.lnk]
backup=c:\windows\pss\WLAN Monitor & Configuration.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Wireless Configuration Utility HW.32.lnk]
backup=c:\windows\pss\Wireless Configuration Utility HW.32.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAOB Monitor
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tray"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-11-15 09:42 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2006-09-28 19:21 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 21:10 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]
2004-12-03 11:24 290816 ----a-w- c:\program files\HPQ\Quick Launch Buttons\eabservr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-02-10 11:23 136176 ----atw- c:\documents and settings\ADMIN1\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 14:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2006-02-07 07:36 77824 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2006-02-07 07:40 118784 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2006-02-07 07:39 94208 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiSpyWareDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8.9.2009 2:09 135336]
R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [24.2.2011 10:50 99896]
R3 SMC_WinXP_PCMCIAFVNETR_(SMCD)(R);SMC_WinXP_PCMCIAFVNETR_(SMCD)(R) Service for SMC EZ Connect Wireless PC Card(SMC2632W);c:\windows\system32\drivers\fvnetd51.sys [11.12.2002 17:03 91392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 10:58 11336]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [24.2.2011 10:49 17408]
S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\SiS163u.sys [31.12.2004 17:46 167424]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [22.11.2009 19:45 95568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-25 c:\windows\Tasks\The Cleaner 2012 Smart Scan.job
- c:\program files\The Cleaner\cleaner8.exe [2011-03-24 15:53]
.
2011-03-25 c:\windows\Tasks\The Cleaner 2012 Update.job
- c:\program files\The Cleaner\cleaner8.exe [2011-03-24 15:53]
.
.
------- Doplňkový sken -------
.
uStart Page = About:Blank
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} - hxxp://85.193.52.236/VatDec.cab
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} - hxxp://85.193.52.237/RtspVaPgDec.cab
DPF: {EAA105FE-7BBD-4196-8B96-D46743894195} - hxxp://85.193.52.188/plugin/mjpegcontrol.cab
FF - ProfilePath - c:\documents and settings\ADMIN1\Data aplikací\Mozilla\Firefox\Profiles\8qv5cuoq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1094856&SearchSource=3&q=
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 600000
FF - user.js: nglayout.initialpaint.delay - 50
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - true
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-TrueImageMonitor - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-12 23:43
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(600)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Celkový čas: 2011-04-12 23:49:16
ComboFix-quarantined-files.txt 2011-04-12 21:49
.
Před spuštěním: 3 365 847 040
Po spuštění: 3 312 144 384
.
- - End Of File - - D43D99C462126C7A72690C56A75982F7
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.478.236 [GMT 2:00]
Spuštěný z: c:\documents and settings\ADMIN1\Plocha\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-12 do 2011-04-12 )))))))))))))))))))))))))))))))
.
.
2011-04-12 14:27 . 2011-04-12 14:33 -------- d-----w- c:\program files\AAALOGO2010
2011-04-12 14:08 . 2011-04-12 14:08 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\Malwarebytes
2011-04-12 14:08 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-12 14:08 . 2011-04-12 14:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-04-12 14:07 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-12 14:07 . 2011-04-12 14:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-12 12:24 . 2011-04-12 12:25 -------- d-----w- C:\rsit
2011-04-11 19:14 . 2011-04-11 19:14 -------- d-----w- c:\documents and settings\ADMIN1\Local Settings\Data aplikací\Impressions_Future_Media
2011-04-11 19:10 . 2011-04-11 19:10 -------- d-----w- c:\program files\PDF Composer
2011-04-11 19:10 . 2011-04-11 19:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Impressions Future Media
2011-04-02 10:27 . 2011-04-02 10:27 14 ----a-w- c:\windows\system32\Systemdrv.sys
2011-04-02 10:25 . 2008-04-14 06:51 363520 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
2011-04-02 10:25 . 2008-04-14 06:51 363520 ----a-w- c:\windows\system32\psisdecd.dll
2011-04-02 10:25 . 2008-04-14 06:52 56832 ----a-w- c:\windows\system32\msdvbnp.ax
2011-04-02 10:25 . 2008-04-14 06:52 33280 ----a-w- c:\windows\system32\psisrndr.ax
2011-04-02 10:24 . 2011-04-02 10:24 -------- d-----w- c:\program files\DVD X Studios
2011-04-02 10:24 . 2011-04-02 10:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DVDXStudio
2011-03-31 18:15 . 2010-07-25 20:23 56496 ----a-w- c:\windows\system32\wbhelp2.dll
2011-03-31 18:15 . 2010-07-25 20:23 544768 ----a-w- c:\windows\system32\wbocx.ocx
2011-03-31 18:15 . 2010-07-25 20:23 258352 ----a-w- c:\windows\system32\unicows.dll
2011-03-31 18:15 . 2010-07-25 20:23 33968 ----a-w- c:\windows\system32\anim.dll
2011-03-31 18:15 . 2010-07-25 20:23 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2011-03-31 18:15 . 2010-07-25 20:23 4608 ----a-w- c:\windows\system32\W95INF32.DLL
2011-03-31 18:15 . 2010-07-25 20:23 2272 ----a-w- c:\windows\system32\W95INF16.DLL
2011-03-31 18:15 . 2011-04-02 10:43 -------- d-----w- c:\program files\WinUtilities
2011-03-25 13:30 . 2008-06-30 09:41 22528 ----a-w- c:\windows\system32\uxtuneup.dll
2011-03-24 22:47 . 2011-03-24 22:47 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-03-24 13:42 . 2011-04-02 21:14 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\thecleaner
2011-03-24 13:42 . 2011-04-02 20:05 -------- d-----w- c:\program files\The Cleaner
2011-03-22 20:17 . 2011-03-22 20:17 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-03-22 20:17 . 2011-03-22 20:17 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-03-22 20:17 . 2011-03-22 20:17 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-03-22 20:17 . 2011-03-22 20:17 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-03-22 20:17 . 2011-03-22 20:17 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-03-22 20:17 . 2011-03-22 20:17 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-03-22 20:17 . 2011-03-22 20:17 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-03-22 20:17 . 2011-03-22 20:17 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-03-20 11:59 . 2011-03-20 11:59 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\Beenokle
2011-03-20 11:59 . 2011-03-20 11:59 -------- d-----w- C:\Unfiled Notes
2011-03-20 11:57 . 2011-03-20 11:58 -------- d-----w- c:\program files\ZenWriter
2011-03-19 20:38 . 2011-03-19 20:49 -------- d-----w- c:\program files\Banner Generator Pro
2011-03-19 20:11 . 2008-04-14 06:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2011-03-19 20:06 . 2011-03-19 20:09 -------- d-----w- c:\windows\system32\drivers\UMDF
2011-03-18 21:54 . 2011-03-18 21:54 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\gtk-2.0
2011-03-18 21:50 . 2011-03-18 21:59 -------- d-----w- c:\documents and settings\ADMIN1\.dia
2011-03-14 10:17 . 1998-06-23 23:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2011-03-14 10:17 . 1998-07-05 23:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2011-03-14 10:17 . 2011-03-14 10:18 -------- d-----w- c:\program files\PDFCreator
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-16 19:25 . 2009-09-08 00:09 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-03-07 14:08 . 2011-03-11 16:51 1435272 ----a-w- c:\windows\system32\Flash8.ocx
2011-03-03 21:27 . 2011-03-03 21:27 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-02-01 11:44 . 2010-11-28 10:43 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-03-22 20:17 . 2011-03-22 20:17 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2009-12-22 3216664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-02-07 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-02-07 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-02-07 118784]
"HideIcons"="c:\documents and settings\ADMIN1\Plocha\HideIcons.exe" [2007-01-15 29184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-12-08 12:11 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^ADMIN1^Nabídka Start^Programy^Po spuštění^WLAN Monitor & Configuration.lnk]
backup=c:\windows\pss\WLAN Monitor & Configuration.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Wireless Configuration Utility HW.32.lnk]
backup=c:\windows\pss\Wireless Configuration Utility HW.32.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SAOB Monitor
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Služba Acronis Scheduler2
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tray"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-11-15 09:42 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2006-09-28 19:21 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 21:10 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]
2004-12-03 11:24 290816 ----a-w- c:\program files\HPQ\Quick Launch Buttons\eabservr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-02-10 11:23 136176 ----atw- c:\documents and settings\ADMIN1\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 14:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2006-02-07 07:36 77824 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2006-02-07 07:40 118784 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2006-02-07 07:39 94208 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiSpyWareDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8.9.2009 2:09 135336]
R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [24.2.2011 10:50 99896]
R3 SMC_WinXP_PCMCIAFVNETR_(SMCD)(R);SMC_WinXP_PCMCIAFVNETR_(SMCD)(R) Service for SMC EZ Connect Wireless PC Card(SMC2632W);c:\windows\system32\drivers\fvnetd51.sys [11.12.2002 17:03 91392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 10:58 11336]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [24.2.2011 10:49 17408]
S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\SiS163u.sys [31.12.2004 17:46 167424]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [22.11.2009 19:45 95568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-25 c:\windows\Tasks\The Cleaner 2012 Smart Scan.job
- c:\program files\The Cleaner\cleaner8.exe [2011-03-24 15:53]
.
2011-03-25 c:\windows\Tasks\The Cleaner 2012 Update.job
- c:\program files\The Cleaner\cleaner8.exe [2011-03-24 15:53]
.
.
------- Doplňkový sken -------
.
uStart Page = About:Blank
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} - hxxp://85.193.52.236/VatDec.cab
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} - hxxp://85.193.52.237/RtspVaPgDec.cab
DPF: {EAA105FE-7BBD-4196-8B96-D46743894195} - hxxp://85.193.52.188/plugin/mjpegcontrol.cab
FF - ProfilePath - c:\documents and settings\ADMIN1\Data aplikací\Mozilla\Firefox\Profiles\8qv5cuoq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1094856&SearchSource=3&q=
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 600000
FF - user.js: nglayout.initialpaint.delay - 50
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - true
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-TrueImageMonitor - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-12 23:43
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(600)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Celkový čas: 2011-04-12 23:49:16
ComboFix-quarantined-files.txt 2011-04-12 21:49
.
Před spuštěním: 3 365 847 040
Po spuštění: 3 312 144 384
.
- - End Of File - - D43D99C462126C7A72690C56A75982F7
Re: Preventivka-dlouhé načítání stránek
Než budeme pokračovat, tohle :
The Cleaner 2012
je na co ?
Podle toho co jsem zjistil se jedná o antimalware, já jen abys tam neměl příliš mnoho zabezpečení,
které by brzdilo právě ten net.
The Cleaner 2012
je na co ?
Podle toho co jsem zjistil se jedná o antimalware, já jen abys tam neměl příliš mnoho zabezpečení,
které by brzdilo právě ten net.
Re: Preventivka-dlouhé načítání stránek
Je to anti-malware software. Používám ho jednou za čas, ke kontrole pc. V nastavení programu nikde nevidím nabídku rezidentní ochrany. Proto usuzuji, že žádnou kontrolu v reálu neprovádí nebo se mýlím?
Re: Preventivka-dlouhé načítání stránek
Ano v trial verzi štít nemá.
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Pokud jsi tak ještě neučinil, přesuň Combofix na plochu
otevři si Poznámkový blok
do něj zkopíruj skript z následujícího okna:
Kód: Vybrat vše
FireFox::
FF - ProfilePath - c:\documents and settings\ADMIN1\Data aplikací\Mozilla\Firefox\Profiles\8qv5cuoq.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q=
po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:
Po aplikaci na Tebe vypadne další log, zkopíruj ho sem
Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,
v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
Re: Preventivka-dlouhé načítání stránek
ComboFix 11-04-13.06 - ADMIN1 14.04.2011 22:30:19.5.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.478.199 [GMT 2:00]
Spuštěný z: c:\documents and settings\ADMIN1\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\ADMIN1\Plocha\CFScript.txt
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-14 do 2011-04-14 )))))))))))))))))))))))))))))))
.
.
2011-04-14 19:36 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2011-04-14 19:31 . 2011-04-14 19:58 -------- d-----w- c:\program files\The Logo Creator v5
2011-04-14 19:29 . 2011-04-14 19:29 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\NeoDownloader
2011-04-14 19:29 . 2011-04-14 19:29 -------- d-----w- c:\program files\NeoDownloader
2011-04-14 19:27 . 2011-04-14 19:27 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\RecordMax Burning Studio
2011-04-14 19:27 . 2011-04-14 19:27 -------- d-----w- c:\program files\RecordMax Burning Studio
2011-04-12 14:27 . 2011-04-12 14:33 -------- d-----w- c:\program files\AAALOGO2010
2011-04-12 14:08 . 2011-04-12 14:08 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\Malwarebytes
2011-04-12 14:08 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-12 14:08 . 2011-04-12 14:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-04-12 14:07 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-12 14:07 . 2011-04-12 14:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-12 12:24 . 2011-04-12 12:25 -------- d-----w- C:\rsit
2011-04-11 19:14 . 2011-04-11 19:14 -------- d-----w- c:\documents and settings\ADMIN1\Local Settings\Data aplikací\Impressions_Future_Media
2011-04-11 19:10 . 2011-04-14 20:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Impressions Future Media
2011-04-02 10:27 . 2011-04-02 10:27 14 ----a-w- c:\windows\system32\Systemdrv.sys
2011-04-02 10:25 . 2008-04-14 06:51 363520 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
2011-04-02 10:25 . 2008-04-14 06:51 363520 ----a-w- c:\windows\system32\psisdecd.dll
2011-04-02 10:25 . 2008-04-14 06:52 56832 ----a-w- c:\windows\system32\msdvbnp.ax
2011-04-02 10:25 . 2008-04-14 06:52 33280 ----a-w- c:\windows\system32\psisrndr.ax
2011-04-02 10:24 . 2011-04-02 10:24 -------- d-----w- c:\program files\DVD X Studios
2011-04-02 10:24 . 2011-04-02 10:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DVDXStudio
2011-03-31 18:15 . 2010-07-25 20:23 56496 ----a-w- c:\windows\system32\wbhelp2.dll
2011-03-31 18:15 . 2010-07-25 20:23 544768 ----a-w- c:\windows\system32\wbocx.ocx
2011-03-31 18:15 . 2010-07-25 20:23 258352 ----a-w- c:\windows\system32\unicows.dll
2011-03-31 18:15 . 2010-07-25 20:23 33968 ----a-w- c:\windows\system32\anim.dll
2011-03-31 18:15 . 2010-07-25 20:23 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2011-03-31 18:15 . 2010-07-25 20:23 4608 ----a-w- c:\windows\system32\W95INF32.DLL
2011-03-31 18:15 . 2010-07-25 20:23 2272 ----a-w- c:\windows\system32\W95INF16.DLL
2011-03-31 18:15 . 2011-04-02 10:43 -------- d-----w- c:\program files\WinUtilities
2011-03-25 13:30 . 2008-06-30 09:41 22528 ----a-w- c:\windows\system32\uxtuneup.dll
2011-03-24 22:47 . 2011-03-24 22:47 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-03-24 13:42 . 2011-04-02 21:14 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\thecleaner
2011-03-24 13:42 . 2011-04-13 18:27 -------- d-----w- c:\program files\The Cleaner
2011-03-22 20:17 . 2011-03-22 20:17 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-03-22 20:17 . 2011-03-22 20:17 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-03-22 20:17 . 2011-03-22 20:17 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-03-22 20:17 . 2011-03-22 20:17 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-03-22 20:17 . 2011-03-22 20:17 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-03-22 20:17 . 2011-03-22 20:17 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-03-22 20:17 . 2011-03-22 20:17 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-03-22 20:17 . 2011-03-22 20:17 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-03-20 11:59 . 2011-03-20 11:59 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\Beenokle
2011-03-20 11:59 . 2011-03-20 11:59 -------- d-----w- C:\Unfiled Notes
2011-03-20 11:57 . 2011-03-20 11:58 -------- d-----w- c:\program files\ZenWriter
2011-03-19 20:38 . 2011-03-19 20:49 -------- d-----w- c:\program files\Banner Generator Pro
2011-03-19 20:11 . 2008-04-14 06:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2011-03-19 20:06 . 2011-03-19 20:09 -------- d-----w- c:\windows\system32\drivers\UMDF
2011-03-18 21:54 . 2011-03-18 21:54 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\gtk-2.0
2011-03-18 21:50 . 2011-03-18 21:59 -------- d-----w- c:\documents and settings\ADMIN1\.dia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-16 19:25 . 2009-09-08 00:09 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-03-07 14:08 . 2011-03-11 16:51 1435272 ----a-w- c:\windows\system32\Flash8.ocx
2011-03-03 21:27 . 2011-03-03 21:27 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-02-01 11:44 . 2010-11-28 10:43 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-03-22 20:17 . 2011-03-22 20:17 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-12_21.43.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-14 16:47 . 2011-04-14 16:47 16384 c:\windows\Temp\Perflib_Perfdata_68c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2009-12-22 3216664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-02-07 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-02-07 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-02-07 118784]
"HideIcons"="c:\documents and settings\ADMIN1\Plocha\HideIcons.exe" [2007-01-15 29184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-12-08 12:11 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^ADMIN1^Nabídka Start^Programy^Po spuštění^WLAN Monitor & Configuration.lnk]
backup=c:\windows\pss\WLAN Monitor & Configuration.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Wireless Configuration Utility HW.32.lnk]
backup=c:\windows\pss\Wireless Configuration Utility HW.32.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-11-15 09:42 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2006-09-28 19:21 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 21:10 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]
2004-12-03 11:24 290816 ----a-w- c:\program files\HPQ\Quick Launch Buttons\eabservr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-02-10 11:23 136176 ----atw- c:\documents and settings\ADMIN1\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 14:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2006-02-07 07:36 77824 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2006-02-07 07:40 118784 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2006-02-07 07:39 94208 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiSpyWareDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8.9.2009 2:09 135336]
R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [24.2.2011 10:50 99896]
R3 SMC_WinXP_PCMCIAFVNETR_(SMCD)(R);SMC_WinXP_PCMCIAFVNETR_(SMCD)(R) Service for SMC EZ Connect Wireless PC Card(SMC2632W);c:\windows\system32\drivers\fvnetd51.sys [11.12.2002 17:03 91392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 10:58 11336]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [24.2.2011 10:49 17408]
S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\SiS163u.sys [31.12.2004 17:46 167424]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [22.11.2009 19:45 95568]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} - hxxp://85.193.52.236/VatDec.cab
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} - hxxp://85.193.52.237/RtspVaPgDec.cab
DPF: {EAA105FE-7BBD-4196-8B96-D46743894195} - hxxp://85.193.52.188/plugin/mjpegcontrol.cab
FF - ProfilePath - c:\documents and settings\ADMIN1\Data aplikací\Mozilla\Firefox\Profiles\8qv5cuoq.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 600000
FF - user.js: nglayout.initialpaint.delay - 50
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-14 22:38
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(600)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(2700)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-04-14 22:43:04
ComboFix-quarantined-files.txt 2011-04-14 20:43
ComboFix2.txt 2011-04-12 21:49
.
Před spuštěním: 2 696 597 504
Po spuštění: 2 677 055 488
.
- - End Of File - - 6CAB461FA5CB0CC794913FB26317BAA2
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.478.199 [GMT 2:00]
Spuštěný z: c:\documents and settings\ADMIN1\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\ADMIN1\Plocha\CFScript.txt
AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-14 do 2011-04-14 )))))))))))))))))))))))))))))))
.
.
2011-04-14 19:36 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2011-04-14 19:31 . 2011-04-14 19:58 -------- d-----w- c:\program files\The Logo Creator v5
2011-04-14 19:29 . 2011-04-14 19:29 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\NeoDownloader
2011-04-14 19:29 . 2011-04-14 19:29 -------- d-----w- c:\program files\NeoDownloader
2011-04-14 19:27 . 2011-04-14 19:27 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\RecordMax Burning Studio
2011-04-14 19:27 . 2011-04-14 19:27 -------- d-----w- c:\program files\RecordMax Burning Studio
2011-04-12 14:27 . 2011-04-12 14:33 -------- d-----w- c:\program files\AAALOGO2010
2011-04-12 14:08 . 2011-04-12 14:08 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\Malwarebytes
2011-04-12 14:08 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-12 14:08 . 2011-04-12 14:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-04-12 14:07 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-12 14:07 . 2011-04-12 14:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-12 12:24 . 2011-04-12 12:25 -------- d-----w- C:\rsit
2011-04-11 19:14 . 2011-04-11 19:14 -------- d-----w- c:\documents and settings\ADMIN1\Local Settings\Data aplikací\Impressions_Future_Media
2011-04-11 19:10 . 2011-04-14 20:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Impressions Future Media
2011-04-02 10:27 . 2011-04-02 10:27 14 ----a-w- c:\windows\system32\Systemdrv.sys
2011-04-02 10:25 . 2008-04-14 06:51 363520 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
2011-04-02 10:25 . 2008-04-14 06:51 363520 ----a-w- c:\windows\system32\psisdecd.dll
2011-04-02 10:25 . 2008-04-14 06:52 56832 ----a-w- c:\windows\system32\msdvbnp.ax
2011-04-02 10:25 . 2008-04-14 06:52 33280 ----a-w- c:\windows\system32\psisrndr.ax
2011-04-02 10:24 . 2011-04-02 10:24 -------- d-----w- c:\program files\DVD X Studios
2011-04-02 10:24 . 2011-04-02 10:24 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DVDXStudio
2011-03-31 18:15 . 2010-07-25 20:23 56496 ----a-w- c:\windows\system32\wbhelp2.dll
2011-03-31 18:15 . 2010-07-25 20:23 544768 ----a-w- c:\windows\system32\wbocx.ocx
2011-03-31 18:15 . 2010-07-25 20:23 258352 ----a-w- c:\windows\system32\unicows.dll
2011-03-31 18:15 . 2010-07-25 20:23 33968 ----a-w- c:\windows\system32\anim.dll
2011-03-31 18:15 . 2010-07-25 20:23 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2011-03-31 18:15 . 2010-07-25 20:23 4608 ----a-w- c:\windows\system32\W95INF32.DLL
2011-03-31 18:15 . 2010-07-25 20:23 2272 ----a-w- c:\windows\system32\W95INF16.DLL
2011-03-31 18:15 . 2011-04-02 10:43 -------- d-----w- c:\program files\WinUtilities
2011-03-25 13:30 . 2008-06-30 09:41 22528 ----a-w- c:\windows\system32\uxtuneup.dll
2011-03-24 22:47 . 2011-03-24 22:47 -------- d-sh--w- c:\documents and settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-03-24 13:42 . 2011-04-02 21:14 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\thecleaner
2011-03-24 13:42 . 2011-04-13 18:27 -------- d-----w- c:\program files\The Cleaner
2011-03-22 20:17 . 2011-03-22 20:17 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-03-22 20:17 . 2011-03-22 20:17 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-03-22 20:17 . 2011-03-22 20:17 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-03-22 20:17 . 2011-03-22 20:17 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-03-22 20:17 . 2011-03-22 20:17 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-03-22 20:17 . 2011-03-22 20:17 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-03-22 20:17 . 2011-03-22 20:17 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-03-22 20:17 . 2011-03-22 20:17 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-03-20 11:59 . 2011-03-20 11:59 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\Beenokle
2011-03-20 11:59 . 2011-03-20 11:59 -------- d-----w- C:\Unfiled Notes
2011-03-20 11:57 . 2011-03-20 11:58 -------- d-----w- c:\program files\ZenWriter
2011-03-19 20:38 . 2011-03-19 20:49 -------- d-----w- c:\program files\Banner Generator Pro
2011-03-19 20:11 . 2008-04-14 06:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2011-03-19 20:06 . 2011-03-19 20:09 -------- d-----w- c:\windows\system32\drivers\UMDF
2011-03-18 21:54 . 2011-03-18 21:54 -------- d-----w- c:\documents and settings\ADMIN1\Data aplikací\gtk-2.0
2011-03-18 21:50 . 2011-03-18 21:59 -------- d-----w- c:\documents and settings\ADMIN1\.dia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-16 19:25 . 2009-09-08 00:09 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-03-07 14:08 . 2011-03-11 16:51 1435272 ----a-w- c:\windows\system32\Flash8.ocx
2011-03-03 21:27 . 2011-03-03 21:27 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-02-01 11:44 . 2010-11-28 10:43 431672 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-03-22 20:17 . 2011-03-22 20:17 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-12_21.43.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-14 16:47 . 2011-04-14 16:47 16384 c:\windows\Temp\Perflib_Perfdata_68c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2009-12-22 3216664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-08-02 281768]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-02-07 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-02-07 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-02-07 118784]
"HideIcons"="c:\documents and settings\ADMIN1\Plocha\HideIcons.exe" [2007-01-15 29184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Data aplikací\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-12-08 12:11 87424 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^ADMIN1^Nabídka Start^Programy^Po spuštění^WLAN Monitor & Configuration.lnk]
backup=c:\windows\pss\WLAN Monitor & Configuration.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Wireless Configuration Utility HW.32.lnk]
backup=c:\windows\pss\Wireless Configuration Utility HW.32.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2009-11-15 09:42 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2006-09-28 19:21 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-03-21 21:10 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]
2004-12-03 11:24 290816 ----a-w- c:\program files\HPQ\Quick Launch Buttons\eabservr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-02-10 11:23 136176 ----atw- c:\documents and settings\ADMIN1\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 14:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2006-02-07 07:36 77824 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2006-02-07 07:40 118784 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2006-02-07 07:39 94208 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiSpyWareDisableNotify"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [8.9.2009 2:09 135336]
R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [24.2.2011 10:50 99896]
R3 SMC_WinXP_PCMCIAFVNETR_(SMCD)(R);SMC_WinXP_PCMCIAFVNETR_(SMCD)(R) Service for SMC EZ Connect Wireless PC Card(SMC2632W);c:\windows\system32\drivers\fvnetd51.sys [11.12.2002 17:03 91392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 10:58 11336]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [24.2.2011 10:49 17408]
S3 SIS163u;SiS 163 usb Wireless LAN Adapter Driver;c:\windows\system32\drivers\SiS163u.sys [31.12.2004 17:46 167424]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [22.11.2009 19:45 95568]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} - hxxp://85.193.52.236/VatDec.cab
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} - hxxp://85.193.52.237/RtspVaPgDec.cab
DPF: {EAA105FE-7BBD-4196-8B96-D46743894195} - hxxp://85.193.52.188/plugin/mjpegcontrol.cab
FF - ProfilePath - c:\documents and settings\ADMIN1\Data aplikací\Mozilla\Firefox\Profiles\8qv5cuoq.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.interval - 600000
FF - user.js: content.switch.threshold - 600000
FF - user.js: nglayout.initialpaint.delay - 50
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.urlbar.autoFill - false
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - true
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-14 22:38
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(600)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(2700)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-04-14 22:43:04
ComboFix-quarantined-files.txt 2011-04-14 20:43
ComboFix2.txt 2011-04-12 21:49
.
Před spuštěním: 2 696 597 504
Po spuštění: 2 677 055 488
.
- - End Of File - - 6CAB461FA5CB0CC794913FB26317BAA2
Re: Preventivka-dlouhé načítání stránek
Přes Start >> Spustit zkopíruj do okna:
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jaký je stav PC.
ComboFix /Uninstall
a stiskni Enter
To odinstaluje ComboFix a smaže s ním související soubory a složky.
Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.
Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.
Pak dej vědět jaký je stav PC.
Re: Preventivka-dlouhé načítání stránek
Zdá se to být v pořádku. Děkuji za pomoc.
Přispějete na provoz fóra?