Podivně rozhozený comp-podezření na virus
Napsal: 10 srp 2011 23:55
Dobrý den
chtěl bych poprosit o pomoc
nedávno jsem přestěhoval PC na jiné místo
po zapojení mám neustále problémy s internetem,se zvukem
a nefunguje mi dvb-t nenajde mi žádný kanál asi je něco se síťovou kartou.
Vše občas zafunguje poté se to rozhodí, přestane jít internet,nebo se zpomalí,
musím restartovat comp, někdy to naskočí někdy ne.
občas přestane jít zvuk jedna zvukovka(CREATIVE X-fi)
nefunguje i když diagnostika hlásí vše v poho tak žádný zvuk
přepnul jsem na zvukovku na zákl.desce ale i ta někdy jde, někdy přestane potom zase jde
a občas nezafunguje síťová karta a nejde internet.
Mám podezření na nějaký virus ale nemohu na nic přijít.
Mohl by mi někdo pomoci?
Jirkabj
-----------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:56:02, on 11.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\ASUS\P7131\Remote Control\P7131RemoteAppl.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Innovative Solutions\DriverMax\devices.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\ASUS\P7131\Remote Control\RCService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [P7131Appl] C:\Program Files\ASUS\P7131\Remote Control\P7131RemoteAppl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -agent
O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -RESTART
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1177238915-1715567821-839522115-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: RCSERVICE - Unknown owner - C:\Program Files\ASUS\P7131\Remote Control\RCService.exe
--
End of file - 6112 bytes
------------------------------------------------------------------------------------------------------------
ComboFix 11-08-10.03 - Jirka 11.08.2011 1:17.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1587 [GMT 2:00]
Spuštěný z: c:\documents and settings\Jirka\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-10 do 2011-08-10 )))))))))))))))))))))))))))))))
.
.
2011-08-10 02:54 . 2011-08-10 02:54 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\Motive
2011-08-10 02:22 . 2011-08-10 02:22 -------- d-----w- c:\documents and settings\Jirka\Local Settings\Data aplikací\Help
2011-08-10 02:05 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 02:04 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-09 04:16 . 2011-08-09 04:16 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-09 04:13 . 2011-08-09 04:25 -------- d-----w- c:\program files\DVBViewer
2011-08-09 00:14 . 2011-08-09 04:14 -------- d-----w- C:\dvbfix
2011-08-09 00:07 . 2011-08-09 00:07 -------- d-----w- c:\program files\MySQL
2011-08-09 00:07 . 2011-08-09 00:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MySQL
2011-08-09 00:06 . 2011-08-09 00:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Team MediaPortal
2011-08-09 00:05 . 2011-08-09 04:14 -------- d-----w- c:\program files\Team MediaPortal
2011-08-08 18:05 . 2011-08-10 03:10 -------- d-----w- c:\program files\ChrisTV Lite
2011-08-08 18:04 . 2011-08-08 18:04 -------- d-----w- c:\documents and settings\Jirka\Local Settings\Data aplikací\ESET
2011-08-08 10:01 . 2011-08-08 10:01 -------- d-----w- c:\documents and settings\Jirka\Local Settings\Data aplikací\LucasArts
2011-08-08 04:09 . 2011-08-08 04:09 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\Easeware
2011-08-08 01:57 . 2011-08-08 01:57 -------- d--h--w- c:\program files\Creative Installation Information
2011-08-08 01:57 . 2011-08-08 01:57 -------- d-----w- c:\program files\Common Files\Creative
2011-08-08 01:37 . 2009-03-03 18:18 73728 ----a-w- c:\windows\system32\RtNicProp32.dll
2011-08-08 01:37 . 2011-08-08 01:37 -------- d-----w- c:\program files\Realtek
2011-08-08 01:34 . 2011-05-25 07:26 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-08-08 01:34 . 2011-05-25 07:26 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-08-08 01:34 . 2011-05-25 07:26 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-08-08 01:34 . 2011-05-25 07:26 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-08-08 01:34 . 2011-05-25 07:26 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-08-08 01:34 . 2011-05-25 07:26 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-08-08 01:07 . 2011-08-10 21:23 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\ZipGenius
2011-08-08 01:07 . 2011-08-08 01:07 -------- d-----w- c:\program files\ZipGenius 6
2011-08-08 00:05 . 2011-08-08 00:07 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\TrueCrypt
2011-08-08 00:04 . 2011-08-08 00:04 231248 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2011-08-08 00:04 . 2011-08-08 00:08 -------- d-----w- c:\program files\TrueCrypt
2011-08-07 23:39 . 2011-08-07 23:39 388096 ----a-r- c:\documents and settings\Jirka\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-07 23:39 . 2011-08-07 23:39 -------- d-----w- c:\program files\Trend Micro
2011-08-07 23:33 . 2011-08-07 23:33 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\Malwarebytes
2011-08-07 23:32 . 2011-08-07 23:32 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-08-07 23:32 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-07 23:32 . 2011-08-07 23:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-07 23:32 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-07 19:26 . 2011-08-07 19:26 -------- d-----w- c:\program files\ASUS
2011-08-07 19:25 . 2011-08-07 19:25 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-08-07 19:25 . 2005-04-03 21:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-08-07 19:25 . 2005-04-03 21:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-08-07 19:25 . 2005-04-03 21:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-08-07 19:25 . 2005-04-03 21:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-08-07 19:25 . 2005-04-03 20:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-08-07 19:25 . 2011-08-07 19:25 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-08-07 18:34 . 2011-08-07 18:34 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\Creative
2011-08-07 18:18 . 1999-12-12 23:01 44032 ----a-w- c:\windows\system32\CTSVCCDA.EXE
2011-08-07 18:18 . 1999-11-17 23:00 25088 ------w- c:\windows\system32\CTSVCCTL.EXE
2011-08-07 17:46 . 2000-05-10 23:00 90112 ------w- c:\windows\Updreg.EXE
2011-08-07 15:22 . 2011-08-09 04:16 -------- d-----w- c:\documents and settings\Administrator
2011-08-06 16:11 . 2011-08-06 16:11 -------- d-----w- c:\program files\LucasArts
2011-08-06 14:42 . 2008-04-14 03:22 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-08-06 05:09 . 2011-08-06 05:09 -------- d-----w- c:\program files\Windows Media Connect 2
2011-08-06 05:08 . 2011-08-06 05:09 -------- d-----w- c:\windows\system32\drivers\UMDF
2011-08-06 05:08 . 2011-08-06 05:08 -------- d-----w- c:\windows\system32\LogFiles
2011-08-06 04:42 . 2011-08-06 04:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\nView_Profiles
2011-08-06 04:00 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-08-06 03:59 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-08-06 03:59 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-08-06 03:58 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-08-06 03:58 . 2011-02-08 13:33 978944 -c----w- c:\windows\system32\dllcache\mfc42.dll
2011-08-06 03:58 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-08-06 03:53 . 2011-08-06 03:53 -------- d-sh--w- c:\documents and settings\Jirka\IECompatCache
2011-08-06 03:53 . 2011-08-06 03:53 -------- d-sh--w- c:\documents and settings\Jirka\PrivacIE
2011-08-06 03:33 . 2011-08-06 03:33 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2011-08-06 03:24 . 2011-08-06 03:24 -------- d-----w- c:\windows\system32\cs
2011-08-06 03:24 . 2011-08-06 03:24 -------- d-----w- c:\windows\system32\bits
2011-08-06 03:24 . 2011-08-06 03:24 -------- d-----w- c:\windows\l2schemas
2011-08-06 03:19 . 2011-08-06 03:19 -------- d-----w- c:\windows\EHome
2011-08-06 02:55 . 2011-08-06 02:55 -------- d-sh--w- c:\documents and settings\Jirka\IETldCache
2011-08-06 02:51 . 2011-08-06 02:51 -------- d-----w- c:\program files\ESET
2011-08-06 02:51 . 2011-08-06 02:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-08-06 02:48 . 2011-06-23 18:31 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-08-06 02:48 . 2011-06-23 18:31 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-08-06 02:48 . 2011-06-23 18:31 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-08-06 02:48 . 2011-06-23 18:31 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-08-06 02:48 . 2011-06-23 18:31 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-08-06 02:48 . 2011-06-23 18:31 11081728 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-08-06 02:48 . 2011-06-23 18:31 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-08-06 02:48 . 2011-08-06 03:24 -------- d-----w- c:\windows\system32\cs-CZ
2011-08-06 02:48 . 2011-08-06 02:48 -------- dc-h--w- c:\windows\ie8
2011-08-06 02:41 . 2011-08-06 03:23 -------- d-----w- c:\windows\ServicePackFiles
2011-08-06 02:39 . 2004-08-03 20:29 25471 ------w- c:\windows\system32\drivers\watv10nt.sys
2011-08-06 02:29 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-08-06 02:29 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-08-06 02:29 . 2011-02-17 13:18 357888 -c----w- c:\windows\system32\dllcache\srv.sys
2011-08-06 02:28 . 2011-07-15 13:29 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-08-06 02:28 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-08-06 02:28 . 2010-08-27 08:03 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-08-06 02:28 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-08-06 02:28 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-08-06 02:22 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2011-08-06 02:21 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-08-06 02:20 . 2010-07-16 11:58 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2011-08-06 02:00 . 2009-02-01 00:11 105472 ----a-w- c:\windows\system32\drivers\nvatabus.sys
2011-08-06 02:00 . 2009-02-01 00:11 363008 ----a-w- c:\windows\system32\idecoiins.dll
2011-08-06 01:31 . 2011-08-06 01:31 -------- d-----w- c:\documents and settings\Jirka\Local Settings\Data aplikací\Innovative Solutions
2011-08-06 01:31 . 2011-08-06 01:31 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Innovative Solutions
2011-08-06 01:31 . 2011-08-06 01:31 -------- d-----w- c:\program files\Innovative Solutions
2011-08-06 01:22 . 2009-12-23 22:36 2831232 ----a-w- c:\windows\system32\drivers\3xHybrid.sys
2011-08-06 01:22 . 2006-08-31 20:51 13824 ----a-w- c:\windows\system32\Ph3xIB32MV.dll
2011-08-06 01:22 . 2005-08-04 16:32 77824 ----a-w- c:\windows\system32\TvRate.dll
2011-08-06 01:21 . 2011-08-06 01:21 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\ParetoLogic
2011-08-06 01:21 . 2011-08-06 01:21 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\DriverCure
2011-08-06 01:20 . 2011-08-08 00:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ParetoLogic
2011-07-27 20:47 . 2009-12-23 22:36 3072 ----a-w- c:\windows\system32\34CoInstaller.dll
2011-07-26 03:54 . 2009-03-25 12:29 130432 ----a-w- c:\windows\system32\drivers\Rtnicxp.sys
2011-07-22 20:51 . 2011-07-22 20:51 94208 ----a-w- c:\windows\system32\dpl100.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-10 21:08 . 2010-08-06 02:06 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-09 21:27 . 2010-08-06 02:09 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-08-08 01:41 . 2010-08-06 01:17 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-08 01:41 . 2010-08-06 01:17 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-07 19:38 . 2010-08-06 03:19 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2011-07-15 13:29 . 2006-03-02 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2006-03-02 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2010-08-06 00:37 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-06-06 11:35 . 2006-03-02 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-25 07:26 . 2009-07-08 08:58 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-05-25 07:26 . 2009-07-08 08:58 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-05-25 07:26 . 2009-07-08 08:58 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-05-25 07:26 . 2009-07-08 08:58 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-05-25 07:26 . 2009-07-08 08:58 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-05-25 07:26 . 2009-07-08 08:58 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-05-25 07:26 . 2009-07-08 08:58 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-05-25 07:26 . 2009-07-08 08:58 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-05-25 07:26 . 2009-07-08 08:58 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-05-25 07:26 . 2009-07-08 08:58 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-05-25 07:26 . 2009-07-08 08:58 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-05-25 07:26 . 2009-07-08 08:58 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-05-25 07:26 . 2009-07-08 08:58 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-05-25 07:26 . 2009-07-08 08:58 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-05-25 07:26 . 2009-07-08 08:58 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-05-25 07:26 . 2009-07-08 08:58 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-05-25 07:26 . 2009-07-08 08:58 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-05-25 07:26 . 2009-07-08 08:58 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-05-25 07:26 . 2009-07-08 08:58 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-05-25 07:26 . 2009-07-08 08:58 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-05-25 07:26 . 2009-07-08 08:58 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-05-25 07:26 . 2009-07-08 08:58 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-05-25 07:26 . 2009-07-08 08:58 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-05-25 07:26 . 2009-07-08 08:58 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-05-25 07:26 . 2009-07-08 08:58 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-05-25 07:26 . 2009-07-08 08:58 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-05-25 07:26 . 2009-07-08 08:58 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-05-25 07:26 . 2009-07-08 08:58 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-05-25 07:25 . 2010-08-06 00:47 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 07:25 . 2010-08-06 00:47 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 07:25 . 2010-08-06 00:47 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-05-25 07:25 . 2010-08-06 00:47 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-05-25 07:25 . 2010-08-06 00:47 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25 . 2010-08-06 00:47 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25 . 2010-08-06 00:47 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25 . 2010-08-06 00:47 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25 . 2010-08-06 00:47 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 07:25 . 2010-08-06 00:47 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 07:25 . 2010-08-06 00:47 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-07-08 07:29 . 2010-08-06 01:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverMax"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2011-07-22 9245096]
"DriverMax_RESTART"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2011-07-22 9245096]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-08-06 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
"SoundMan"="SOUNDMAN.EXE" [2005-07-22 81920]
"CTHelper"="CTHELPER.EXE" [2005-08-07 16384]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-07-11 122880]
"P7131Appl"="c:\program files\ASUS\P7131\Remote Control\P7131RemoteAppl.exe" [2008-07-31 65536]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SetDefaultMIDI"="MIDIDEF.EXE" [2005-08-07 25600]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2010-07-21 14:52 1797008 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-08-06 01:38 399736 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\DVBViewer\\dvbviewer.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 94872]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.1.2011 16:41 810144]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [6.8.2010 2:48 2214504]
R2 RCSERVICE;RCSERVICE;c:\program files\ASUS\P7131\Remote Control\RCService.exe [7.8.2011 21:26 61440]
R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [6.8.2011 3:22 2831232]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [4.6.2009 2:46 171096]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [4.6.2009 2:46 1324120]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [4.6.2009 2:46 72792]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [6.8.2010 6:05 79360]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [4.6.2009 2:46 171096]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [4.6.2009 2:46 1324120]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [4.6.2009 2:46 72792]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [6.8.2010 5:19 12984]
S3 VMHybrid;VMHybrid service;c:\windows\system32\DRIVERS\VMHybrid.sys --> c:\windows\system32\DRIVERS\VMHybrid.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
TCP: DhcpNameServer = 10.0.0.138
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\documents and settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\y00g9nk7.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-TaskTray - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-11 01:22
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTHelper = CTHELPER.EXE?
CTxfiHlp = CTXFIHLP.EXE?
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(5636)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Creative\Shared Files\CTAudSvc.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\windows\system32\CTsvcCDA.EXE
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\nvsvc32.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\RunDLL32.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\windows\SYSTEM32\CTXFISPI.EXE
.
**************************************************************************
.
Celkový čas: 2011-08-11 01:26:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-10 23:26
.
Před spuštěním: Volných bajtů: 143 447 158 784
Po spuštění: Volných bajtů: 144 121 757 696
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 8383B2C8D2E57163E6B52A4A964B1458
chtěl bych poprosit o pomoc
nedávno jsem přestěhoval PC na jiné místo
po zapojení mám neustále problémy s internetem,se zvukem
a nefunguje mi dvb-t nenajde mi žádný kanál asi je něco se síťovou kartou.
Vše občas zafunguje poté se to rozhodí, přestane jít internet,nebo se zpomalí,
musím restartovat comp, někdy to naskočí někdy ne.
občas přestane jít zvuk jedna zvukovka(CREATIVE X-fi)
nefunguje i když diagnostika hlásí vše v poho tak žádný zvuk
přepnul jsem na zvukovku na zákl.desce ale i ta někdy jde, někdy přestane potom zase jde
a občas nezafunguje síťová karta a nejde internet.
Mám podezření na nějaký virus ale nemohu na nic přijít.
Mohl by mi někdo pomoci?
Jirkabj
-----------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:56:02, on 11.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\Program Files\ASUS\P7131\Remote Control\P7131RemoteAppl.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Innovative Solutions\DriverMax\devices.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\ASUS\P7131\Remote Control\RCService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [P7131Appl] C:\Program Files\ASUS\P7131\Remote Control\P7131RemoteAppl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -agent
O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -RESTART
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1177238915-1715567821-839522115-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: RCSERVICE - Unknown owner - C:\Program Files\ASUS\P7131\Remote Control\RCService.exe
--
End of file - 6112 bytes
------------------------------------------------------------------------------------------------------------
ComboFix 11-08-10.03 - Jirka 11.08.2011 1:17.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1587 [GMT 2:00]
Spuštěný z: c:\documents and settings\Jirka\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-10 do 2011-08-10 )))))))))))))))))))))))))))))))
.
.
2011-08-10 02:54 . 2011-08-10 02:54 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\Motive
2011-08-10 02:22 . 2011-08-10 02:22 -------- d-----w- c:\documents and settings\Jirka\Local Settings\Data aplikací\Help
2011-08-10 02:05 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-08-10 02:04 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-08-09 04:16 . 2011-08-09 04:16 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-09 04:13 . 2011-08-09 04:25 -------- d-----w- c:\program files\DVBViewer
2011-08-09 00:14 . 2011-08-09 04:14 -------- d-----w- C:\dvbfix
2011-08-09 00:07 . 2011-08-09 00:07 -------- d-----w- c:\program files\MySQL
2011-08-09 00:07 . 2011-08-09 00:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MySQL
2011-08-09 00:06 . 2011-08-09 00:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Team MediaPortal
2011-08-09 00:05 . 2011-08-09 04:14 -------- d-----w- c:\program files\Team MediaPortal
2011-08-08 18:05 . 2011-08-10 03:10 -------- d-----w- c:\program files\ChrisTV Lite
2011-08-08 18:04 . 2011-08-08 18:04 -------- d-----w- c:\documents and settings\Jirka\Local Settings\Data aplikací\ESET
2011-08-08 10:01 . 2011-08-08 10:01 -------- d-----w- c:\documents and settings\Jirka\Local Settings\Data aplikací\LucasArts
2011-08-08 04:09 . 2011-08-08 04:09 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\Easeware
2011-08-08 01:57 . 2011-08-08 01:57 -------- d--h--w- c:\program files\Creative Installation Information
2011-08-08 01:57 . 2011-08-08 01:57 -------- d-----w- c:\program files\Common Files\Creative
2011-08-08 01:37 . 2009-03-03 18:18 73728 ----a-w- c:\windows\system32\RtNicProp32.dll
2011-08-08 01:37 . 2011-08-08 01:37 -------- d-----w- c:\program files\Realtek
2011-08-08 01:34 . 2011-05-25 07:26 154728 ----a-w- c:\windows\system32\nvsvc32.exe
2011-08-08 01:34 . 2011-05-25 07:26 145000 ----a-w- c:\windows\system32\nvcolor.exe
2011-08-08 01:34 . 2011-05-25 07:26 111208 ----a-w- c:\windows\system32\nvmctray.dll
2011-08-08 01:34 . 2011-05-25 07:26 13895272 ----a-w- c:\windows\system32\nvcpl.dll
2011-08-08 01:34 . 2011-05-25 07:26 54272 ----a-w- c:\windows\system32\nvwddi.dll
2011-08-08 01:34 . 2011-05-25 07:26 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2011-08-08 01:07 . 2011-08-10 21:23 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\ZipGenius
2011-08-08 01:07 . 2011-08-08 01:07 -------- d-----w- c:\program files\ZipGenius 6
2011-08-08 00:05 . 2011-08-08 00:07 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\TrueCrypt
2011-08-08 00:04 . 2011-08-08 00:04 231248 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2011-08-08 00:04 . 2011-08-08 00:08 -------- d-----w- c:\program files\TrueCrypt
2011-08-07 23:39 . 2011-08-07 23:39 388096 ----a-r- c:\documents and settings\Jirka\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-07 23:39 . 2011-08-07 23:39 -------- d-----w- c:\program files\Trend Micro
2011-08-07 23:33 . 2011-08-07 23:33 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\Malwarebytes
2011-08-07 23:32 . 2011-08-07 23:32 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-08-07 23:32 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-07 23:32 . 2011-08-07 23:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-07 23:32 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-07 19:26 . 2011-08-07 19:26 -------- d-----w- c:\program files\ASUS
2011-08-07 19:25 . 2011-08-07 19:25 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-08-07 19:25 . 2005-04-03 21:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2011-08-07 19:25 . 2005-04-03 21:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2011-08-07 19:25 . 2005-04-03 21:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2011-08-07 19:25 . 2005-04-03 21:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2011-08-07 19:25 . 2005-04-03 20:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2011-08-07 19:25 . 2011-08-07 19:25 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2011-08-07 18:34 . 2011-08-07 18:34 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\Creative
2011-08-07 18:18 . 1999-12-12 23:01 44032 ----a-w- c:\windows\system32\CTSVCCDA.EXE
2011-08-07 18:18 . 1999-11-17 23:00 25088 ------w- c:\windows\system32\CTSVCCTL.EXE
2011-08-07 17:46 . 2000-05-10 23:00 90112 ------w- c:\windows\Updreg.EXE
2011-08-07 15:22 . 2011-08-09 04:16 -------- d-----w- c:\documents and settings\Administrator
2011-08-06 16:11 . 2011-08-06 16:11 -------- d-----w- c:\program files\LucasArts
2011-08-06 14:42 . 2008-04-14 03:22 26624 ----a-w- c:\documents and settings\LocalService\Data aplikací\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-08-06 05:09 . 2011-08-06 05:09 -------- d-----w- c:\program files\Windows Media Connect 2
2011-08-06 05:08 . 2011-08-06 05:09 -------- d-----w- c:\windows\system32\drivers\UMDF
2011-08-06 05:08 . 2011-08-06 05:08 -------- d-----w- c:\windows\system32\LogFiles
2011-08-06 04:42 . 2011-08-06 04:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\nView_Profiles
2011-08-06 04:00 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-08-06 03:59 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-08-06 03:59 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-08-06 03:58 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-08-06 03:58 . 2011-02-08 13:33 978944 -c----w- c:\windows\system32\dllcache\mfc42.dll
2011-08-06 03:58 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-08-06 03:53 . 2011-08-06 03:53 -------- d-sh--w- c:\documents and settings\Jirka\IECompatCache
2011-08-06 03:53 . 2011-08-06 03:53 -------- d-sh--w- c:\documents and settings\Jirka\PrivacIE
2011-08-06 03:33 . 2011-08-06 03:33 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2011-08-06 03:24 . 2011-08-06 03:24 -------- d-----w- c:\windows\system32\cs
2011-08-06 03:24 . 2011-08-06 03:24 -------- d-----w- c:\windows\system32\bits
2011-08-06 03:24 . 2011-08-06 03:24 -------- d-----w- c:\windows\l2schemas
2011-08-06 03:19 . 2011-08-06 03:19 -------- d-----w- c:\windows\EHome
2011-08-06 02:55 . 2011-08-06 02:55 -------- d-sh--w- c:\documents and settings\Jirka\IETldCache
2011-08-06 02:51 . 2011-08-06 02:51 -------- d-----w- c:\program files\ESET
2011-08-06 02:51 . 2011-08-06 02:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-08-06 02:48 . 2011-06-23 18:31 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-08-06 02:48 . 2011-06-23 18:31 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-08-06 02:48 . 2011-06-23 18:31 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-08-06 02:48 . 2011-06-23 18:31 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-08-06 02:48 . 2011-06-23 18:31 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-08-06 02:48 . 2011-06-23 18:31 11081728 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-08-06 02:48 . 2011-06-23 18:31 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-08-06 02:48 . 2011-08-06 03:24 -------- d-----w- c:\windows\system32\cs-CZ
2011-08-06 02:48 . 2011-08-06 02:48 -------- dc-h--w- c:\windows\ie8
2011-08-06 02:41 . 2011-08-06 03:23 -------- d-----w- c:\windows\ServicePackFiles
2011-08-06 02:39 . 2004-08-03 20:29 25471 ------w- c:\windows\system32\drivers\watv10nt.sys
2011-08-06 02:29 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-08-06 02:29 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-08-06 02:29 . 2011-02-17 13:18 357888 -c----w- c:\windows\system32\dllcache\srv.sys
2011-08-06 02:28 . 2011-07-15 13:29 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-08-06 02:28 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-08-06 02:28 . 2010-08-27 08:03 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-08-06 02:28 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-08-06 02:28 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-08-06 02:22 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2011-08-06 02:21 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-08-06 02:20 . 2010-07-16 11:58 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
2011-08-06 02:00 . 2009-02-01 00:11 105472 ----a-w- c:\windows\system32\drivers\nvatabus.sys
2011-08-06 02:00 . 2009-02-01 00:11 363008 ----a-w- c:\windows\system32\idecoiins.dll
2011-08-06 01:31 . 2011-08-06 01:31 -------- d-----w- c:\documents and settings\Jirka\Local Settings\Data aplikací\Innovative Solutions
2011-08-06 01:31 . 2011-08-06 01:31 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Innovative Solutions
2011-08-06 01:31 . 2011-08-06 01:31 -------- d-----w- c:\program files\Innovative Solutions
2011-08-06 01:22 . 2009-12-23 22:36 2831232 ----a-w- c:\windows\system32\drivers\3xHybrid.sys
2011-08-06 01:22 . 2006-08-31 20:51 13824 ----a-w- c:\windows\system32\Ph3xIB32MV.dll
2011-08-06 01:22 . 2005-08-04 16:32 77824 ----a-w- c:\windows\system32\TvRate.dll
2011-08-06 01:21 . 2011-08-06 01:21 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\ParetoLogic
2011-08-06 01:21 . 2011-08-06 01:21 -------- d-----w- c:\documents and settings\Jirka\Data aplikací\DriverCure
2011-08-06 01:20 . 2011-08-08 00:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ParetoLogic
2011-07-27 20:47 . 2009-12-23 22:36 3072 ----a-w- c:\windows\system32\34CoInstaller.dll
2011-07-26 03:54 . 2009-03-25 12:29 130432 ----a-w- c:\windows\system32\drivers\Rtnicxp.sys
2011-07-22 20:51 . 2011-07-22 20:51 94208 ----a-w- c:\windows\system32\dpl100.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-10 21:08 . 2010-08-06 02:06 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-09 21:27 . 2010-08-06 02:09 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-08-08 01:41 . 2010-08-06 01:17 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-08-08 01:41 . 2010-08-06 01:17 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-08-07 19:38 . 2010-08-06 03:19 12984 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2011-07-15 13:29 . 2006-03-02 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2006-03-02 12:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-06-24 14:10 . 2010-08-06 00:37 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2011-06-23 18:31 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-06-23 18:31 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-23 18:31 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-06-23 12:05 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-06-06 11:35 . 2006-03-02 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-25 07:26 . 2009-07-08 08:58 274432 ----a-w- c:\windows\system32\nvrspt.dll
2011-05-25 07:26 . 2009-07-08 08:58 270336 ----a-w- c:\windows\system32\nvrsru.dll
2011-05-25 07:26 . 2009-07-08 08:58 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2011-05-25 07:26 . 2009-07-08 08:58 258048 ----a-w- c:\windows\system32\nvrstr.dll
2011-05-25 07:26 . 2009-07-08 08:58 258048 ----a-w- c:\windows\system32\nvrssl.dll
2011-05-25 07:26 . 2009-07-08 08:58 258048 ----a-w- c:\windows\system32\nvrssk.dll
2011-05-25 07:26 . 2009-07-08 08:58 258048 ----a-w- c:\windows\system32\nvrspl.dll
2011-05-25 07:26 . 2009-07-08 08:58 253952 ----a-w- c:\windows\system32\nvrsth.dll
2011-05-25 07:26 . 2009-07-08 08:58 253952 ----a-w- c:\windows\system32\nvrssv.dll
2011-05-25 07:26 . 2009-07-08 08:58 253952 ----a-w- c:\windows\system32\nvrsno.dll
2011-05-25 07:26 . 2009-07-08 08:58 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2011-05-25 07:26 . 2009-07-08 08:58 126976 ----a-w- c:\windows\system32\nvrszht.dll
2011-05-25 07:26 . 2009-07-08 08:58 282624 ----a-w- c:\windows\system32\nvrsit.dll
2011-05-25 07:26 . 2009-07-08 08:58 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2011-05-25 07:26 . 2009-07-08 08:58 270336 ----a-w- c:\windows\system32\nvrsja.dll
2011-05-25 07:26 . 2009-07-08 08:58 266240 ----a-w- c:\windows\system32\nvrsko.dll
2011-05-25 07:26 . 2009-07-08 08:58 262144 ----a-w- c:\windows\system32\nvrshu.dll
2011-05-25 07:26 . 2009-07-08 08:58 331776 ----a-w- c:\windows\system32\nvrshe.dll
2011-05-25 07:26 . 2009-07-08 08:58 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2011-05-25 07:26 . 2009-07-08 08:58 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2011-05-25 07:26 . 2009-07-08 08:58 282624 ----a-w- c:\windows\system32\nvrses.dll
2011-05-25 07:26 . 2009-07-08 08:58 282624 ----a-w- c:\windows\system32\nvrsel.dll
2011-05-25 07:26 . 2009-07-08 08:58 278528 ----a-w- c:\windows\system32\nvrsde.dll
2011-05-25 07:26 . 2009-07-08 08:58 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2011-05-25 07:26 . 2009-07-08 08:58 249856 ----a-w- c:\windows\system32\nvrseng.dll
2011-05-25 07:26 . 2009-07-08 08:58 335872 ----a-w- c:\windows\system32\nvrsar.dll
2011-05-25 07:26 . 2009-07-08 08:58 253952 ----a-w- c:\windows\system32\nvrsda.dll
2011-05-25 07:26 . 2009-07-08 08:58 249856 ----a-w- c:\windows\system32\nvrscs.dll
2011-05-25 07:25 . 2010-08-06 00:47 61440 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-25 07:25 . 2010-08-06 00:47 16068608 ----a-w- c:\windows\system32\nvoglnt.dll
2011-05-25 07:25 . 2010-08-06 00:47 899688 ----a-w- c:\windows\system32\nvdispco3220150.dll
2011-05-25 07:25 . 2010-08-06 00:47 865896 ----a-w- c:\windows\system32\nvgenco322090.dll
2011-05-25 07:25 . 2010-08-06 00:47 2808936 ----a-w- c:\windows\system32\nvcuvid.dll
2011-05-25 07:25 . 2010-08-06 00:47 2082408 ----a-w- c:\windows\system32\nvcuvenc.dll
2011-05-25 07:25 . 2010-08-06 00:47 5332992 ----a-w- c:\windows\system32\nvcuda.dll
2011-05-25 07:25 . 2010-08-06 00:47 13004800 ----a-w- c:\windows\system32\nvcompiler.dll
2011-05-25 07:25 . 2010-08-06 00:47 4198272 ----a-w- c:\windows\system32\nv4_disp.dll
2011-05-25 07:25 . 2010-08-06 00:47 2328576 ----a-w- c:\windows\system32\nvapi.dll
2011-05-25 07:25 . 2010-08-06 00:47 12753664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2011-07-08 07:29 . 2010-08-06 01:34 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DriverMax"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2011-07-22 9245096]
"DriverMax_RESTART"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2011-07-22 9245096]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-08-06 399736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
"SoundMan"="SOUNDMAN.EXE" [2005-07-22 81920]
"CTHelper"="CTHELPER.EXE" [2005-08-07 16384]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-07-11 122880]
"P7131Appl"="c:\program files\ASUS\P7131\Remote Control\P7131RemoteAppl.exe" [2008-07-31 65536]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-05-25 13895272]
"NvMediaCenter"="NvMCTray.dll" [2011-05-25 111208]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-05-04 1632360]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SetDefaultMIDI"="MIDIDEF.EXE" [2005-08-07 25600]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2010-07-21 14:52 1797008 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2010-08-06 01:38 399736 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Logitech\\Vid HD\\Vid.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\DVBViewer\\dvbviewer.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 94872]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.1.2011 16:41 810144]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [6.8.2010 2:48 2214504]
R2 RCSERVICE;RCSERVICE;c:\program files\ASUS\P7131\Remote Control\RCService.exe [7.8.2011 21:26 61440]
R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [6.8.2011 3:22 2831232]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [4.6.2009 2:46 171096]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [4.6.2009 2:46 1324120]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [4.6.2009 2:46 72792]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [6.8.2010 6:05 79360]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [4.6.2009 2:46 171096]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [4.6.2009 2:46 1324120]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [4.6.2009 2:46 72792]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [6.8.2010 5:19 12984]
S3 VMHybrid;VMHybrid service;c:\windows\system32\DRIVERS\VMHybrid.sys --> c:\windows\system32\DRIVERS\VMHybrid.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
TCP: DhcpNameServer = 10.0.0.138
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\documents and settings\Jirka\Data aplikací\Mozilla\Firefox\Profiles\y00g9nk7.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-TaskTray - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-11 01:22
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTHelper = CTHELPER.EXE?
CTxfiHlp = CTXFIHLP.EXE?
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(5636)
c:\windows\TEMP\logishrd\LVPrcInj01.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Creative\Shared Files\CTAudSvc.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\windows\system32\CTsvcCDA.EXE
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\nvsvc32.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\RunDLL32.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\windows\SYSTEM32\CTXFISPI.EXE
.
**************************************************************************
.
Celkový čas: 2011-08-11 01:26:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-10 23:26
.
Před spuštěním: Volných bajtů: 143 447 158 784
Po spuštění: Volných bajtů: 144 121 757 696
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 8383B2C8D2E57163E6B52A4A964B1458
