VIRY.CZ

Chcem nainstalovat avast a my vypise ze mam nedostatok prav-co to je?///////[IMG=http://img690.imageshack.us/img690/804/beznzvusn.th.png][/IMG]

Uploaded with ImageShack.us

Jste přihlášen v profilu s admin právy?

Ako to mam zistit?Stale som tak prihlaseny

Pro WinXP: Start>ovl. panely>uživ. účty>váš účet, pod kterým jste právě přihlášen>zjistit typ účtu.

[IMG=http://img715.imageshack.us/img715/6619/admingny.th.png][/IMG]

Uploaded with ImageShack.us a prikladam aj log z rsit/////Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2011-11-01 20:38:59
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 1 GB (13%) free of 8 GB
Total RAM: 511 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:39:33 , on 1.11.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
E:\panda\Panda USB Vaccine\USBVaccine.exe
C:\WINDOWS\System32\svchost.exe
D:\FIREWALLY\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
E:\Moje Subory\Programy\RSIT.exe
C:\Program Files\Trend Micro\Administrator.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [ZoneAlarm Client] "D:\FIREWALLY\ZoneAlarm\zlclient.exe"
O20 - Winlogon Notify: !SASWinLogon - D:\ANTIVIRY\SuperAntiSpywer\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 2264 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\PandaUSBVaccine.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"=D:\FIREWALLY\ZoneAlarm\zlclient.exe [2011-03-18 1043968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-10-30 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"sdCoreService"=2
"sdAuxService"=2
"sp_rssrv"=2
"cmdAgent"=2
"!SASCORE"=2
"ServiceLayer"=3
"Bonjour Service"=2
"wuauserv"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
D:\ANTIVIRY\SuperAntiSpywer\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=D:\ANTIVIRY\SuperAntiSpywer\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoInstrumentation"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=351
"NoDrives"=0
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"D:\My Download Files\Subory\Skype\Phone\Skype.exe"="D:\My Download Files\Subory\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\My Download Files\Subory\Skype\Plugin Manager\skypePM.exe"="D:\My Download Files\Subory\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Documents and Settings\Administrator\Plocha\Skype.exe"="C:\Documents and Settings\Administrator\Plocha\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=C:\WINDOWS\system32\ir32_32.dll
"vidc.iv32"=C:\WINDOWS\system32\ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=serwvdrv.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.iv50"=ir50_32.dll
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"VIDC.IV41"=IR41_32.AX
"wave2"=wdmaud.drv
"midi"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave4"=serwvdrv.dll

======List of files/folders created in the last 1 month======

2011-11-01 20:38:59 ----D---- C:\rsit
2011-11-01 19:58:45 ----A---- C:\Documents and Settings\All Users\Data aplikací\rebootpending.txt
2011-11-01 15:30:19 ----D---- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
2011-11-01 15:28:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2011-11-01 00:15:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\SUPERAntiSpyware.com
2011-11-01 00:14:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-11-01 00:07:13 ----A---- C:\WINDOWS\ALCFDRTM.EXE
2011-11-01 00:07:01 ----D---- C:\WINDOWS\system32\Lang
2011-10-31 22:55:09 ----A---- C:\WINDOWS\system32\vsregexp.dll
2011-10-31 22:54:49 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2011-10-31 22:54:49 ----A---- C:\WINDOWS\system32\zlcomm.dll
2011-10-31 22:54:37 ----A---- C:\WINDOWS\system32\vswmi.dll
2011-10-31 22:54:32 ----A---- C:\WINDOWS\system32\zpeng25.dll
2011-10-31 22:54:32 ----A---- C:\WINDOWS\system32\vsxml.dll
2011-10-31 22:54:31 ----D---- C:\WINDOWS\system32\ZoneLabs
2011-10-31 22:54:30 ----A---- C:\WINDOWS\system32\vspubapi.dll
2011-10-31 22:54:30 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2011-10-31 22:54:24 ----A---- C:\WINDOWS\system32\vsdatant.sys
2011-10-31 22:53:20 ----A---- C:\WINDOWS\system32\vsdata.dll
2011-10-31 22:53:19 ----A---- C:\WINDOWS\system32\vsinit.dll
2011-10-31 22:53:18 ----A---- C:\WINDOWS\system32\vsutil.dll
2011-10-31 22:41:37 ----D---- C:\WINDOWS\Internet Logs
2011-10-31 21:53:10 ----SHD---- C:\RECYCLER
2011-10-31 15:49:17 ----D---- C:\WINDOWS\temp
2011-10-29 20:31:29 ----D---- C:\Program Files\Windows Sidebar
2011-10-29 20:31:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2011-10-26 16:52:17 ----A---- C:\WINDOWS\AoE2T.ini
2011-10-26 08:41:35 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Opera
2011-10-26 07:10:28 ----D---- C:\Program Files\Google
2011-10-25 18:18:01 ----A---- C:\AILog.txt
2011-10-25 16:47:19 ----D---- C:\Program Files\Microsoft Games
2011-10-16 13:20:03 ----A---- C:\WINDOWS\system32\VGAunistlog.ini

======List of files/folders modified in the last 1 month======

2011-11-01 20:39:33 ----D---- C:\Program Files\Trend Micro
2011-11-01 20:08:05 ----SHD---- C:\System Volume Information
2011-11-01 19:57:32 ----D---- C:\WINDOWS\system32\drivers
2011-11-01 19:56:49 ----D---- C:\WINDOWS
2011-11-01 19:30:07 ----D---- C:\WINDOWS\system32
2011-11-01 16:07:40 ----SHD---- C:\WINDOWS\Installer
2011-11-01 16:07:40 ----D---- C:\Config.Msi
2011-11-01 15:28:08 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-11-01 12:23:26 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Auslogics
2011-11-01 08:34:47 ----D---- C:\WINDOWS\system32\Restore
2011-11-01 08:33:41 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-01 08:30:53 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-11-01 00:30:49 ----ASH---- C:\boot.ini
2011-11-01 00:30:49 ----A---- C:\WINDOWS\win.ini
2011-11-01 00:30:49 ----A---- C:\WINDOWS\system.ini
2011-11-01 00:21:55 ----D---- C:\WINDOWS\Debug
2011-10-31 23:29:19 ----D---- C:\WINDOWS\system32\CatRoot
2011-10-31 23:01:11 ----HD---- C:\WINDOWS\inf
2011-10-31 19:52:03 ----D---- C:\WINDOWS\AppPatch
2011-10-31 19:51:56 ----D---- C:\Program Files\Common Files
2011-10-31 18:10:46 ----D---- C:\WINDOWS\system32\NtmsData
2011-10-31 17:10:12 ----D---- C:\WINDOWS\Registration
2011-10-31 17:02:42 ----D---- C:\WINDOWS\SoftwareDistribution
2011-10-31 17:00:47 ----D---- C:\WINDOWS\system32\config
2011-10-30 15:51:12 ----SD---- C:\WINDOWS\Tasks
2011-10-30 14:44:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-10-30 06:47:51 ----D---- C:\WINDOWS\WinSxS
2011-10-30 06:47:48 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-10-30 06:43:26 ----RD---- C:\Program Files
2011-10-29 22:47:09 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-10-28 04:43:16 ----D---- C:\WINDOWS\system32\drivers\etc
2011-10-26 17:21:02 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-26 17:21:02 ----D---- C:\WINDOWS\assembly
2011-10-26 13:05:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-26 08:07:03 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-26 08:06:32 ----D---- C:\Program Files\Internet Explorer
2011-10-26 08:06:04 ----D---- C:\WINDOWS\ie8updates
2011-10-16 13:45:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Comodo
2011-10-05 09:09:48 ----A---- C:\WINDOWS\system32\MRT.exe
2011-10-03 09:31:24 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 SASDIFSV;SASDIFSV; \??\D:\ANTIVIRY\SuperAntiSpywer\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\D:\ANTIVIRY\SuperAntiSpywer\SASKUTIL.SYS []
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
R2 Fallback;Fallback; C:\WINDOWS\System32\DRIVERS\HSF_FALL.sys [2001-08-17 289887]
R2 Fsks;Fsks; C:\WINDOWS\System32\DRIVERS\HSF_FSKS.sys [2001-08-17 115807]
R2 K56;K56; C:\WINDOWS\System32\DRIVERS\HSF_K56K.sys [2001-08-17 391199]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2004-08-03 11868]
R2 SoftFax;SoftFax; C:\WINDOWS\System32\DRIVERS\HSF_FAXX.sys [2001-08-17 199711]
R2 SpeakerPhone;SpeakerPhone; C:\WINDOWS\System32\DRIVERS\HSF_SPKP.sys [2001-08-17 73279]
R2 Tones;Tones; C:\WINDOWS\System32\DRIVERS\HSF_TONE.sys [2001-08-17 50751]
R2 V124;V124; C:\WINDOWS\System32\DRIVERS\HSF_V124.sys [2001-08-17 488383]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2007-05-14 508288]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 S3SAVAGE4;S3SAVAGE4; C:\WINDOWS\system32\DRIVERS\s3savg4m.sys [2000-08-10 84704]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056]
R4 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys []
R4 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys []
S0 dwshd;dwshd; C:\WINDOWS\system32\drivers\dwshd.sys []
S3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.sys []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\drivers\AmdLLD.sys []
S3 basic2;basic2; C:\WINDOWS\System32\DRIVERS\HSF_BSC2.sys [2001-08-17 67167]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hsf_msft;hsf_msft; C:\WINDOWS\System32\DRIVERS\HSF_MSFT.sys [2001-08-17 542879]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PRODIGY;PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 Rksample;Rksample; C:\WINDOWS\System32\DRIVERS\HSF_SAMP.sys [2001-08-17 57471]
S3 S3SAVAGE4M;S3SAVAGE4M; C:\WINDOWS\System32\DRIVERS\s3sav4m.sys [2001-08-17 77824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2011-03-18 2435592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 !SASCORE;SAS Core Service; D:\ANTIVIRY\SuperAntiSpywer\SASCORE.EXE [2011-08-12 116608]
S4 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Administrator má samozřejmě plná práva. Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

ComboFix 11-11-01.04 - Administrator 01.11.2011 21:11:21.6.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.511.310 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Plocha\ComboFix.exe
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((( Files Created from 2011-10-01 to 2011-11-01 )))))))))))))))))))))))))))))))
.
.
2011-11-01 20:03 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-11-01 20:03 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-01 19:38 . 2011-11-01 19:39 -------- d-----w- C:\rsit
2011-11-01 14:30 . 2011-11-01 14:30 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\TuneUp Software
2011-11-01 14:28 . 2011-11-01 14:31 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TuneUp Software
2011-10-31 23:15 . 2011-10-31 23:15 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\SUPERAntiSpyware.com
2011-10-31 23:14 . 2011-10-31 23:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-10-31 23:07 . 2011-10-31 23:07 60416 ----a-w- c:\windows\ALCFDRTM.EXE
2011-10-31 23:07 . 2011-10-31 23:07 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-10-31 23:07 . 2011-10-31 23:07 -------- d-----w- c:\windows\system32\Lang
2011-10-31 21:54 . 2011-03-18 00:24 69120 ----a-w- c:\windows\system32\zlcomm.dll
2011-10-31 21:54 . 2011-03-18 00:24 104448 ----a-w- c:\windows\system32\zlcommdb.dll
2011-10-31 21:54 . 2011-03-18 00:24 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-10-31 21:54 . 2011-10-31 21:56 -------- d-----w- c:\windows\system32\ZoneLabs
2011-10-31 21:41 . 2011-11-01 20:08 -------- d-----w- c:\windows\Internet Logs
2011-10-30 06:11 . 2011-10-30 07:11 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google
2011-10-29 19:31 . 2011-10-29 19:31 -------- d-----w- c:\program files\Windows Sidebar
2011-10-29 19:31 . 2011-10-30 05:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Norton
2011-10-26 07:41 . 2011-10-30 12:55 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Opera
2011-10-26 06:10 . 2011-10-26 07:23 -------- d-----w- c:\program files\Google
2011-10-25 15:47 . 2011-10-25 15:47 -------- d-----w- c:\program files\Microsoft Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-30 23:21 . 2011-10-30 23:18 5777519 ----a-w- c:\windows\REGBK00.ZIP
2011-10-24 21:37 . 2011-05-30 11:17 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41 . 2008-07-29 18:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-12 12:50 . 2010-08-02 15:22 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-09 09:12 . 2002-09-20 18:03 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-08-22 23:41 . 2002-09-20 18:05 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2002-09-20 18:05 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 23:41 . 2002-09-20 18:04 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 11:56 . 2008-07-07 14:42 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2002-08-29 02:01 138496 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="d:\firewally\ZoneAlarm\zlclient.exe" [2011-03-18 1043968]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\antiviry\SuperAntiSpywer\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- d:\antiviry\SuperAntiSpywer\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0ssbtsr\0SsiEfr.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 03:22 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-10-30 07:09 136176 ----atw- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"sdCoreService"=2 (0x2)
"sdAuxService"=2 (0x2)
"sp_rssrv"=2 (0x2)
"cmdAgent"=2 (0x2)
"!SASCORE"=2 (0x2)
"ServiceLayer"=3 (0x3)
"Bonjour Service"=2 (0x2)
"wuauserv"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SoundMan"=SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\My Download Files\\Subory\\Skype\\Phone\\Skype.exe"=
"d:\\My Download Files\\Subory\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Administrator\\Plocha\\Skype.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
.
R1 SASDIFSV;SASDIFSV;d:\antiviry\SuperAntiSpywer\sasdifsv.sys [22.7.2011 17:27 12880]
R1 SASKUTIL;SASKUTIL;d:\antiviry\SuperAntiSpywer\SASKUTIL.SYS [12.7.2011 22:55 67664]
R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.SYS [14.5.2007 9:26 508288]
R3 S3SAVAGE4;S3SAVAGE4;c:\windows\system32\drivers\s3savg4m.sys [10.8.2000 13:03 84704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [15.5.2011 11:55 32377]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [12.6.2011 15:08 27064]
S3 S3SAVAGE4M;S3SAVAGE4M;c:\windows\system32\drivers\s3sav4m.sys [7.7.2008 17:00 77824]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
S4 !SASCORE;SAS Core Service;d:\antiviry\SuperAntiSpywer\SASCore.exe [12.8.2011 0:38 116608]
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-01 c:\windows\Tasks\PandaUSBVaccine.job
- e:\panda\Panda USB Vaccine\RunInteractiveWin.exe [2011-04-13 14:45]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
TCP: DhcpNameServer = 192.168.100.1
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-01 21:21
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1957994488-1677128483-854245398-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,6e,58,b7,0d,55,62,69,4c,b3,c9,46,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b3,22,01,3a,f3,8c,ea,4d,8d,d2,45,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,57,fe,94,e8,f9,a9,65,49,b0,f4,f4,\
.
[HKEY_LOCAL_MACHINE\software\AVAST Software]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(716)
d:\antiviry\SuperAntiSpywer\SASWINLO.DLL
.
- - - - - - - > 'explorer.exe'(1632)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-11-01 21:25:44
ComboFix-quarantined-files.txt 2011-11-01 20:25
.
Pre-Run: 942 567 424
Post-Run: 888 770 560
.
- - End Of File - - AA30789B207A668CAFBADACBAF9CF077

Zas som skusal nainstalovat avast a stale to iste.

Serem na to instalujem Eset.Aj tak diky.

Nic tam není. Je divné, proč to PC hlásí. Místo Esetu, která je 30ti denní trial, bych nainstaloval Aviru: http://www.avira.com/en/avira-free-antivirus .

Skusim eset 30 dni a potom uvidim,aj tak by som radsej Avasta.

No uz naviem co mam robit,ved ja som spravca,a stale iba pri instalacii avasta nie.

Ještě uděláme jeden pokus. Otevřte poznámkový blok a zkopírujte do něj:

Reglockdel::
[HKEY_LOCAL_MACHINE\software\AVAST Software]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

ComboFix 11-11-02.01 - Administrator 02.11.2011 15:58:03.7.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.511.231 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Plocha\CFScript.txt..txt
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((( Files Created from 2011-10-02 to 2011-11-02 )))))))))))))))))))))))))))))))
.
.
2011-11-02 04:09 . 2008-04-14 04:22 152064 -c--a-w- c:\windows\system32\dllcache\irftp.exe
2011-11-02 04:09 . 2008-04-13 19:54 88192 -c--a-w- c:\windows\system32\dllcache\irda.sys
2011-11-02 04:07 . 2008-04-13 19:39 206976 -c--a-w- c:\windows\system32\dllcache\dot4.sys
2011-11-01 22:22 . 2011-11-01 22:22 -------- d-----w- C:\TDSSKiller_Quarantine
2011-11-01 21:38 . 2011-11-01 21:38 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-11-01 20:03 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-11-01 20:03 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-01 19:38 . 2011-11-01 19:39 -------- d-----w- C:\rsit
2011-11-01 14:30 . 2011-11-01 14:30 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\TuneUp Software
2011-11-01 14:28 . 2011-11-01 14:31 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TuneUp Software
2011-10-31 23:15 . 2011-10-31 23:15 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\SUPERAntiSpyware.com
2011-10-31 23:14 . 2011-10-31 23:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-10-31 23:07 . 2011-10-31 23:07 60416 ----a-w- c:\windows\ALCFDRTM.EXE
2011-10-31 23:07 . 2011-10-31 23:07 60416 ----a-w- c:\windows\ALCFDRTM.VER
2011-10-31 23:07 . 2011-10-31 23:07 -------- d-----w- c:\windows\system32\Lang
2011-10-31 21:54 . 2011-03-18 00:24 69120 ----a-w- c:\windows\system32\zlcomm.dll
2011-10-31 21:54 . 2011-03-18 00:24 104448 ----a-w- c:\windows\system32\zlcommdb.dll
2011-10-31 21:54 . 2011-03-18 00:24 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-10-31 21:54 . 2011-10-31 21:56 -------- d-----w- c:\windows\system32\ZoneLabs
2011-10-31 21:41 . 2011-11-02 14:51 -------- d-----w- c:\windows\Internet Logs
2011-10-30 06:11 . 2011-10-30 07:11 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google
2011-10-29 19:31 . 2011-10-29 19:31 -------- d-----w- c:\program files\Windows Sidebar
2011-10-29 19:31 . 2011-10-30 05:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Norton
2011-10-26 07:41 . 2011-10-30 12:55 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Opera
2011-10-26 06:10 . 2011-10-26 07:23 -------- d-----w- c:\program files\Google
2011-10-25 15:47 . 2011-10-25 15:47 -------- d-----w- c:\program files\Microsoft Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-30 23:21 . 2011-10-30 23:18 5777519 ----a-w- c:\windows\REGBK00.ZIP
2011-10-24 21:37 . 2011-05-30 11:17 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-26 09:41 . 2008-07-29 18:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 12:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-12 12:50 . 2010-08-02 15:22 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-09 09:12 . 2002-09-20 18:03 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-08-22 23:41 . 2002-09-20 18:05 916480 ----a-w- c:\windows\system32\wininet.dll
2011-08-22 23:41 . 2002-09-20 18:05 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-08-22 23:41 . 2002-09-20 18:04 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-08-22 11:56 . 2008-07-07 14:42 385024 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2002-08-29 02:01 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-09 13:24 . 2011-08-09 13:24 154136 ----a-w- c:\windows\system32\drivers\eamon.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-01_20.21.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2001-10-25 12:00 . 2008-04-14 03:21 49152 c:\windows\system32\mqupgrd.dll
+ 2002-09-20 18:04 . 2008-04-14 03:21 95744 c:\windows\system32\mqsec.dll
- 2002-09-20 18:04 . 2009-06-25 18:37 95744 c:\windows\system32\mqsec.dll
+ 2002-09-20 18:04 . 2008-04-14 03:21 16896 c:\windows\system32\mqise.dll
- 2002-09-20 18:04 . 2009-06-25 18:37 16896 c:\windows\system32\mqise.dll
+ 2001-10-25 12:00 . 2008-04-14 03:21 47616 c:\windows\system32\mqdscli.dll
+ 2001-10-25 12:00 . 2008-04-14 03:22 19968 c:\windows\system32\mqbkup.exe
- 2001-10-25 12:00 . 2009-06-22 11:49 19968 c:\windows\system32\mqbkup.exe
+ 2008-07-07 16:04 . 2008-04-13 19:45 56576 c:\windows\system32\drivers\swmidi.sys
+ 2002-08-29 01:45 . 2008-04-13 18:39 92544 c:\windows\system32\drivers\mqac.sys
+ 2001-10-25 12:00 . 2008-04-14 03:22 16896 c:\windows\system32\dllcache\upnpcont.exe
- 2011-04-24 08:47 . 2001-10-24 10:24 66048 c:\windows\system32\dllcache\s3legacy.dll
+ 2011-04-24 08:47 . 2001-10-24 11:24 66048 c:\windows\system32\dllcache\s3legacy.dll
- 2011-04-24 09:02 . 2001-08-17 19:52 40448 c:\windows\system32\dllcache\ql1240.sys
+ 2011-04-24 09:02 . 2001-08-17 20:52 40448 c:\windows\system32\dllcache\ql1240.sys
- 2011-04-24 09:02 . 2001-08-17 19:52 45312 c:\windows\system32\dllcache\ql12160.sys
+ 2011-04-24 09:02 . 2001-08-17 20:52 45312 c:\windows\system32\dllcache\ql12160.sys
+ 2011-05-05 07:25 . 2008-04-14 03:21 61440 c:\windows\system32\dllcache\kmsvc.dll
+ 2002-09-20 17:40 . 2008-04-14 02:29 24576 c:\windows\system32\dllcache\kbdclass.sys
- 2011-04-24 08:57 . 2001-08-17 19:49 23552 c:\windows\system32\dllcache\irmk7.sys
+ 2011-04-24 08:57 . 2001-08-17 20:49 23552 c:\windows\system32\dllcache\irmk7.sys
+ 2008-07-07 15:57 . 2008-04-13 18:54 11264 c:\windows\system32\dllcache\irenum.sys
- 2011-04-24 08:56 . 2001-08-17 20:06 38528 c:\windows\system32\dllcache\ibmvcap.sys
+ 2011-04-24 08:56 . 2001-08-17 21:06 38528 c:\windows\system32\dllcache\ibmvcap.sys
+ 2011-04-24 08:56 . 2001-08-17 19:11 28700 c:\windows\system32\dllcache\ibmexmp.sys
- 2011-04-24 08:56 . 2001-08-17 18:11 28700 c:\windows\system32\dllcache\ibmexmp.sys
- 2011-04-24 08:55 . 2001-10-24 10:24 68608 c:\windows\system32\dllcache\hpgt53tk.dll
+ 2011-04-24 08:55 . 2001-10-24 11:24 68608 c:\windows\system32\dllcache\hpgt53tk.dll
- 2011-04-24 08:54 . 2001-08-17 18:10 25159 c:\windows\system32\dllcache\elnk3.sys
+ 2011-04-24 08:54 . 2001-08-17 19:10 25159 c:\windows\system32\dllcache\elnk3.sys
+ 2011-04-24 08:54 . 2001-08-17 19:11 70174 c:\windows\system32\dllcache\el98xn5.sys
- 2011-04-24 08:54 . 2001-08-17 18:11 70174 c:\windows\system32\dllcache\el98xn5.sys
+ 2001-10-25 12:00 . 2008-04-14 03:22 64000 c:\windows\system32\dllcache\drvqry.exe
+ 2008-07-07 16:00 . 2004-08-03 21:08 60288 c:\windows\system32\dllcache\drmk.sys
+ 2001-10-25 12:00 . 2008-04-14 03:21 23552 c:\windows\system32\dllcache\dpmodemx.dll
+ 2001-10-25 12:00 . 2008-04-14 03:22 29696 c:\windows\system32\dllcache\dplaysvr.exe
+ 2011-04-24 08:53 . 2001-08-17 19:12 28062 c:\windows\system32\dllcache\dp83820.sys
- 2011-04-24 08:53 . 2001-08-17 18:12 28062 c:\windows\system32\dllcache\dp83820.sys
+ 2011-04-24 08:53 . 2001-10-24 10:43 23808 c:\windows\system32\dllcache\dot4usb.sys
- 2011-04-24 08:53 . 2001-10-24 09:43 23808 c:\windows\system32\dllcache\dot4usb.sys
+ 2011-04-24 08:53 . 2001-08-17 20:47 12928 c:\windows\system32\dllcache\dot4prt.sys
- 2011-04-24 08:53 . 2001-08-17 19:47 12928 c:\windows\system32\dllcache\dot4prt.sys
+ 2002-08-29 01:58 . 2008-04-13 19:14 63744 c:\windows\system32\dllcache\cdfs.sys
- 2011-04-24 08:50 . 2001-08-17 19:12 60416 c:\windows\system32\dllcache\brserwdm.sys
+ 2011-04-24 08:50 . 2001-08-17 20:12 60416 c:\windows\system32\dllcache\brserwdm.sys
- 2011-04-24 08:50 . 2001-10-24 09:49 39552 c:\windows\system32\dllcache\brparwdm.sys
+ 2011-04-24 08:50 . 2001-10-24 10:49 39552 c:\windows\system32\dllcache\brparwdm.sys
+ 2011-04-24 08:50 . 2001-08-17 20:12 12160 c:\windows\system32\dllcache\brfiltlo.sys
- 2011-04-24 08:50 . 2001-08-17 19:12 12160 c:\windows\system32\dllcache\brfiltlo.sys
- 2011-04-24 08:50 . 2001-10-24 10:24 12800 c:\windows\system32\dllcache\brevif.dll
+ 2011-04-24 08:50 . 2001-10-24 11:24 12800 c:\windows\system32\dllcache\brevif.dll
+ 2011-04-24 08:50 . 2001-10-24 11:24 19456 c:\windows\system32\dllcache\brbidiif.dll
- 2011-04-24 08:50 . 2001-10-24 10:24 19456 c:\windows\system32\dllcache\brbidiif.dll
+ 2011-11-01 21:41 . 2011-11-01 21:41 10134 c:\windows\Installer\{CDE29BFE-2E17-47BE-95DA-10198320A0B9}\callmsi.exe
- 2011-04-25 16:26 . 2011-11-01 07:50 4212 c:\windows\system32\zllictbl.dat
+ 2011-04-25 16:26 . 2011-11-02 05:11 4212 c:\windows\system32\zllictbl.dat
- 2001-10-25 12:00 . 2009-06-22 11:49 4608 c:\windows\system32\mqsvc.exe
+ 2001-10-25 12:00 . 2008-04-14 03:22 4608 c:\windows\system32\mqsvc.exe
+ 2001-10-25 12:00 . 2001-10-25 12:00 4463 c:\windows\system32\dllcache\oembios.dat
+ 2011-05-05 07:25 . 2008-04-14 03:18 6144 c:\windows\system32\dllcache\kbdax2.dll
+ 2011-04-24 08:56 . 2001-10-24 11:23 9728 c:\windows\system32\dllcache\ibmsgnet.dll
- 2011-04-24 08:56 . 2001-10-24 10:23 9728 c:\windows\system32\dllcache\ibmsgnet.dll
+ 2011-04-24 08:54 . 2001-08-17 20:53 7296 c:\windows\system32\dllcache\elmsmc.sys
- 2011-04-24 08:54 . 2001-08-17 19:53 7296 c:\windows\system32\dllcache\elmsmc.sys
+ 2008-07-07 16:04 . 2004-08-03 21:07 2944 c:\windows\system32\dllcache\drmkaud.sys
+ 2001-10-25 12:00 . 2008-04-14 03:10 3072 c:\windows\system32\dllcache\dpnaddr.dll
- 2011-04-24 08:53 . 2001-08-17 19:47 8704 c:\windows\system32\dllcache\dot4scan.sys
+ 2011-04-24 08:53 . 2001-08-17 20:47 8704 c:\windows\system32\dllcache\dot4scan.sys
+ 2011-04-24 08:51 . 2001-08-17 20:52 7680 c:\windows\system32\dllcache\cd20xrnt.sys
- 2011-04-24 08:51 . 2001-08-17 19:52 7680 c:\windows\system32\dllcache\cd20xrnt.sys
- 2011-04-24 08:50 . 2001-10-24 10:24 9728 c:\windows\system32\dllcache\brserif.dll
+ 2011-04-24 08:50 . 2001-10-24 11:24 9728 c:\windows\system32\dllcache\brserif.dll
+ 2011-04-24 08:50 . 2001-10-24 11:24 5120 c:\windows\system32\dllcache\brscnrsm.dll
- 2011-04-24 08:50 . 2001-10-24 10:24 5120 c:\windows\system32\dllcache\brscnrsm.dll
- 2011-04-24 08:50 . 2001-10-24 10:24 9728 c:\windows\system32\dllcache\brcoinst.dll
+ 2011-04-24 08:50 . 2001-10-24 11:24 9728 c:\windows\system32\dllcache\brcoinst.dll
- 2011-09-17 15:51 . 2011-11-01 20:05 2836 c:\windows\system32\d3d9caps.dat
+ 2011-09-17 15:51 . 2011-11-02 04:50 2836 c:\windows\system32\d3d9caps.dat
+ 2002-09-20 18:04 . 2008-04-14 03:21 170496 c:\windows\system32\Setup\msmqocm.dll
- 2002-09-20 18:04 . 2009-06-25 18:37 489472 c:\windows\system32\mqutil.dll
+ 2002-09-20 18:04 . 2008-04-14 03:21 489472 c:\windows\system32\mqutil.dll
+ 2002-09-20 18:04 . 2008-04-14 03:21 187392 c:\windows\system32\mqtrig.dll
- 2001-10-25 12:00 . 2009-06-22 11:49 117248 c:\windows\system32\mqtgsvc.exe
+ 2001-10-25 12:00 . 2008-04-14 03:22 117248 c:\windows\system32\mqtgsvc.exe
+ 2002-09-20 18:04 . 2008-04-14 03:21 517632 c:\windows\system32\mqsnap.dll
+ 2001-10-25 12:00 . 2008-04-14 03:21 123904 c:\windows\system32\mqrtdep.dll
+ 2002-09-20 18:04 . 2008-04-14 03:21 177152 c:\windows\system32\mqrt.dll
- 2002-09-20 18:04 . 2009-06-25 18:37 177152 c:\windows\system32\mqrt.dll
+ 2002-09-20 18:04 . 2008-04-14 03:21 663040 c:\windows\system32\mqqm.dll
+ 2001-10-25 12:00 . 2008-04-14 03:21 225280 c:\windows\system32\mqoa.dll
- 2001-10-25 12:00 . 2009-06-25 18:37 225280 c:\windows\system32\mqoa.dll
+ 2002-09-20 18:04 . 2008-04-14 03:21 138240 c:\windows\system32\mqad.dll
- 2002-09-20 18:04 . 2009-06-25 18:37 138240 c:\windows\system32\mqad.dll
- 2011-11-01 20:00 . 2011-11-01 20:00 138056 c:\windows\system32\FNTCACHE.DAT
+ 2011-11-02 05:18 . 2011-11-02 05:18 138056 c:\windows\system32\FNTCACHE.DAT
+ 2011-08-04 08:20 . 2011-08-04 08:20 103112 c:\windows\system32\drivers\epfwtdir.sys
+ 2011-08-04 08:20 . 2011-08-04 08:20 118104 c:\windows\system32\drivers\ehdrv.sys
+ 2002-09-20 18:04 . 2008-04-14 03:22 186368 c:\windows\system32\dllcache\upnphost.dll
- 2011-04-24 09:00 . 2001-08-17 18:50 198144 c:\windows\system32\dllcache\nv3.sys
+ 2011-04-24 09:00 . 2001-08-17 19:50 198144 c:\windows\system32\dllcache\nv3.sys
+ 2011-04-24 09:00 . 2001-10-24 11:24 123776 c:\windows\system32\dllcache\nv3.dll
- 2011-04-24 09:00 . 2001-10-24 10:24 123776 c:\windows\system32\dllcache\nv3.dll
+ 2011-04-24 09:00 . 2004-08-17 14:45 132695 c:\windows\system32\dllcache\netwlan5.sys
- 2011-04-24 09:00 . 2004-08-17 13:45 132695 c:\windows\system32\dllcache\netwlan5.sys
+ 2008-07-07 16:04 . 2004-08-03 21:07 171776 c:\windows\system32\dllcache\kmixer.sys
+ 2001-10-25 12:00 . 2008-04-14 03:21 151552 c:\windows\system32\dllcache\keymgr.dll
+ 2002-09-20 18:04 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll
- 2009-06-25 08:27 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll
- 2010-01-29 15:01 . 2011-05-02 15:32 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2008-07-07 14:13 . 2011-05-02 15:32 692736 c:\windows\system32\dllcache\inetcomm.dll
+ 2008-07-07 14:13 . 2008-04-14 03:21 274432 c:\windows\system32\dllcache\inetcfg.dll
+ 2008-07-07 14:13 . 2009-03-08 12:09 638816 c:\windows\system32\dllcache\iexplore.exe
- 2009-03-08 12:09 . 2009-03-08 12:09 638816 c:\windows\system32\dllcache\iexplore.exe
- 2011-04-24 08:56 . 2001-08-17 18:12 109085 c:\windows\system32\dllcache\ibmtrp.sys
+ 2011-04-24 08:56 . 2001-08-17 19:12 109085 c:\windows\system32\dllcache\ibmtrp.sys
- 2011-04-24 08:56 . 2001-08-17 18:12 100936 c:\windows\system32\dllcache\ibmtok.sys
+ 2011-04-24 08:56 . 2001-08-17 19:12 100936 c:\windows\system32\dllcache\ibmtok.sys
+ 2008-07-07 14:11 . 2009-02-09 10:56 473600 c:\windows\system32\dllcache\fastprox.dll
- 2011-05-11 17:58 . 2009-02-09 10:56 473600 c:\windows\system32\dllcache\fastprox.dll
+ 2002-09-20 18:03 . 2008-04-14 03:21 185344 c:\windows\system32\dllcache\els.dll
- 2011-04-24 08:54 . 2001-10-24 09:48 173568 c:\windows\system32\dllcache\el99xn51.sys
+ 2011-04-24 08:54 . 2001-10-24 10:48 173568 c:\windows\system32\dllcache\el99xn51.sys
+ 2002-09-20 18:03 . 2008-04-14 03:21 375296 c:\windows\system32\dllcache\dpnet.dll
+ 2001-10-25 12:00 . 2008-04-14 03:21 229888 c:\windows\system32\dllcache\dplayx.dll
- 2011-05-05 07:25 . 2008-04-14 03:19 102912 c:\windows\system32\dllcache\dpcdll.dll
+ 2002-09-20 17:55 . 2008-04-14 03:19 102912 c:\windows\system32\dllcache\dpcdll.dll
+ 2011-05-05 07:22 . 2008-04-14 03:21 651264 c:\windows\system32\dllcache\dot3ui.dll
- 2011-04-24 08:53 . 2001-08-17 18:14 952007 c:\windows\system32\dllcache\diwan.sys
+ 2011-04-24 08:53 . 2001-08-17 19:14 952007 c:\windows\system32\dllcache\diwan.sys
+ 2002-09-20 18:03 . 2008-04-14 03:21 113664 c:\windows\system32\dllcache\dgnet.dll
+ 2001-10-25 12:00 . 2008-04-14 03:21 151552 c:\windows\system32\dllcache\cdfview.dll
+ 2011-11-01 21:41 . 2011-11-01 21:41 105624 c:\windows\Installer\{CDE29BFE-2E17-47BE-95DA-10198320A0B9}\egui.exe
+ 2008-07-07 14:42 . 2008-04-14 03:21 2113536 c:\windows\system32\dllcache\dxdiagn.dll
+ 2002-09-20 18:05 . 2008-04-14 03:22 1298432 c:\windows\system32\dllcache\dxdiag.exe
+ 2008-07-07 14:42 . 2008-04-14 03:21 1689088 c:\windows\system32\dllcache\d3d9.dll
+ 2001-10-25 12:00 . 2008-04-14 03:21 2091520 c:\windows\system32\dllcache\cdosys.dll
+ 2011-11-01 21:41 . 2011-11-01 21:41 1033728 c:\windows\Installer\539d7a.msi
+ 2001-10-25 12:00 . 2001-10-25 12:00 13107200 c:\windows\system32\dllcache\oembios.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="d:\firewally\ZoneAlarm\zlclient.exe" [2011-03-18 1043968]
"egui"="d:\antiviry\Eset\egui.exe" [2011-09-22 3080264]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\antiviry\SuperAntiSpywer\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- d:\antiviry\SuperAntiSpywer\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0ssbtsr\0SsiEfr.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-10-30 07:09 136176 ----atw- c:\documents and settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"sdCoreService"=2 (0x2)
"sdAuxService"=2 (0x2)
"sp_rssrv"=2 (0x2)
"cmdAgent"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SoundMan"=SOUNDMAN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\My Download Files\\Subory\\Skype\\Phone\\Skype.exe"=
"d:\\My Download Files\\Subory\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Administrator\\Plocha\\Skype.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4.8.2011 9:20 118104]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [4.8.2011 9:20 103112]
R1 SASDIFSV;SASDIFSV;d:\antiviry\SuperAntiSpywer\sasdifsv.sys [22.7.2011 17:27 12880]
R1 SASKUTIL;SASKUTIL;d:\antiviry\SuperAntiSpywer\SASKUTIL.SYS [12.7.2011 22:55 67664]
R2 ekrn;ESET Service;d:\antiviry\Eset\ekrn.exe [22.9.2011 12:03 974944]
R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.SYS [14.5.2007 9:26 508288]
R3 S3SAVAGE4;S3SAVAGE4;c:\windows\system32\drivers\s3savg4m.sys [10.8.2000 13:03 84704]
S2 !SASCORE;SAS Core Service;d:\antiviry\SuperAntiSpywer\SASCore.exe [12.8.2011 0:38 116608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [15.5.2011 11:55 32377]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [12.6.2011 15:08 27064]
S3 S3SAVAGE4M;S3SAVAGE4M;c:\windows\system32\drivers\s3sav4m.sys [7.7.2008 17:00 77824]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-02 c:\windows\Tasks\PandaUSBVaccine.job
- e:\panda\Panda USB Vaccine\RunInteractiveWin.exe [2011-04-13 14:45]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
TCP: DhcpNameServer = 192.168.100.1
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-02 16:09
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1957994488-1677128483-854245398-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,6e,58,b7,0d,55,62,69,4c,b3,c9,46,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b3,22,01,3a,f3,8c,ea,4d,8d,d2,45,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,57,fe,94,e8,f9,a9,65,49,b0,f4,f4,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(720)
d:\antiviry\SuperAntiSpywer\SASWINLO.DLL
.
- - - - - - - > 'explorer.exe'(2368)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-11-02 16:13:01
ComboFix-quarantined-files.txt 2011-11-02 15:12
ComboFix2.txt 2011-11-01 20:25
.
Pre-Run: 440 655 872
Post-Run: 422 006 784
.
- - End Of File - - 6C6AA907D29ABF29280780F025301C2B

Dakujem ste super,aka bola chyba?-virus?Uz to funguje,uz ho mam nainstalovany

VIRY.CZ

Nedostatek prav

Nedostatek prav

Re: Nedostatek prav

Re: Nedostatek prav

Re: Nedostatek prav

Re: Nedostatek prav

Re: Nedostatek prav

Re: Nedostatek prav

Re: Nedostatek prav

Re: Nedostatek prav

Re: Nedostatek prav

Re: Nedostatek prav

Re: Nedostatek prav

Re: Nedostatek prav

Re: Nedostatek prav

Re: Nedostatek prav