VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

PROSIM O KONTROLU LOGU

https://forum.viry.cz:443/viewtopic.php?t=124087

Stránka 1 z 2

PROSIM O KONTROLU LOGU

Napsal: 03 zář 2012 01:30
od tien
RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spustené v : Núdzový režim s prácou v sieti
Užívateľ : ASUS [Práva Správcu]
Režim : Kontrola -- Dátum : 09/03/2012 01:57:28

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 8 ¤¤¤
[RUN][Rogue.AntiSpy-ST] HKCU\[...]\RunOnce : 036DFF4200078C0CCCFD0D387B07D329 (C:\Documents and

Settings\All Users\Application

Data\036DFF4200078C0CCCFD0D387B07D329\036DFF4200078C0CCCFD0D387B07D329.exe) -> NÁJDENÉ
[RUN][Rogue.AntiSpy-ST] HKUS\S-1-5-21-1581970200-332233566-2602220850-1006[...]\RunOnce :

036DFF4200078C0CCCFD0D387B07D329 (C:\Documents and Settings\All Users\Application

Data\036DFF4200078C0CCCFD0D387B07D329\036DFF4200078C0CCCFD0D387B07D329.exe) -> NÁJDENÉ
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (127.0.0.1:64202) -> NÁJDENÉ
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> NÁJDENÉ
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> NÁJDENÉ
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> NÁJDENÉ
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NÁJDENÉ
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NÁJDENÉ

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Nákaza : Rogue.AntiSpy-ST ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545016B9A300 +++++
--- User ---
[MBR] a8a63e7a9effb6133efa773f9057a10e
[BSP] 36a3ca6c4ea3ea92f9f61c5c4f7fea10 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 81925 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 167782860 | Size: 63648 Mo
2 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 298134270 | Size: 7004 Mo
3 - [XXXXXX] UNKNOWN (0xef) [VISIBLE] Offset (sectors): 312480315 | Size: 47 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[1].txt >>
RKreport[1].txt

Re: PROSIM O KONTROLU LOGU

Napsal: 03 zář 2012 02:00
od tien
Malwarebytes Anti-Malware (Skúšobná verzia) 1.62.0.1300
www.malwarebytes.org

Verzia databázy: v2012.09.02.06

Windows XP Service Pack 3 x86 NTFS (Núdzoví režim/Sieť)
Internet Explorer 8.0.6001.18702
ASUS :: YOUR-HM9IZS4TQ7 [administrátor]

Ochrana: Vypnuté

3.9.2012 2:42:26
mbam-log-2012-09-03 (02-57-30).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 223097
Uplynutý čas: 8 min, 58 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Platinum (Trojan.LameShield) -> Žiadna úloha nevykonaná.
HKCR\CLSID\{b33ee05e-0e9f-5672-5ac7-4fedac3dbf5c} (Adware.Ezula) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.

Detegované registračné hodnoty: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|036DFF4200078C0CCCFD0D387B07D329 (Trojan.LameShield) -> Dáta: C:\Documents and Settings\All Users\Application Data\036DFF4200078C0CCCFD0D387B07D329\036DFF4200078C0CCCFD0D387B07D329.exe -> Žiadna úloha nevykonaná.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Hijack.Shell.Gen) -> Dáta: explorer.exe,C:\Documents and Settings\ASUS\Application Data\dwm.exe -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Taskman (Worm.Palevo) -> Dáta: C:\Documents and Settings\ASUS\Application Data\sbqh.exe -> Žiadna úloha nevykonaná.

Detegované položky registračných dát: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Škodlivý: (1) Dobrý: (0) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Škodlivý: (1) Dobrý: (0) -> Žiadna úloha nevykonaná.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Škodlivý: (1) Dobrý: (0) -> Žiadna úloha nevykonaná.

Detegované priečinky: 5
C:\Documents and Settings\ASUS\Start Menu\Programs\Live Security Platinum (Rogue.LiveSecurityPlatinum) -> Žiadna úloha nevykonaná.
C:\Program Files\FunWebProducts (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\FunWebProducts\Installr (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\FunWebProducts\Installr\1.bin (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.
C:\Program Files\FunWebProducts\Installr\1.bin\chrome (PUP.MyWebSearch) -> Žiadna úloha nevykonaná.

Detegované súbory: 3
C:\Documents and Settings\All Users\Application Data\036DFF4200078C0CCCFD0D387B07D329\036DFF4200078C0CCCFD0D387B07D329.exe (Trojan.LameShield) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\ASUS\Desktop\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Žiadna úloha nevykonaná.
C:\Documents and Settings\ASUS\Start Menu\Programs\Live Security Platinum\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Žiadna úloha nevykonaná.

(koniec)

Re: PROSIM O KONTROLU LOGU

Napsal: 03 zář 2012 05:50
od vyosek
Zdravim a pekny den preji :)

:arrow: Spustte znovu RogueKiller
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
  • Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
:arrow: Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com :arrow: Aplikujte exeHelper by Raktor :arrow: Dejte log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

Re: PROSIM O KONTROLU LOGU

Napsal: 03 zář 2012 07:09
od tien
RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spustené v : Núdzový režim s prácou v sieti
Užívateľ : ASUS [Práva Správcu]
Režim : Odebrať -- Dátum : 09/03/2012 08:05:49

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 7 ¤¤¤
[RUN][Rogue.AntiSpy-ST] HKCU\[...]\RunOnce : 036DFF4200078C0CCCFD0D387B07D329 (C:\Documents and Settings\All Users\Application Data\036DFF4200078C0CCCFD0D387B07D329\036DFF4200078C0CCCFD0D387B07D329.exe) -> VYMAZANÉ
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (127.0.0.1:64202) -> NEBOLO ODSTRÁNENÉ, POUŽITE PROXYFIX
[HJ] HKLM\[...]\Security Center : AntiVirusDisableNotify (1) -> NAHRADENÉ (0)
[HJ] HKLM\[...]\Security Center : FirewallDisableNotify (1) -> NAHRADENÉ (0)
[HJ] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> NAHRADENÉ (0)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> NAHRADENÉ (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRADENÉ (0)

¤¤¤ Zvláštne súbory / Adresáre: ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Nákaza : Rogue.AntiSpy-ST ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545016B9A300 +++++
--- User ---
[MBR] a8a63e7a9effb6133efa773f9057a10e
[BSP] 36a3ca6c4ea3ea92f9f61c5c4f7fea10 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 81925 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 167782860 | Size: 63648 Mo
2 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 298134270 | Size: 7004 Mo
3 - [XXXXXX] UNKNOWN (0xef) [VISIBLE] Offset (sectors): 312480315 | Size: 47 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončené : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

Re: PROSIM O KONTROLU LOGU

Napsal: 03 zář 2012 07:10
od tien
RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spustené v : Núdzový režim s prácou v sieti
Užívateľ : ASUS [Práva Správcu]
Režim : Oprava HOSTS -- Dátum : 09/03/2012 08:09:34

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 0 ¤¤¤

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Súbor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončené : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

Re: PROSIM O KONTROLU LOGU

Napsal: 03 zář 2012 07:14
od tien
exeHelper by Raktor
Build 20100414
Run at 08:12:36 on 09/03/12
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

Re: PROSIM O KONTROLU LOGU

Napsal: 03 zář 2012 07:20
od tien
Logfile of random's system information tool 1.09 (written by random/random)
Run by ASUS at 2012-09-03 08:16:14
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (9%) free of 82 GB
Total RAM: 895 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:16:18, on 3.9.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\ASUS\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\ASUS.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:64202
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [LiveUpdate] C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Corel File Shell Monitor] c:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
O4 - HKLM\..\Run: [Standby] "c:\Program Files\Common Files\Corel\Standby\Standby.exe" -START
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKUS\S-1-5-21-1581970200-332233566-2602220850-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Administrator')
O4 - HKUS\S-1-5-21-1581970200-332233566-2602220850-500\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe (User 'Administrator')
O4 - HKUS\S-1-5-21-1581970200-332233566-2602220850-500\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Administrator')
O4 - HKUS\S-1-5-21-1581970200-332233566-2602220850-500\..\RunOnce: [avg_spchecker] "C:\Program Files\AVG\AVG8\Notification\SPChecker.exe" /start (User 'Administrator')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

--
End of file - 8932 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\ASUS\Application Data\Mozilla\Firefox\Profiles\nqyamxvt.default

prefs.js - "browser.startup.homepage" - "http://www.bing.com/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{3f963a5b-e555-4543-90e2-c3908898db71}"=C:\Program Files\AVG\AVG8\Firefox
"{1d5287d1-8a92-0001-1f31-1cec198018d8}"=C:\Program Files\AVG\AVG8\ToolbarFF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{a282fbb1-1c06-d402-1cda-490807dc17c6}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\ASUS\Application Data\Mozilla\Firefox\Profiles\nqyamxvt.default\extensions\
m3ffxtbr@mywebsearch.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2011-02-15 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2011-02-15 2055960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-01 1901960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-07-07 1152776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2011-02-15 2055960]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-07-07 1152776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LiveUpdate"=C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [2009-08-27 735208]
"nwiz"=nwiz.exe /installquiet []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-08-06 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-08-06 13770752]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-11-17 18789408]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2009-12-31 994216]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2009-05-08 98304]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-04-09 1512744]
"SynAsusAcpi"=C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [2009-04-09 79144]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2011-10-17 2042208]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"Corel File Shell Monitor"=c:\Program Files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe []
"Standby"=c:\Program Files\Common Files\Corel\Standby\Standby.exe [2010-04-14 105632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-07-03 462920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Corel Photo Downloader"=C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [2010-04-14 524944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\conhost]
C:\Documents and Settings\ASUS\Application Data\Microsoft\conhost.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
C:\Program Files\ArcSoft\TotalMedia Theatre 3\uDTRun.exe [2009-08-18 512000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking]
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [2009-11-09 401072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Load]
C:\DOCUME~1\ASUS\LOCALS~1\Temp\csrss.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2010-03-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UfSeAgnt.exe]
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe [2010-02-23 1024368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\20DEB9~1.181\SSSCHE~1.EXE [2010-01-15 255536]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files\ASUS\AsusVibe\AsusVibeLauncher.exe
SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2011-02-15 11952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"DisableCMD"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoSetActiveDesktop"=0
"NoActiveDesktopChanges"=0
"NoFolderOptions"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\ASUS\EzMessenger\EzMessenger.exe"="C:\Program Files\ASUS\EzMessenger\EzMessenger.exe:*:Disabled:EzMessenger"
"C:\Program Files\ASUS\EzMessenger\Clotho.exe"="C:\Program Files\ASUS\EzMessenger\Clotho.exe:*:Disabled:Clotho"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"msacm.dvacm"=c:\PROGRA~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"=c:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"=c:\PROGRA~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm

======List of files/folders created in the last 1 month======

2012-09-03 08:16:14 ----D---- C:\rsit
2012-09-03 02:39:57 ----D---- C:\Documents and Settings\ASUS\Application Data\Malwarebytes
2012-09-03 02:39:52 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2012-09-03 02:39:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-09-03 02:39:51 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2012-09-03 02:13:14 ----A---- C:\Odkaz na Lokálny disk (D).lnk
2012-09-02 19:23:24 ----D---- C:\Documents and Settings\All Users\Application Data\036DFF4200078C0CCCFD0D387B07D329
2012-08-20 00:32:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2012-08-20 00:30:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2731847$
2012-08-19 00:28:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219$
2012-08-19 00:26:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135$

======List of files/folders modified in the last 1 month======

2012-09-03 08:16:18 ----D---- C:\Program Files\Trend Micro
2012-09-03 08:12:36 ----D---- C:\Program Files\Mozilla Firefox
2012-09-03 08:03:36 ----D---- C:\WINDOWS\system32\drivers
2012-09-03 08:03:36 ----A---- C:\WINDOWS\ntbtlog.txt
2012-09-03 08:01:41 ----A---- C:\WINDOWS\WINCMD.INI
2012-09-03 08:00:12 ----D---- C:\WINDOWS\Temp
2012-09-03 02:57:43 ----D---- C:\canon
2012-09-03 02:49:17 ----D---- C:\WINDOWS\system32
2012-09-03 02:39:51 ----RD---- C:\Program Files
2012-09-03 01:51:42 ----D---- C:\WINDOWS\Network Diagnostic
2012-09-03 01:49:24 ----D---- C:\WINDOWS\system32\CatRoot2
2012-09-03 01:37:47 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-09-03 01:30:04 ----D---- C:\WINDOWS\Prefetch
2012-09-02 21:24:51 ----HD---- C:\$AVG8.VAULT$
2012-08-28 18:46:48 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-20 19:50:58 ----D---- C:\WINDOWS
2012-08-20 00:32:22 ----HD---- C:\WINDOWS\inf
2012-08-20 00:32:21 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-20 00:32:08 ----SHD---- C:\WINDOWS\Installer
2012-08-20 00:32:07 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2012-08-20 00:30:36 ----A---- C:\WINDOWS\imsins.BAK
2012-08-20 00:29:23 ----HD---- C:\WINDOWS\$hf_mig$
2012-08-19 00:28:24 ----A---- C:\WINDOWS\system32\MRT.exe
2012-08-19 00:23:12 ----D---- C:\Program Files\Internet Explorer
2012-08-16 18:56:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 AvgRkx86;avgrkx86.sys; C:\WINDOWS\System32\Drivers\avgrkx86.sys [2011-02-15 12552]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2011-02-15 108552]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2011-02-15 29208]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-03-02 38912]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2009-06-29 17920]
R3 RTL8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\WINDOWS\system32\DRIVERS\rtl8192se.sys [2009-09-23 561024]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2009-04-09 208816]
R3 tmcfw;Trend Micro Common Firewall Service; C:\WINDOWS\system32\DRIVERS\TM_CFW.sys [2009-08-22 339984]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S1 archlp;archlp; C:\WINDOWS\system32\drivers\archlp.sys []
S1 AsUpIO;AsUpIO; C:\WINDOWS\system32\drivers\AsUpIO.sys [2009-12-25 11448]
S1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2011-02-15 335240]
S1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2011-02-15 27784]
S1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
S1 tmtdi;Trend Micro TDI Driver; C:\WINDOWS\system32\DRIVERS\tmtdi.sys [2009-08-22 89872]
S2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
S2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
S2 tmpreflt;tmpreflt; C:\WINDOWS\system32\DRIVERS\tmpreflt.sys [2010-07-30 36432]
S2 tmxpflt;tmxpflt; C:\WINDOWS\system32\DRIVERS\tmxpflt.sys [2010-07-30 249424]
S2 vsapint;vsapint; C:\WINDOWS\system32\DRIVERS\vsapint.sys [2010-07-30 1331512]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-03-13 1528928]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2011-02-15 29208]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys []
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-11-17 5956608]
S3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-08-06 7996992]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2009-11-26 56992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tmactmon;tmactmon; \??\C:\WINDOWS\system32\drivers\tmactmon.sys []
S3 tmevtmgr;tmevtmgr; \??\C:\WINDOWS\system32\drivers\tmevtmgr.sys []
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-19 13056]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-19 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-19 24832]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbsmi;USB2.0 UVC WebCam ; C:\WINDOWS\system32\DRIVERS\SMIksdrv.sys [2010-01-06 182144]
S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2011-02-15 297752]
S2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2011-02-15 1370488]
S2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-02 136176]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-08-06 168004]
S2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-14 44312]
S2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824]
S2 SfCtlCom;Trend Micro Central Control Component; C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe [2010-02-23 735968]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-02 136176]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-20 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:\Program Files\Trend Micro\BM\TMBMSRV.exe [2009-08-22 345352]
S3 TmPfw;Trend Micro Personal Firewall; C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [2009-08-22 497008]
S3 TmProxy;Trend Micro Proxy Service; C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2009-08-22 689416]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: PROSIM O KONTROLU LOGU

Napsal: 03 zář 2012 11:18
od vyosek
:arrow: Spustte znovu RogueKiller
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zvolte moznost Prohledat a pote Oprava Proxy a nasledne Zprava - otevre se log, ten sem vlozte
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
:arrow: Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
  • Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
  • Pokud mate Win XP spustte pod uctem Spravce\Administratora
  • Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
  • Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
  • Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
  • Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
  • Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
  • Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
  • Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

Re: PROSIM O KONTROLU LOGU

Napsal: 03 zář 2012 11:28
od tien
RogueKiller V8.0.2 [08/31/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operačný systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spustené v : Núdzový režim s prácou v sieti
Užívateľ : ASUS [Práva Správcu]
Režim : Oprava Proxy -- Dátum : 09/03/2012 12:26:18

¤¤¤ Škodlivé procesy : 0 ¤¤¤

¤¤¤ Záznamy Registrov : 1 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (127.0.0.1:64202) -> VYMAZANÉ

¤¤¤ Ovládač : [NENAHRATÉ] ¤¤¤

¤¤¤ Nákaza : ¤¤¤

Dokončené : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt

Re: PROSIM O KONTROLU LOGU

Napsal: 03 zář 2012 11:40
od vyosek
Fajn, vzhuru do ComboFixu

Re: PROSIM O KONTROLU LOGU

Napsal: 03 zář 2012 11:53
od tien
ComboFix 12-09-03.06 - Administrator 03.09.2012 12:37:08.1.2 - x86 NETWORK
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.895.290 [GMT 2:00]
Running from: c:\documents and settings\Administrator\My Documents\Preberanie\ComboFix.exe
AV: AVG Internet Security 3-pack *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Trend Micro Internet Security *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: AVG Firewall *Enabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: Trend Micro Personal Firewall *Disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\036DFF4200078C0CCCFD0D387B07D329
c:\documents and settings\All Users\Application Data\036DFF4200078C0CCCFD0D387B07D329\036DFF4200078C0CCCFD0D387B07D329
c:\documents and settings\All Users\Application Data\036DFF4200078C0CCCFD0D387B07D329\036DFF4200078C0CCCFD0D387B07D329.exe
c:\documents and settings\All Users\Application Data\036DFF4200078C0CCCFD0D387B07D329\036DFF4200078C0CCCFD0D387B07D329.ico
c:\documents and settings\All Users\Application Data\745BE15091.sys
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\E40EED9B.TMP
c:\documents and settings\All Users\FullRemove.exe
c:\documents and settings\ASUS\Application Data\.#
c:\documents and settings\ASUS\Application Data\.#\MBX@7B4@3D3FD0.###
c:\documents and settings\ASUS\Application Data\.#\MBX@7B4@3D4000.###
c:\documents and settings\ASUS\Start Menu\Programs\Live Security Platinum
c:\documents and settings\ASUS\Start Menu\Programs\Live Security Platinum\Live Security Platinum.lnk
c:\program files\FunWebProducts
c:\windows\system32\.exe
c:\windows\system32\1091b835.exe
c:\windows\system32\MUI\041b\tourstart.exe
c:\windows\system32\service
c:\windows\system32\service\04102010_TIS17_SfFniAU.log
c:\windows\system32\service\05042011_TIS17_SfFniAU.log
c:\windows\system32\service\05122010_TIS17_SfFniAU.log
c:\windows\system32\service\06042012_TIS17_SfFniAU.log
c:\windows\system32\service\07092011_TIS17_SfFniAU.log
c:\windows\system32\service\07102011_TIS17_SfFniAU.log
c:\windows\system32\service\08032011_TIS17_SfFniAU.log
c:\windows\system32\service\08122011_TIS17_SfFniAU.log
c:\windows\system32\service\10032012_TIS17_SfFniAU.log
c:\windows\system32\service\15022011_TIS17_SfFniAU.log
c:\windows\system32\service\15072011_TIS17_SfFniAU.log
c:\windows\system32\service\16092010_TIS17_SfFniAU.log
c:\windows\system32\service\17042011_TIS17_SfFniAU.log
c:\windows\system32\service\17062011_TIS17_SfFniAU.log
c:\windows\system32\service\18072010_TIS17_SfFniAU.log
c:\windows\system32\service\18122010_TIS17_SfFniAU.log
c:\windows\system32\service\19102010_TIS17_SfFniAU.log
c:\windows\system32\service\21122010_TIS17_SfFniAU.log
c:\windows\system32\service\25022012_TIS17_SfFniAU.log
c:\windows\system32\service\25112011_TIS17_SfFniAU.log
c:\windows\system32\service\27012011_TIS17_SfFniAU.log
c:\windows\system32\service\27022011_TIS17_SfFniAU.log
c:\windows\system32\service\27112010_TIS17_SfFniAU.log
c:\windows\system32\service\31052011_TIS17_SfFniAU.log
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-08-03 to 2012-09-03 )))))))))))))))))))))))))))))))
.
.
2012-09-03 10:25 . 2012-09-03 10:25 14080 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2012-09-03 06:16 . 2012-09-03 06:16 -------- d-----w- C:\rsit
2012-09-03 00:39 . 2012-09-03 00:39 -------- d-----w- c:\documents and settings\ASUS\Application Data\Malwarebytes
2012-09-03 00:39 . 2012-09-03 00:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-09-03 00:39 . 2012-09-03 00:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-09-03 00:39 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-02 23:40 . 2012-09-02 23:40 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2012-08-27 16:56 . 2012-07-14 00:15 136672 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-06 13:58 . 2010-02-03 09:42 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2010-02-03 10:54 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40 . 2010-02-03 09:43 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49 . 2010-02-03 09:43 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49 . 2010-02-03 09:42 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49 . 2010-02-03 09:42 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2010-02-03 09:42 385024 ----a-w- c:\windows\system32\html.iec
2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:50 . 2010-02-03 09:43 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2010-02-03 09:43 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-07-14 00:15 . 2012-08-27 16:56 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-11-09 401072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LiveUpdate"="c:\program files\Asus\LiveUpdate\LiveUpdate.exe" [2009-08-27 735208]
"nwiz"="nwiz.exe" [2009-08-06 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-06 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-06 13770752]
"RTHDCPL"="RTHDCPL.EXE" [2009-11-17 18789408]
"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2009-12-31 994216]
"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2009-05-08 98304]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-04-09 1512744]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-04-09 79144]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2011-10-17 2042208]
"Standby"="c:\program files\Common Files\Corel\Standby\Standby.exe" [2010-04-14 105632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-1-23 548528]
SuperHybridEngine.lnk - c:\program files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe [2010-2-3 385024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2011-02-15 15:30 11952 ----a-w- c:\windows\system32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 02:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun]
2009-08-18 09:31 512000 ----a-w- c:\program files\ArcSoft\TotalMedia Theatre 3\uDTRun.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking]
2009-11-09 13:34 401072 ----a-w- c:\program files\ASUS\Eee Docking\Eee Docking.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UfSeAgnt.exe]
2010-02-23 10:47 1024368 ----a-w- c:\program files\Trend Micro\Internet Security\UfSeAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\ASUS\\EzMessenger\\EzMessenger.exe"=
"c:\\Program Files\\ASUS\\EzMessenger\\Clotho.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [24.1.2011 18:08 160640]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [24.1.2011 18:08 5248]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [15.2.2011 17:20 12552]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [15.2.2011 17:20 108552]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [15.2.2011 17:19 29208]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [18.1.2010 17:20 38912]
R3 RTL8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [3.2.2010 15:46 561024]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [22.8.2009 11:38 339984]
S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys --> c:\windows\system32\drivers\archlp.sys [?]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [3.2.2010 14:43 11448]
S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [15.2.2011 17:20 335240]
S2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [15.2.2011 22:48 297752]
S2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [15.2.2011 22:47 1370488]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [15.6.2011 17:33 249648]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2.7.2011 17:36 136176]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3.9.2012 2:39 655944]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe [3.2.2010 15:58 44312]
S2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [22.8.2009 11:38 36432]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.2.2010 15:42 1684736]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [15.2.2011 17:19 29208]
S3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [7.7.2011 19:31 195336]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2.7.2011 17:36 136176]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3.9.2012 2:39 22344]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 14:49 227232]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [3.5.2012 22:19 113120]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [14.1.2010 5:41 56992]
S3 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [3.2.2010 16:05 51792]
S3 TmPfw;Trend Micro Personal Firewall;c:\program files\Trend Micro\Internet Security\TmPfw.exe [3.2.2010 16:05 497008]
S3 TmProxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [3.2.2010 16:05 689416]
S3 usbsmi;USB2.0 UVC WebCam ;c:\windows\system32\drivers\SMIksdrv.sys [3.2.2010 15:43 182144]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMPROTECTOR
*NewlyCreated* - MBAMSERVICE
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-13 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2012-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-02 15:35]
.
2012-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-02 15:35]
.
.
------- Supplementary Scan -------
.
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\we96db3d.default\
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-Corel File Shell Monitor - c:\program files\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
MSConfigStartUp-conhost - c:\documents and settings\ASUS\Application Data\Microsoft\conhost.exe
AddRemove-1091b835 - c:\windows\system32\1091b835.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-03 12:47
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\docume~1\ADMINI~1\LOCALS~1\Temp\catchme.dll 53248 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1581970200-332233566-2602220850-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,33,d4,d3,ea,a4,62,a5,4d,95,c2,9a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,33,d4,d3,ea,a4,62,a5,4d,95,c2,9a,\
.
Completion time: 2012-09-03 12:50:28
ComboFix-quarantined-files.txt 2012-09-03 10:50
.
Pre-Run: 9 876 422 656 bytes free
Post-Run: 15 724 531 712 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
.
- - End Of File - - 7025791A2475244FFD9B1FAE36884C3E

Re: PROSIM O KONTROLU LOGU

Napsal: 03 zář 2012 19:29
od vyosek
:arrow: Musime udelat poradek v zabezpeceni - jeden z nich musi pryc, jinak bude dochaze ke kolizi. A uprimne, ja bych dal oba pryc a nainstalovat treba Avast Free
AV: AVG Internet Security 3-pack *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Trend Micro Internet Security *Disabled/Updated* {7D2296BC-32CC-4519-917E-52E652474AF5}
FW: AVG Firewall *Enabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: Trend Micro Personal Firewall *Disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}
:arrow: Dle vaseho rozdhodnuti pak dam dalsi postup :wink:

Re: PROSIM O KONTROLU LOGU

Napsal: 04 zář 2012 07:57
od tien
odinstaloval som Trend Micro Internet Security
Avg v nudzovom rezime odinstalovat nejde

Re: PROSIM O KONTROLU LOGU

Napsal: 04 zář 2012 11:50
od vyosek
:arrow: Pouzijte jeste tento remover http://download.webroot.com/WRUpgradeTool.exe a timto http://download.webroot.com/CleanWDF.exe

:arrow: AVG vemte timto removerem http://download.avg.com/filedir/util/av ... 2_2125.exe ci timto http://download.avg.com/filedir/util/su ... 1_1184.exe

:arrow: Nainstalujte Avast Free http://www.avast.com/cs-cz/free-antivirus-download

:arrow: Napiste ci se vse povedlo

Re: PROSIM O KONTROLU LOGU

Napsal: 04 zář 2012 14:59
od tien
AVAST nainstalovany :) co dalej ?
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz