VIRY.CZ

Dobrý den,
ESET Online scanner mi našel virus v adresáři system32 (msnun9er8.dll) a označil ho jako Keylogger.Chci se zetat zda v PC nemám ještě jinou havěť.Po spuštění RSIT mi HJT nahlásilo chybu ale ignoroval sem to a doběhlo to.

Díky

Logfile of random's system information tool 1.09 (written by random/random)
Run by Owner at 2012-09-22 22:44:52
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 45 GB (39%) free of 114 GB
Total RAM: 1023 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:45:25, on 22.9.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner\Plocha\Upload\RSIT.exe
C:\Program Files\trend micro\Owner.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5CF549B1-E178-4D8C-ADEF-73F226644F12} (Room328 Designer Setup) - http://deploy.webvdecor.com/app/WebVDSetUp.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos-be ... canner.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = a
O17 - HKLM\Software\..\Telephony: DomainName = a
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = a
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate1ca50189525219a) (gupdate1ca50189525219a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MySQL - Unknown owner - C:\Documents and Settings\kubik\Plocha\bin\mysqld-nt.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O24 - Desktop Component 1: Novinky - http://www.novinky.cz/

--
End of file - 7681 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\SmartDefrag.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{08D5B3F9-0256-4DF7-90FE-A66A68AE2D21}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{460CD160-D067-4C58-A808-9A1CDD1FBE17}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-11 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-11 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-03-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-06-07 399352]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-02-09 65024]
"Omnipage"=C:\Program Files\ScanSoft\OmniPageSE\opware32.exe [2002-06-03 49152]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-01-08 68640]
"F5D7050v3"=C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe [2007-10-30 1654784]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2012-09-06 15668432]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2007-01-05 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-05-19 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-07-03 2424192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Disabled:ICQ6"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Disabled:Java(TM) Platform SE binary"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Disabled:VLC media player"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"G:\Programy\Nainstalované\ICQ7.1\ICQ.exe"="G:\Programy\Nainstalované\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Common Files\Microsoft Shared\XNA\XnaTrans\v3.0\XnaTransX.exe"="C:\Program Files\Common Files\Microsoft Shared\XNA\XnaTrans\v3.0\XnaTransX.exe:LocalSubNet:Enabled:XNA Game Studio 4.0 Transport"
"C:\Program Files\Microsoft XNA\XNA Game Studio\v4.0\Bin\XnaLiveProxy.exe"="C:\Program Files\Microsoft XNA\XNA Game Studio\v4.0\Bin\XnaLiveProxy.exe:LocalSubNet:Enabled:XNA Framework Games for Windows - LIVE"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"G:\Programy\Nainstalované\ICQ7.1\ICQ.exe"="G:\Programy\Nainstalované\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"Debugger=""C:\DOCUMENTS AND SETTINGS\OWNER\PLOCHA\PROCESSEXPLORER\PROCEXP.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.PIM1"=pclepim1.dll
"msacm.g723"=g723.acm
"vidc.I263"=I263_32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.DIVX"=DivX.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"VIDC.XFR1"=xfcodec.dll

======File associations======

.txt - open - C:\PROGRA~1\PSPADE~1\PSPad.exe "%1"

======List of files/folders created in the last 1 month======

2012-09-22 21:29:59 ----D---- C:\Program Files\trend micro
2012-09-22 21:29:50 ----D---- C:\rsit
2012-09-22 21:18:40 ----D---- C:\Program Files\ESET
2012-09-22 20:34:37 ----D---- C:\Documents and Settings\Owner\Data aplikací\PSpad
2012-09-22 20:33:24 ----D---- C:\Program Files\PSPad editor
2012-09-22 20:28:51 ----D---- C:\Program Files\7-Zip
2012-09-22 18:25:01 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2012-09-22 18:25:01 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2012-09-22 18:24:59 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2012-09-22 18:24:58 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2012-09-22 18:23:35 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2012-09-22 18:23:34 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2012-09-22 18:23:32 ----D---- C:\WINDOWS\LastGood
2012-09-22 18:22:23 ----D---- C:\WINDOWS\system32\xlive
2012-09-22 18:22:12 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2012-09-22 18:20:12 ----D---- C:\Program Files\Microsoft XNA
2012-09-21 21:48:50 ----A---- C:\Vysledky.txt
2012-09-21 20:11:28 ----D---- C:\Program Files\Microsoft SQL Server
2012-09-21 20:11:02 ----D---- C:\Program Files\Microsoft Silverlight
2012-09-21 20:10:24 ----D---- C:\Program Files\Microsoft Synchronization Services
2012-09-21 20:10:23 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-09-21 20:02:42 ----D---- C:\Program Files\Microsoft SDKs
2012-09-21 20:02:42 ----D---- C:\Program Files\Microsoft Help Viewer
2012-09-21 20:02:41 ----D---- C:\Program Files\Microsoft Visual Studio 10.0
2012-09-21 19:44:37 ----D---- C:\Program Files\Microsoft.NET
2012-09-21 19:24:56 ----A---- C:\WINDOWS\system32\hidserv.dll
2012-09-21 19:24:43 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2012-09-21 19:24:34 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2012-09-21 19:24:06 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2012-09-17 18:02:44 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-09-17 18:02:44 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-09-17 18:02:38 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2012-09-17 18:02:37 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2012-09-17 18:02:36 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-09-17 18:02:34 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2012-09-17 18:02:34 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2012-09-17 18:02:33 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2012-09-17 18:01:46 ----A---- C:\WINDOWS\avastSS.scr
2012-09-17 18:01:45 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-09-17 18:01:11 ----D---- C:\Program Files\AVAST Software
2012-09-17 18:01:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-09-17 17:50:58 ----D---- C:\Program Files\Defraggler
2012-09-17 17:26:19 ----D---- C:\Program Files\Speccy

======List of files/folders modified in the last 1 month======

2012-09-22 22:30:39 ----D---- C:\WINDOWS\system32
2012-09-22 22:09:45 ----D---- C:\WINDOWS\system32\CatRoot2
2012-09-22 22:02:05 ----D---- C:\WINDOWS\Microsoft.NET
2012-09-22 21:29:59 ----D---- C:\Program Files
2012-09-22 21:20:55 ----D---- C:\WINDOWS\Temp
2012-09-22 20:40:20 ----SD---- C:\Documents and Settings\Owner\Data aplikací\Microsoft
2012-09-22 20:36:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-09-22 20:29:36 ----D---- C:\WINDOWS\system32\drivers
2012-09-22 20:25:29 ----SHD---- C:\WINDOWS\Installer
2012-09-22 20:25:29 ----HD---- C:\Config.Msi
2012-09-22 20:25:24 ----D---- C:\Program Files\Google
2012-09-22 20:17:44 ----RSD---- C:\WINDOWS\assembly
2012-09-22 18:31:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-09-22 18:28:53 ----RSD---- C:\WINDOWS\Fonts
2012-09-22 18:25:03 ----D---- C:\WINDOWS\system32\DirectX
2012-09-22 18:25:02 ----HD---- C:\WINDOWS\inf
2012-09-22 18:23:33 ----D---- C:\WINDOWS
2012-09-22 18:22:23 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-09-22 17:48:33 ----D---- C:\WINDOWS\Prefetch
2012-09-22 17:04:50 ----D---- C:\WINDOWS\Debug
2012-09-21 20:12:21 ----D---- C:\WINDOWS\WinSxS
2012-09-21 19:56:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-09-21 19:53:54 ----D---- C:\WINDOWS\system32\mui
2012-09-21 19:50:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-09-21 19:44:44 ----D---- C:\WINDOWS\system32\en-US
2012-09-18 19:27:57 ----HD---- C:\WINDOWS\$hf_mig$
2012-09-18 19:24:42 ----A---- C:\WINDOWS\system32\MRT.exe
2012-09-17 18:15:38 ----SD---- C:\WINDOWS\Tasks
2012-09-17 18:03:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2012-09-17 18:02:53 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-09-17 17:52:52 ----D---- C:\Program Files\Real
2012-09-17 17:52:52 ----D---- C:\Program Files\Common Files\Real
2012-09-17 17:52:51 ----D---- C:\Documents and Settings\Owner\Data aplikací\Real
2012-09-17 17:52:38 ----D---- C:\Program Files\Common Files
2012-09-17 17:49:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG10
2012-09-17 17:47:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2012-09-17 17:35:59 ----D---- C:\WINDOWS\system32\drivers\AVG
2012-09-17 17:32:48 ----D---- C:\Program Files\IObit
2012-09-07 22:37:05 ----D---- C:\Program Files\Internet Explorer
2012-09-07 22:36:50 ----D---- C:\WINDOWS\ie8updates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-08-21 25256]
R1 ASPI32;ASPI32; C:\WINDOWS\system32\drivers\ASPI32.sys [1999-09-10 25244]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-08-21 35928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-08-21 729752]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-08-21 355632]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-08-21 54232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 SpyMng;SpyMng; \??\C:\WINDOWS\system32\Drivers\SpyMng.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-01-16 20747]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-08-21 21256]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-08-21 97608]
R2 LightLogger;LightLogger driver; \??\C:\WINDOWS\system32\Drivers\LightLogger.sys []
R2 PCLEPCI;PCLEPCI; C:\WINDOWS\system32\drivers\PCLEPCI.sys [2000-07-27 14235]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-11 391424]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-02-18 610988]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-08-17 701440]
R3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\Belkin\F5D705~1\GTNDIS5.SYS []
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pfc;PADUS ASPI SHELL; C:\WINDOWS\system32\drivers\pfc.sys [2002-06-13 14604]
R3 RT73;Belkin Wireless 54G USB Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2007-10-02 451968]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2008-04-13 206976]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 gtcdcmdm;GTRAN USB CDC Driver (PID 3196); C:\WINDOWS\system32\DRIVERS\gtusbmdm_gpc6400.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-21 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-12-30 101120]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 PAC207;VideoCAM GF112; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WINIO;WINIO; \??\D:\DRIVER\Audio\winio.sys []
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-03-11 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-08 171040]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 gupdate1ca50189525219a;Služba Google Update (gupdate1ca50189525219a); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-18 133104]
S2 MySQL;MySQL; C:\Documents and Settings\kubik\Plocha\bin\mysqld-nt.exe [2004-09-08 2203648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-17 250568]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-18 133104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-03-26 292864]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Zdravím!
Poprosím o log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Log je zde:

ComboFix 12-09-23.01 - Owner 23.09.2012 10:25:47.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.345 [GMT 2:00]
Spuštěný z: c:\documents and settings\Owner\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Owner\WINDOWS
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\rloci.bin
C:\Thumbs.db
c:\windows\iun6002.exe
c:\windows\My.ini
c:\windows\system32\AutoRun.inf
c:\windows\system32\CddbCdda.dll
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\SET45.tmp
c:\windows\system32\SET49.tmp
c:\windows\system32\SET51.tmp
E:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-23 do 2012-09-23 )))))))))))))))))))))))))))))))
.
.
2012-09-22 19:29 . 2012-09-22 20:45 -------- d-----w- c:\program files\trend micro
2012-09-22 19:29 . 2012-09-22 20:45 -------- d-----w- C:\rsit
2012-09-22 19:18 . 2012-09-22 19:18 -------- d-----w- c:\program files\ESET
2012-09-22 18:34 . 2012-09-22 18:37 -------- d-----w- c:\documents and settings\Owner\Data aplikací\PSpad
2012-09-22 18:33 . 2012-09-22 20:11 -------- d-----w- c:\program files\PSPad editor
2012-09-22 18:28 . 2012-09-22 18:28 -------- d-----w- c:\program files\7-Zip
2012-09-22 17:39 . 2012-09-22 17:52 -------- d-----w- c:\documents and settings\Owner\Local Settings\Data aplikací\Temporary Projects
2012-09-22 16:25 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2012-09-22 16:25 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2012-09-22 16:24 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2012-09-22 16:24 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2012-09-22 16:23 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2012-09-22 16:23 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2012-09-22 16:22 . 2012-09-22 16:22 -------- d-----w- c:\windows\system32\xlive
2012-09-22 16:22 . 2012-09-22 16:22 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2012-09-22 16:20 . 2012-09-22 16:20 -------- d-----w- c:\program files\Microsoft XNA
2012-09-21 18:11 . 2012-09-21 18:11 -------- d-----w- c:\program files\Microsoft SQL Server
2012-09-21 18:11 . 2012-09-21 18:11 -------- d-----w- c:\program files\Microsoft Silverlight
2012-09-21 18:10 . 2012-09-21 18:10 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-09-21 18:10 . 2012-09-21 18:10 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-09-21 18:09 . 2012-09-21 18:13 188128 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2012-09-21 18:02 . 2012-09-21 18:02 -------- d-----w- c:\program files\Microsoft SDKs
2012-09-21 18:02 . 2012-09-21 18:02 -------- d-----w- c:\program files\Microsoft Help Viewer
2012-09-21 18:02 . 2012-09-21 18:12 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2012-09-21 17:44 . 2012-09-21 18:02 -------- d-----w- c:\program files\Microsoft.NET
2012-09-21 17:24 . 2008-04-14 03:21 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2012-09-21 17:24 . 2008-04-14 03:21 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-09-21 17:24 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2012-09-21 17:24 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2012-09-21 17:24 . 2008-04-14 02:29 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2012-09-21 17:24 . 2008-04-14 02:29 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2012-09-21 17:24 . 2008-04-13 18:45 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2012-09-21 17:24 . 2008-04-13 18:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2012-09-17 16:02 . 2012-08-21 09:13 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-09-17 16:02 . 2012-08-21 09:13 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-09-17 16:02 . 2012-08-21 09:13 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-09-17 16:02 . 2012-08-21 09:13 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-09-17 16:02 . 2012-08-21 09:13 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-09-17 16:02 . 2012-08-21 09:13 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-09-17 16:02 . 2012-08-21 09:13 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-09-17 16:02 . 2012-08-21 09:13 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-09-17 16:01 . 2012-08-21 09:12 41224 ----a-w- c:\windows\avastSS.scr
2012-09-17 16:01 . 2012-08-21 09:12 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-09-17 16:01 . 2012-09-17 16:01 -------- d-----w- c:\program files\AVAST Software
2012-09-17 16:01 . 2012-09-17 16:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2012-09-17 15:50 . 2012-09-17 15:51 -------- d-----w- c:\program files\Defraggler
2012-09-17 15:26 . 2012-09-17 15:26 -------- d-----w- c:\program files\Speccy
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-17 16:02 . 2012-07-31 16:17 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-17 16:02 . 2011-12-29 17:46 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2004-08-18 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2006-12-05 07:52 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2004-08-18 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2006-12-23 15:23 . 2006-12-23 15:23 164416512 ----a-w- c:\program files\Nero-7.5.9.0_csy_no_atb.exe
2003-01-09 20:17 . 2006-12-16 10:50 1486848 -c--a-w- c:\program files\battle.exe
2001-09-11 10:20 . 2006-12-16 10:50 20480 -c--a-w- c:\program files\TnLConf.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-09-06 15668432]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2007-01-05 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-02-09 65024]
"Omnipage"="c:\program files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 49152]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-01-08 68640]
"F5D7050v3"="c:\program files\Belkin\F5D7050v3\Belkinwcui.exe" [2007-10-30 1654784]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-05-19 11:00 77824 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-07-03 06:59 2424192 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"DrWindows"="c:\program files\DrWindows\DrWindows.exe" /autorun
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"Pando"="c:\program files\Pando Networks\Pando\pando.exe" /Automation
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"ReadPlease2003"=c:\program files\ReadPlease 2003\ReadPlease2003.exe
"RelevantKnowledge"=c:\program files\relevantknowledge\rlvknlg.exe -boot
"SpyMng"=d:\déčko\novinky\spymanager20\SpyManager20.exe autorun
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"WinampAgent"="c:\program files\Winamp\winampa.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [17.9.2012 18:02 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [17.9.2012 18:02 355632]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 20:41 67656]
R1 SpyMng;SpyMng;c:\windows\system32\drivers\SpyMng.sys [16.7.2009 13:03 7552]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17.9.2012 18:02 21256]
R2 LightLogger;LightLogger driver;c:\windows\system32\drivers\LightLogger.sys [3.12.2007 9:53 9216]
S2 gupdate1ca50189525219a;Služba Google Update (gupdate1ca50189525219a);c:\program files\Google\Update\GoogleUpdate.exe [18.10.2009 19:29 133104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [31.7.2012 18:17 250568]
S3 gtcdcmdm;GTRAN USB CDC Driver (PID 3196);c:\windows\system32\DRIVERS\gtusbmdm_gpc6400.sys --> c:\windows\system32\DRIVERS\gtusbmdm_gpc6400.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [18.10.2009 19:29 133104]
S3 PAC207;VideoCAM GF112;c:\windows\system32\drivers\PFC027.sys [8.4.2005 11:46 162176]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - GTNDIS5
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-31 16:02]
.
2012-09-23 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-09-17 09:12]
.
2012-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-18 17:29]
.
2012-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-18 17:29]
.
2012-09-22 c:\windows\Tasks\User_Feed_Synchronization-{08D5B3F9-0256-4DF7-90FE-A66A68AE2D21}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
2012-09-23 c:\windows\Tasks\User_Feed_Synchronization-{460CD160-D067-4C58-A808-9A1CDD1FBE17}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
DPF: {5CF549B1-E178-4D8C-ADEF-73F226644F12} - hxxp://deploy.webvdecor.com/app/WebVDSetUp.cab
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-FileZilla Client - f:\filezilla ftp client\uninstall.exe
AddRemove-Mystica_is1 - g:\programy\Nainstalované\Mystica\unins000.exe
AddRemove-Power Sound Editor Free_is1 - f:\power sound editor free\unins000.exe
AddRemove-Stellarium_is1 - f:\stellarium\unins000.exe
AddRemove-Teachmaster 3.9 - g:\programy\Nainstalované\Teachmaster 3.9\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-23 10:36
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(748)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\documents and settings\Owner\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
c:\documents and settings\Owner\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
c:\documents and settings\Owner\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
c:\documents and settings\Owner\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
.
Celkový čas: 2012-09-23 10:39:31
ComboFix-quarantined-files.txt 2012-09-23 08:39
.
Před spuštěním: Volných bajtů: 46 995 202 048
Po spuštění: Volných bajtů: 48 842 227 712
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 6B1C2E9A8D621F096890B81475BCCCCE

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

A můžu se zeptat na nějaké tipy na zrychlení PC? Pravidelně používám CCleaner a Defraggler. Log tuto:

ComboFix 12-09-23.02 - Owner 23.09.2012 12:02:51.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.589 [GMT 2:00]
Spuštěný z: c:\documents and settings\Owner\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Owner\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\_ctypes.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\_elementtree.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\_hashlib.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\_socket.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\_ssl.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\pyexpat.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\pysqlite2._sqlite.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\python26.dll
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\pythoncom26.dll
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\pywintypes26.dll
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\select.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\unicodedata.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\win32api.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\win32com.shell.shell.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\win32crypt.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\win32event.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\win32file.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\win32inet.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\win32pdh.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\win32process.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\win32security.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\windows._cacheinvalidation.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\wx._controls_.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\wx._core_.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\wx._gdi_.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\wx._html2.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\wx._misc_.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\wx._windows_.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\wx._wizard.pyd
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\wxbase293u_net_vc.dll
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\wxbase293u_vc.dll
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\wxmsw293u_adv_vc.dll
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\wxmsw293u_core_vc.dll
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\wxmsw293u_html_vc.dll
c:\docume~1\Owner\LOCALS~1\Temp\_MEI28322\wxmsw293u_webview_vc.dll
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\_ctypes.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\_elementtree.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\_hashlib.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\_socket.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\_ssl.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\pyexpat.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\pysqlite2._sqlite.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\python26.dll
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\pythoncom26.dll
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\pywintypes26.dll
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\select.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\unicodedata.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\win32api.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\win32com.shell.shell.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\win32crypt.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\win32event.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\win32file.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\win32inet.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\win32pdh.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\win32process.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\win32security.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\windows._cacheinvalidation.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\wx._controls_.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\wx._core_.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\wx._gdi_.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\wx._html2.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\wx._misc_.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\wx._windows_.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\wx._wizard.pyd
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\wxbase293u_net_vc.dll
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\wxbase293u_vc.dll
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\wxmsw293u_adv_vc.dll
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\wxmsw293u_core_vc.dll
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\wxmsw293u_html_vc.dll
c:\documents and settings\Owner\Local Settings\Temp\_MEI28322\wxmsw293u_webview_vc.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-23 do 2012-09-23 )))))))))))))))))))))))))))))))
.
.
2012-09-23 09:48 . 2012-09-23 09:56 -------- d-----w- c:\documents and settings\Owner\Local Settings\Data aplikací\Temporary Projects
2012-09-22 19:29 . 2012-09-22 20:45 -------- d-----w- c:\program files\trend micro
2012-09-22 19:29 . 2012-09-22 20:45 -------- d-----w- C:\rsit
2012-09-22 19:18 . 2012-09-22 19:18 -------- d-----w- c:\program files\ESET
2012-09-22 18:34 . 2012-09-22 18:37 -------- d-----w- c:\documents and settings\Owner\Data aplikací\PSpad
2012-09-22 18:33 . 2012-09-22 20:11 -------- d-----w- c:\program files\PSPad editor
2012-09-22 18:28 . 2012-09-22 18:28 -------- d-----w- c:\program files\7-Zip
2012-09-22 16:25 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2012-09-22 16:25 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2012-09-22 16:24 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2012-09-22 16:24 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2012-09-22 16:23 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2012-09-22 16:23 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2012-09-22 16:22 . 2012-09-22 16:22 -------- d-----w- c:\windows\system32\xlive
2012-09-22 16:22 . 2012-09-22 16:22 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2012-09-22 16:20 . 2012-09-22 16:20 -------- d-----w- c:\program files\Microsoft XNA
2012-09-21 18:11 . 2012-09-21 18:11 -------- d-----w- c:\program files\Microsoft SQL Server
2012-09-21 18:11 . 2012-09-21 18:11 -------- d-----w- c:\program files\Microsoft Silverlight
2012-09-21 18:10 . 2012-09-21 18:10 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-09-21 18:10 . 2012-09-21 18:10 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-09-21 18:09 . 2012-09-21 18:13 188128 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\VCSExpress\10.0\1033\ResourceCache.dll
2012-09-21 18:02 . 2012-09-21 18:02 -------- d-----w- c:\program files\Microsoft SDKs
2012-09-21 18:02 . 2012-09-21 18:02 -------- d-----w- c:\program files\Microsoft Help Viewer
2012-09-21 18:02 . 2012-09-21 18:12 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2012-09-21 17:44 . 2012-09-21 18:02 -------- d-----w- c:\program files\Microsoft.NET
2012-09-21 17:24 . 2008-04-14 03:21 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2012-09-21 17:24 . 2008-04-14 03:21 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-09-21 17:24 . 2001-10-24 09:54 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2012-09-21 17:24 . 2001-10-24 09:54 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2012-09-21 17:24 . 2008-04-14 02:29 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2012-09-21 17:24 . 2008-04-14 02:29 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2012-09-21 17:24 . 2008-04-13 18:45 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2012-09-21 17:24 . 2008-04-13 18:45 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2012-09-17 16:02 . 2012-08-21 09:13 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-09-17 16:02 . 2012-08-21 09:13 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-09-17 16:02 . 2012-08-21 09:13 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-09-17 16:02 . 2012-08-21 09:13 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-09-17 16:02 . 2012-08-21 09:13 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-09-17 16:02 . 2012-08-21 09:13 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-09-17 16:02 . 2012-08-21 09:13 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-09-17 16:02 . 2012-08-21 09:13 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-09-17 16:01 . 2012-08-21 09:12 41224 ----a-w- c:\windows\avastSS.scr
2012-09-17 16:01 . 2012-08-21 09:12 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-09-17 16:01 . 2012-09-17 16:01 -------- d-----w- c:\program files\AVAST Software
2012-09-17 16:01 . 2012-09-17 16:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2012-09-17 15:50 . 2012-09-17 15:51 -------- d-----w- c:\program files\Defraggler
2012-09-17 15:26 . 2012-09-17 15:26 -------- d-----w- c:\program files\Speccy
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-17 16:02 . 2012-07-31 16:17 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-17 16:02 . 2011-12-29 17:46 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2004-08-18 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2006-12-05 07:52 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:22 . 2004-08-18 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:38 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:38 . 2004-08-18 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:38 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2004-08-18 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2006-12-23 15:23 . 2006-12-23 15:23 164416512 ----a-w- c:\program files\Nero-7.5.9.0_csy_no_atb.exe
2003-01-09 20:17 . 2006-12-16 10:50 1486848 -c--a-w- c:\program files\battle.exe
2001-09-11 10:20 . 2006-12-16 10:50 20480 -c--a-w- c:\program files\TnLConf.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-09-06 13:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-09-06 15668432]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2007-01-05 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-02-09 65024]
"Omnipage"="c:\program files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 49152]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-01-08 68640]
"F5D7050v3"="c:\program files\Belkin\F5D7050v3\Belkinwcui.exe" [2007-10-30 1654784]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-05-19 11:00 77824 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-07-03 06:59 2424192 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"DrWindows"="c:\program files\DrWindows\DrWindows.exe" /autorun
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
"Pando"="c:\program files\Pando Networks\Pando\pando.exe" /Automation
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ISUSPM Startup"=c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" -start
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe"
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"ReadPlease2003"=c:\program files\ReadPlease 2003\ReadPlease2003.exe
"RelevantKnowledge"=c:\program files\relevantknowledge\rlvknlg.exe -boot
"SpyMng"=d:\déčko\novinky\spymanager20\SpyManager20.exe autorun
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot
"WinampAgent"="c:\program files\Winamp\winampa.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [17.9.2012 18:02 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [17.9.2012 18:02 355632]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 20:41 67656]
R1 SpyMng;SpyMng;c:\windows\system32\drivers\SpyMng.sys [16.7.2009 13:03 7552]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17.9.2012 18:02 21256]
R2 LightLogger;LightLogger driver;c:\windows\system32\drivers\LightLogger.sys [3.12.2007 9:53 9216]
S2 gupdate1ca50189525219a;Služba Google Update (gupdate1ca50189525219a);c:\program files\Google\Update\GoogleUpdate.exe [18.10.2009 19:29 133104]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [31.7.2012 18:17 250568]
S3 gtcdcmdm;GTRAN USB CDC Driver (PID 3196);c:\windows\system32\DRIVERS\gtusbmdm_gpc6400.sys --> c:\windows\system32\DRIVERS\gtusbmdm_gpc6400.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [18.10.2009 19:29 133104]
S3 PAC207;VideoCAM GF112;c:\windows\system32\drivers\PFC027.sys [8.4.2005 11:46 162176]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-31 16:02]
.
2012-09-23 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-09-17 09:12]
.
2012-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-18 17:29]
.
2012-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-18 17:29]
.
2012-09-22 c:\windows\Tasks\User_Feed_Synchronization-{08D5B3F9-0256-4DF7-90FE-A66A68AE2D21}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
2012-09-23 c:\windows\Tasks\User_Feed_Synchronization-{460CD160-D067-4C58-A808-9A1CDD1FBE17}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
DPF: {5CF549B1-E178-4D8C-ADEF-73F226644F12} - hxxp://deploy.webvdecor.com/app/WebVDSetUp.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-23 12:17
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(752)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\documents and settings\Owner\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
c:\documents and settings\Owner\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
c:\documents and settings\Owner\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
c:\documents and settings\Owner\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
.
- - - - - - - > 'explorer.exe'(4088)
c:\program files\ScanSoft\OmniPageSE\ophook32.dll
c:\windows\system32\msi.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\System32\PAStiSvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\wscntfy.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Celkový čas: 2012-09-23 12:22:15 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-23 10:22
ComboFix2.txt 2012-09-23 08:39
.
Před spuštěním: Volných bajtů: 48 751 214 592
Po spuštění: Volných bajtů: 48 620 204 032
.
- - End Of File - - 9ADD12B4A683BD6197795A9ED131C299

Log již vypadá OK. Pokud chcete systém zrychlit, pravidelně čisíte a defragmentujete, zbývá už jen odinstalování zapomenutých a nepotřebných aplikací a zvýšení kapacity paměti RAM přidáním dalšího modulu.

Tak Vám děkuji a přeji hezký den.

)

Hezký den i vám a nemáte zač!

VIRY.CZ

Keylogger a další viry

Keylogger a další viry

Re: Keylogger a další viry

Re: Keylogger a další viry

Re: Keylogger a další viry

Re: Keylogger a další viry

Re: Keylogger a další viry

Re: Keylogger a další viry

Re: Keylogger a další viry