Ahoj, prosim o pomoc. Pri spousteni spravce pocitace (nebo vykon atd.) se zobrazuje jen hlaska 'vstupni bod procedury .... de nepodarilo v dynamicky propojovane knihovne mmcbase.dll nalezt.'
Logfile of random's system information tool 1.06 (written by random/random)
Run by Šitnerovci at 2010-01-17 19:40:09
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 28 GB (47%) free of 60 GB
Total RAM: 2046 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:41:59, on 17.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
C:\WINDOWS\WebCam\M1000\M1000Mnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\Program Files\Internet Explorer\iexplore.exe
E:\Michal\Download\RSIT.exe
C:\Program Files\trend micro\Šitnerovci.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Seznam Lištička - {B71B15CE-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Listicka\Toolbar.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [M1000Mnt] M1000Rmv.exe /StartStillMnt
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O16 - DPF: {0A6112F2-F9D1-4FBF-A6EC-B67B22915873} (PhotoUploader Control) - http://foto.droxi.cz/snadno-vlozit-foto ... loader.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 1145782140
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://vexcast.com/download/vexcast.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
--
End of file - 10857 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Úklid 1 kliknutím.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2008-12-28 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-12-11 1111320]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CE-3093-459C-B764-AEB2486F2273} - &Seznam Lištička - C:\Program Files\Seznam\Listicka\Toolbar.dll [2005-11-04 790528]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2008-12-28 520192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2006-01-12 155648]
"M1000Mnt"=M1000Rmv.exe /StartStillMnt []
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-12-11 2043160]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2006-09-01 282624]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"WD Drive Manager"=C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [2008-05-16 430080]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-18 30208]
"OEXPRESS"=C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2008-12-28 26624]
"Skype"=C:\Program Files\Skype\\Phone\Skype.exe [2009-10-09 25623336]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-11-25 155648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2009-07-31 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2008-09-25 87352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoClose"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:*:Enabled:PMSManager"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82d0f69e-d5e3-11de-8483-00e07d909e22}]
shell\AutoRun\command - G:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a1ed84cf-6795-11dd-9236-0018f3853ddf}]
shell\Auto\command - tel.xls.exe
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL tel.xls.exe
======List of files/folders created in the last 1 months======
2010-01-17 19:40:09 ----D---- C:\rsit
2010-01-17 19:40:09 ----D---- C:\Program Files\trend micro
2010-01-15 19:43:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2010-01-15 19:37:17 ----A---- C:\WINDOWS\system32\atimpc32.dll
2010-01-15 19:37:17 ----A---- C:\WINDOWS\system32\aticalrt.dll
2010-01-15 19:37:17 ----A---- C:\WINDOWS\system32\aticaldd.dll
2010-01-15 19:37:17 ----A---- C:\WINDOWS\system32\atibtmon.exe
2010-01-15 19:37:16 ----A---- C:\WINDOWS\system32\aticalcl.dll
2010-01-13 10:29:42 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 10:29:28 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-02 10:16:35 ----D---- C:\WINDOWS\system32\nagasoft
2009-12-18 21:06:43 ----A---- C:\WINDOWS\system32\unrar.dll
======List of files/folders modified in the last 1 months======
2010-01-17 19:40:42 ----D---- C:\WINDOWS\Temp
2010-01-17 19:40:28 ----D---- C:\WINDOWS\Prefetch
2010-01-17 19:40:09 ----AD---- C:\Program Files
2010-01-17 19:37:32 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-17 19:35:49 ----A---- C:\WINDOWS\ntbtlog.txt
2010-01-17 19:17:19 ----D---- C:\Documents and Settings\Šitnerovci\Data aplikací\Skype
2010-01-17 19:16:37 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-01-17 18:55:53 ----D---- C:\WINDOWS
2010-01-17 18:46:26 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-17 18:45:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-17 18:45:45 ----AD---- C:\WINDOWS\system32
2010-01-17 18:44:42 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-17 13:42:37 ----D---- C:\Documents and Settings\Šitnerovci\Data aplikací\esmska
2010-01-17 12:55:52 ----D---- C:\Documents and Settings\Šitnerovci\Data aplikací\uTorrent
2010-01-16 09:11:22 ----D---- C:\Documents and Settings\Šitnerovci\Data aplikací\VideoReDoPlus
2010-01-16 00:35:13 ----SD---- C:\WINDOWS\Tasks
2010-01-15 21:41:17 ----D---- C:\Program Files\ICQ6.5
2010-01-15 21:00:32 ----HD---- C:\WINDOWS\inf
2010-01-15 20:21:41 ----D---- C:\WINDOWS\system32\config
2010-01-15 20:20:01 ----SHD---- C:\WINDOWS\Installer
2010-01-15 20:20:01 ----HD---- C:\Config.Msi
2010-01-15 20:20:00 ----D---- C:\Program Files\ATI
2010-01-15 19:40:10 ----RSD---- C:\WINDOWS\assembly
2010-01-15 19:39:55 ----D---- C:\WINDOWS\WinSxS
2010-01-15 19:39:35 ----D---- C:\Program Files\ATI Technologies
2010-01-15 19:37:28 ----AD---- C:\WINDOWS\system32\drivers
2010-01-15 19:37:21 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-01-15 19:37:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-15 18:40:06 ----D---- C:\Documents and Settings\Šitnerovci\Data aplikací\Vso
2010-01-13 15:14:37 ----D---- C:\WINDOWS\AppPatch
2010-01-13 10:29:47 ----A---- C:\WINDOWS\imsins.BAK
2010-01-13 10:29:39 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-12 07:17:07 ----D---- C:\WINDOWS\network diagnostic
2010-01-09 20:16:21 ----D---- C:\Program Files\uTorrent
2010-01-06 10:24:09 ----A---- C:\WINDOWS\IE4 Error Log.txt
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-02 10:16:44 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-24 11:41:18 ----D---- C:\Program Files\AP Tuner
2009-12-18 21:06:40 ----D---- C:\Program Files\K-Lite Codec Pack
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;AMD-Prozessortreiber; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43520]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-07-31 335240]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-07-31 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-04-27 108552]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 Prvflder;Prvflder; C:\WINDOWS\system32\DRIVERS\prvflder.sys [2006-04-21 70912]
R3 AF15BDA;AF9015 BDA Filter; C:\WINDOWS\system32\DRIVERS\AF15BDA.sys [2009-02-27 306816]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-25 4463104]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-07-02 89600]
R3 Avgfwdx;Avgfwdx; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-04-27 29208]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-24 4374016]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]
R3 M1000Srv;M5603C USB2.0 Camera Driver; C:\WINDOWS\System32\Drivers\M1000KNT.sys [2005-07-01 276930]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-12-09 47360]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-07-11 84096]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2008-05-16 11520]
S2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 aoyk5yra;aoyk5yra; C:\WINDOWS\system32\drivers\aoyk5yra.sys []
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 Avgfwfd;AVG network filter service; C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2009-04-27 29208]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-06-05 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-06-05 25512]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-10-05 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 Ser2pl;Prolific Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tap0801;TAP-Win32 Adapter V8; C:\WINDOWS\system32\DRIVERS\tap0801.sys [2004-06-24 23552]
S3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 UltraMonMirror;UltraMonMirror; C:\WINDOWS\system32\DRIVERS\UltraMonMirror.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 86368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 z520bus;Sony Ericsson 520 driver (WDM); C:\WINDOWS\system32\DRIVERS\z520bus.sys [2005-07-26 57648]
S3 z520mdfl;Sony Ericsson 520 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\z520mdfl.sys [2005-07-26 8336]
S3 z520mdm;Sony Ericsson 520 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\z520mdm.sys [2005-07-26 93488]
S3 z520mgmt;Sony Ericsson 520 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\z520mgmt.sys [2005-07-26 84928]
S3 z520obex;Sony Ericsson 520 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\z520obex.sys [2005-07-26 82864]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-11-25 602112]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-31 908056]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-31 297752]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-07-31 1370488]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2008-12-18 9158656]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2006-06-16 446464]
R2 PinnacleSys.MediaServer;Pinnacle Systems Media Service; C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe [2006-01-19 49152]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2008-12-26 603904]
R2 UxTuneUp;TuneUp Rozšíření vzhledu; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2008-05-16 102400]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-01-13 593920]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S2 vvdsvc;VJVodClientServices; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-07 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2005-05-03 323584]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-12-26 360192]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Moc prosim a dekuji za pomoc
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nejde mi spustit spravce pocitace
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Nejde mi spustit spravce pocitace
Zdravím, tohle fixni v HJT :
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
HJT najdeš zde :
C:\Program Files\trend micro\Šitnerovci
Fix znamená že spustíš HJT
v okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
položka Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
položka Registry - tady vyčistíš registry; před použitím doporučuji udělat jejich zálohu, kterou Ccleaner nabízí,
čištění registru je třeba několikrát zopakovat !
Nakonec použij Mbam z mého podpisu.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
HJT najdeš zde :
C:\Program Files\trend micro\Šitnerovci
Fix znamená že spustíš HJT
v okně které se ti otevře klikneš na Do a system scan only
v dalším okně najdeš řádky které jsem ti vypsal,
vedle nich je čtvereček do kterého uděláš zatržítko,
pak klikneš na Fix checked které je vlevo dole,
program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.
Smaž nepotřebné soubory
pomocí CCleaneru
návod :
položka Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš
položka Registry - tady vyčistíš registry; před použitím doporučuji udělat jejich zálohu, kterou Ccleaner nabízí,
čištění registru je třeba několikrát zopakovat !
Nakonec použij Mbam z mého podpisu.
Re: Nejde mi spustit spravce pocitace
Udelal jsem to, problem trva.
Re: Nejde mi spustit spravce pocitace
17.1.2010 20:29:49
mbam-log-2010-01-17 (20-29-49).txt
Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 131736
Uplynulý čas: 7 minute(s), 48 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 5
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 1
Infikované soubory: 2
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
C:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully.
Infikované soubory:
C:\WINDOWS\system32\slideshowsrbndl.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Šitnerovci\Data aplikací\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
mbam-log-2010-01-17 (20-29-49).txt
Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 131736
Uplynulý čas: 7 minute(s), 48 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 5
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 1
Infikované soubory: 2
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.AntiVirus2008) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
C:\WINDOWS\system32\lowsec (Stolen.data) -> Quarantined and deleted successfully.
Infikované soubory:
C:\WINDOWS\system32\slideshowsrbndl.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Šitnerovci\Data aplikací\wiaserva.log (Malware.Trace) -> Quarantined and deleted successfully.
Re: Nejde mi spustit spravce pocitace
V tom Hjacks zustava nejak po restartu furt ta 04 [ctfmon]
Re: Nejde mi spustit spravce pocitace
Nevadí.Michal77 píše:V tom Hjacks zustava nejak po restartu furt ta 04 [ctfmon]
Nyní stáhni a ulož na plochu ComboFix,
spusť aplikaci pod účtem s administrátorským oprávněním a povol instalaci Konzole pro zotavení - Recovery Console.
Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,
pak ještě jednou klik na ANO a už to jede.
Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.
Při skenovaní může být PC i restartováno nelekat se.
Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,
protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.
Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt
(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah vlož sem.
Re: Nejde mi spustit spravce pocitace
ComboFix 10-01-16.04 - Šitnerovci 17.01.2010 21:30:58.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1503 [GMT 1:00]
Spuštěný z: e:\michal\Download\ComboFix.exe
AV: AVG Anti-Virus Network Edition *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\ćitnerovci\Dokumenty\cc_20100117_201806.reg
c:\program files\Hide Real IP
c:\program files\Hide Real IP\ccodes.txt
c:\program files\Hide Real IP\hide-real-ip.exe.manifest
c:\program files\Hide Real IP\ProxyNew.dll
c:\program files\ICQ6.5\updates\ICQLRun.exe.91c2e91e127ccb34d0b0bbd8b0533169
c:\recycler\S-1-5-21-1053339724-3373205691-86384122-1006
c:\recycler\S-1-5-21-3148275188-665901192-2551980499-1003
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-17 do 2010-01-17 )))))))))))))))))))))))))))))))
.
2010-01-17 19:20 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-17 19:20 . 2010-01-17 19:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-17 19:20 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-17 19:11 . 2010-01-17 19:11 -------- d-----w- c:\program files\CCleaner
2010-01-17 18:40 . 2010-01-17 20:16 -------- d-----w- c:\program files\trend micro
2010-01-17 18:40 . 2010-01-17 18:42 -------- d-----w- C:\rsit
2010-01-15 18:37 . 2009-11-25 02:26 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-01-15 18:37 . 2009-11-25 02:20 45056 ----a-w- c:\windows\system32\aticalrt.dll
2010-01-15 18:37 . 2009-11-25 02:18 3612672 ----a-w- c:\windows\system32\aticaldd.dll
2010-01-15 18:37 . 2009-05-11 22:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2010-01-15 18:37 . 2009-11-25 02:20 45056 ----a-w- c:\windows\system32\aticalcl.dll
2010-01-13 07:12 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-02 09:16 . 2010-01-02 09:16 -------- d-----w- c:\windows\system32\nagasoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 20:41 . 2009-03-11 17:02 -------- d-----w- c:\program files\ICQ6.5
2010-01-15 19:20 . 2009-02-06 14:13 -------- d-----w- c:\program files\ATI
2010-01-15 18:39 . 2006-10-24 00:35 -------- d-----w- c:\program files\ATI Technologies
2010-01-09 19:16 . 2007-07-24 19:02 -------- d-----w- c:\program files\uTorrent
2009-12-24 10:41 . 2008-03-03 17:07 -------- d-----w- c:\program files\AP Tuner
2009-12-18 20:06 . 2009-07-24 14:25 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-11-25 03:50 . 2006-10-23 18:31 4463104 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-11-25 03:27 . 2007-06-13 19:25 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-11-25 03:26 . 2006-10-23 18:31 300032 ----a-w- c:\windows\system32\ati2dvag.dll
2009-11-25 03:11 . 2006-10-23 18:31 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2009-11-25 03:11 . 2006-10-23 18:31 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-11-25 03:10 . 2006-10-23 18:31 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-11-25 03:10 . 2006-10-23 18:31 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-11-25 03:10 . 2006-10-23 18:31 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-11-25 03:09 . 2006-10-23 18:31 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-11-25 03:07 . 2006-10-23 18:31 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-11-25 02:59 . 2006-10-23 18:31 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-11-25 02:59 . 2006-10-23 18:31 3538496 ----a-w- c:\windows\system32\ati3duag.dll
2009-11-25 02:44 . 2006-10-23 18:31 13533184 ----a-w- c:\windows\system32\atioglxx.dll
2009-11-25 02:43 . 2006-10-23 18:31 2142848 ----a-w- c:\windows\system32\ativvaxx.dll
2009-11-25 02:42 . 2007-06-13 18:57 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-11-25 02:42 . 2007-06-13 18:57 3 ----a-w- c:\windows\system32\ativva5x.dat
2009-11-25 02:26 . 2007-12-21 02:24 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2009-11-25 02:21 . 2006-10-23 18:31 565248 ----a-w- c:\windows\system32\atikvmag.dll
2009-11-25 02:19 . 2008-09-11 01:19 176128 ----a-w- c:\windows\system32\atiadlxx.dll
2009-11-25 02:18 . 2006-10-23 18:31 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-11-25 02:18 . 2006-10-23 18:31 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-11-25 02:17 . 2007-06-13 18:41 397312 ----a-w- c:\windows\system32\atiok3x2.dll
2009-11-25 02:12 . 2006-10-23 18:31 638976 ----a-w- c:\windows\system32\ati2cqag.dll
2009-11-21 16:03 . 2006-10-23 18:24 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-20 22:30 . 2006-11-26 14:24 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-20 21:53 . 2009-02-22 09:39 -------- d-----w- c:\program files\BitSpirit
2009-11-20 14:47 . 2009-11-20 14:47 -------- d-----w- c:\program files\Western Digital Technologies
2009-11-20 14:47 . 2009-11-20 14:47 -------- d-----w- c:\program files\Western Digital
2009-10-29 07:43 . 2006-10-23 18:24 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-22 15:59 . 2006-10-23 18:31 196565 ----a-w- c:\windows\system32\atiicdxx.dat
2009-10-21 05:40 . 2006-10-23 18:24 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2006-10-23 18:24 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-03 23:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2008-05-02 13:37 . 2008-05-02 13:37 251392 ----a-w- c:\program files\opera\program\plugins\dapop.dll
.
------- Sigcheck -------
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2007-06-13 . ED7B460B142A32097B8A8F6ECC941815 . 1033728 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 9B32416BD5988C97B6397CE0B02CAF97 . 1033728 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2005-04-07 . 0DAAB4200AF0E13968F718F1BA32A922 . 1183232 . . [6.00.2900.2649] . . c:\windows\explorer.exe
[-] 2005-04-07 . 0DAAB4200AF0E13968F718F1BA32A922 . 1183232 . . [6.00.2900.2649] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2005-04-07 . 88260E46E778EC78345959A08F047634 . 1032192 . . [6.00.2900.2649] . . c:\windows\XPize\Backup\explorer.exe
[-] 2004-08-18 . 77FABA5A6440FCF805ABA10A0B868A23 . 30208 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
[-] 2004-08-18 . 77FABA5A6440FCF805ABA10A0B868A23 . 30208 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2004-08-18 . 77FABA5A6440FCF805ABA10A0B868A23 . 30208 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-18 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\XPize\Backup\ctfmon.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-11 2043160]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):58,50,69,7a,65,5f,4c,6f,67,6f,6e,2e,65,78,65,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-31 06:40 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-09-25 11:28 87352 ----a-w- c:\windows\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
"TaskSwitchXP"=c:\program files\TaskSwitchXP\TaskSwitchXP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"TO2SSM_McciTrayApp"=c:\program files\TO2SSM\McciTrayApp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutLauncher.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [25.7.2008 13:10 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [25.7.2008 13:10 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [25.7.2008 13:10 108552]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [14.6.2006 20:44 93824]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [27.4.2009 7:42 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8.1.2009 9:42 297752]
R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [27.4.2009 7:41 1370488]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [5.10.2008 19:53 47640]
R2 Prvflder;Prvflder;c:\windows\system32\drivers\prvflder.sys [21.4.2006 8:22 70912]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [16.5.2008 17:12 102400]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [25.7.2008 13:28 29208]
R3 M1000Srv;M5603C USB2.0 Camera Driver;c:\windows\system32\drivers\M1000KNT.sys [18.6.2007 16:13 276930]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.7.2007 12:36 685816]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [25.7.2008 13:28 29208]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [21.12.2007 11:26 13224]
S3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [24.6.2004 3:54 23552]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [21.6.2007 16:21 30720]
S3 UltraMonMirror;UltraMonMirror;c:\windows\system32\DRIVERS\UltraMonMirror.sys --> c:\windows\system32\DRIVERS\UltraMonMirror.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [20.11.2009 15:47 11520]
S3 z520bus;Sony Ericsson 520 driver (WDM);c:\windows\system32\drivers\z520bus.sys [21.12.2007 11:44 57648]
S3 z520mdfl;Sony Ericsson 520 USB WMC Modem Filter;c:\windows\system32\drivers\z520mdfl.sys [21.12.2007 11:44 8336]
S3 z520mdm;Sony Ericsson 520 USB WMC Modem Drivers;c:\windows\system32\drivers\z520mdm.sys [21.12.2007 11:44 93488]
S3 z520mgmt;Sony Ericsson 520 USB WMC Device Management Drivers;c:\windows\system32\drivers\z520mgmt.sys [21.12.2007 11:44 84928]
S3 z520obex;Sony Ericsson 520 USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\z520obex.sys [21.12.2007 11:44 82864]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
vvdsvc REG_MULTI_SZ vvdsvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-01-17 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
2010-01-17 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = local
uInternet Settings,ProxyServer = 127.0.0.1:8080
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
DPF: {0A6112F2-F9D1-4FBF-A6EC-B67B22915873} - hxxp://foto.droxi.cz/snadno-vlozit-fotografie/ilt/ilikethisPhotoUploader.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-M1000Mnt - M1000Rmv.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-17 21:35
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OOCC06.00.00.01WSSV"="7069441BF7C737CC26343E34C9595D8C11B71E41647157EBDDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667C038D530D6EB34528EDD5E5BE2F6E667A6171C11EC38DE3D24A0FC0CF058B70985D8F2D679443BBC00A7B806A8413C6F6C634F8C43C5A4804F9D931DD1C082B600435F43ED42121E19CC807E59AE1B72B5F87B7BE60D1A19861D1F53B452442A2F856C5EADD2C90E74E2C6166CB17CA5C4437D88DAEAB406FD2C1B5CB0659240182D8F5E37A086420F171E2C65E432B7A633A65BC50C900FF81A394832D777FC560A785FD9585E16F75BD10319E57EFE037AFE80229F3F24D07B5A8D7A08710316B207DC3BADDB86D2E6DEC3B0D799711191BF683F59C4D3F22817841B5DF19F1C7ECDBB53527EB956B477F8AB61302A9BB2D7E63EF01A53E1BCBBEBFB3EDE3F3C8C97407083BA74CC800013DAAD626B845DE93597A22D7C3199C6E35A191273E23C6017B17D75A3184E1263E36A4418BFD44DEE16ADDE4B0B626BF2445D5BF00D34574D8C828B5329637BA241CA5CB7559F0A15D7550461AC7E920220807A94CD5DE2544957CAB7074A3E6C3F86A8766189618CCFE1E503671CD65E23F9A7DAC9E31A8485C5F528CED18F40815618A495A0C41C441EC098A0A887B8D9C70B65BC3A4B97B11CC49FAF0BD800FCF98F35343A5A71D0DA46AFD05BA928A369437B7514F4AB132CE2BB6B4B3874FAB3E4C096EBFC1DE36A1C7A06AAF125B5646284D4EB4CC3C04AED405A307E491ACAE60329113C93C0A55ACB61D14F0D16C1EE10527D3A45295179156793318D4C88D4DC6BC7582B7D670D1E18D25E22220D624FF7CB5B7B8C1E8D44929A8A33D53DE150F276C9230590388DF371740888D72A99E21A00150093A3FA6DA97793523B368666403B9A96034DD9D0B49849CD352AE646F22D23EB95AB0FA1EC19E92ED7EDCB039309944427386A216A8553C840B65768A3199C0D0F88F568D046D42C6E1A0E999D48FB75E955466B21ACF727131A2AA3BB335DF4ED10C9120707D6615EBDE38DD1BD1CE3B8749B452EAF6BE550934765929B210723904B81879A59370A508356E7E4A520885B3A5FA8E648DA9CD33832BE258C7D23455CAD0CF0276D57BE4802DAEB2C0BD143977A6DDD8AAD1F81A99D9F59A4E3EA6304A3123070133269B331E935A8DC8ED94CE99C54955885B66F5355F5D41B7491EC80DB32461009A4E8151757F79F3EBD15981BBC2CAD7F017E9145E86AD944EA67787083A19DCCB63079AB1D5AB2E586D3040F407ACE43E170AA98D81926DEFC64D297E65D4875DC74B8B005F2C80D3D0CBC66390DB4085083043C1DF65ECCCCFA6AE2513AF37DC6C64377C04BE7BE5DE867D0B754AA8BB69998E143FD339DD1E6AF22EC59D46419"
"OODEFRAG11.00.00.01WORKSTATION"="E92492385B432A153341A4B8D1A2C41C9E6915B2E68DD11E7BB193C250529D7E26DB601F7C602B615761A11F8EDBE46D4413074BA5C4B4AC93C63FFEF22FD8F01817BC9B288914D46333494DA87028412738EAD99717248B67A518872FBF7F9BF3583D0966FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E667A6A0AC4980AC7933A6171C11EC38DE3DD00454A597BF0E632B0674B85C827275D1328191B5A08FD0D46E7A21894836784534F22D085DDB9027AFB956A5041181FC2796E4ACF00073D7BE92EB590FFD97047FD3370B7435BFBA33878E01A54C43EC185CC3A92C33BD95528C15FE77709423437B5B799682CE6D9E590F8936D53D3ADB6690A8FD4776576D37537929B19ABCD28EC5F108156F4871CF161E3949C70041EEC0EAC53DB9E74C82710982CCABED76DAB556431F295B1FADF96164A08C5D8951DBF318F9F61A9A05CC3212AF9BD8E74CFC4DF5B9D3398FDBA13CA13C0AF5E710028B3CC8F2C07CF9D7BF9CAD14A2567805C0825F9D771F660A5711E11472074FE1BDACD4C4B5063D993E1C7D90F46515C6DEFBEE09321EFCC32403B9D0FD03D7C15C1A305754C2D2ABFD3C3864FCABFC531AAD2C6B86CFF172D4014FBAC86E95FAF9E7516BFE305EBC95DD5C316D342F4DA794BEEE17ECBF4D604293A0844C9B7B6EAC1094993F2C0E5C93CD71FB7D4EEA0363B1100DA001A203B7DAA56B969DC2D6352B3B8CD8A8F6712851F061FBA1F9E8FD7422118C74D13A03DD42373AF4681300C299C3D3E561349792D2DB159357DCFDDAC9D044004FCA7B383E28989E9347415D4132801A4CCA929F09AC26B377A3B19B0201CD2BA33A29EBB80306BA825C606415C91F1F491FFC6ADE1AFB34E1C89AD297D7A721EA554D5BA60DCC0E07FCF8A4CC85E772FDDC6F48EEEDD9ECB1996E802C0FC03254A95ACF4D152802849AD94F74E0033626F4B7F5A974F6D89428950637657D52258B74F648E64AA4F568867AEBDB0F300F9E5411D6007F15CFCBAE2D809FB4193691785E855AD8A4695F381FE57C9DCA1B50FA9B8D6791E6B91D0B9E26013443F297F47DC7C36AD8FDBB589A6C4BB593BF4A14FBB982BFB23E7BAF6C1A57BBAF5CBC2AA9A5000F386A7C88AED8D3D03D890B3CFD1DB01206DC085708A36F7E6205E290A28BEE46E176661B805C285C9B94D8C34D4C51030D28A96E4AD91CA48417B25386B674849481811799795BBB2A94BCAFFD2FCC819D460B166EAC34C9DF4E164E5AB977B3377B1B38E60A87C387CE043706050BEFAC7498A4135D137F66FA3D1685FC64B0D1E9C16FBB38483F739EBF4841DB7927D5818524BB8196C82A011BF0563AA9CC11E5CA5E4A04BEEB56F1C404EB1A8AF157D0C7525003A11D65"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1296)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
c:\windows\system32\cscui.dll
.
Celkový čas: 2010-01-17 21:37:33
ComboFix-quarantined-files.txt 2010-01-17 20:37
Před spuštěním: Volných bajtů: 29 780 865 024
Po spuštění: Volných bajtů: 30 356 520 960
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - C48E5AFB6A9F032EC063F6F9A774D7D9
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1503 [GMT 1:00]
Spuštěný z: e:\michal\Download\ComboFix.exe
AV: AVG Anti-Virus Network Edition *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *enabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\ćitnerovci\Dokumenty\cc_20100117_201806.reg
c:\program files\Hide Real IP
c:\program files\Hide Real IP\ccodes.txt
c:\program files\Hide Real IP\hide-real-ip.exe.manifest
c:\program files\Hide Real IP\ProxyNew.dll
c:\program files\ICQ6.5\updates\ICQLRun.exe.91c2e91e127ccb34d0b0bbd8b0533169
c:\recycler\S-1-5-21-1053339724-3373205691-86384122-1006
c:\recycler\S-1-5-21-3148275188-665901192-2551980499-1003
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-17 do 2010-01-17 )))))))))))))))))))))))))))))))
.
2010-01-17 19:20 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-17 19:20 . 2010-01-17 19:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-17 19:20 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-17 19:11 . 2010-01-17 19:11 -------- d-----w- c:\program files\CCleaner
2010-01-17 18:40 . 2010-01-17 20:16 -------- d-----w- c:\program files\trend micro
2010-01-17 18:40 . 2010-01-17 18:42 -------- d-----w- C:\rsit
2010-01-15 18:37 . 2009-11-25 02:26 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-01-15 18:37 . 2009-11-25 02:20 45056 ----a-w- c:\windows\system32\aticalrt.dll
2010-01-15 18:37 . 2009-11-25 02:18 3612672 ----a-w- c:\windows\system32\aticaldd.dll
2010-01-15 18:37 . 2009-05-11 22:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2010-01-15 18:37 . 2009-11-25 02:20 45056 ----a-w- c:\windows\system32\aticalcl.dll
2010-01-13 07:12 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-02 09:16 . 2010-01-02 09:16 -------- d-----w- c:\windows\system32\nagasoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 20:41 . 2009-03-11 17:02 -------- d-----w- c:\program files\ICQ6.5
2010-01-15 19:20 . 2009-02-06 14:13 -------- d-----w- c:\program files\ATI
2010-01-15 18:39 . 2006-10-24 00:35 -------- d-----w- c:\program files\ATI Technologies
2010-01-09 19:16 . 2007-07-24 19:02 -------- d-----w- c:\program files\uTorrent
2009-12-24 10:41 . 2008-03-03 17:07 -------- d-----w- c:\program files\AP Tuner
2009-12-18 20:06 . 2009-07-24 14:25 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-11-25 03:50 . 2006-10-23 18:31 4463104 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-11-25 03:27 . 2007-06-13 19:25 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-11-25 03:26 . 2006-10-23 18:31 300032 ----a-w- c:\windows\system32\ati2dvag.dll
2009-11-25 03:11 . 2006-10-23 18:31 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2009-11-25 03:11 . 2006-10-23 18:31 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-11-25 03:10 . 2006-10-23 18:31 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-11-25 03:10 . 2006-10-23 18:31 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-11-25 03:10 . 2006-10-23 18:31 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-11-25 03:09 . 2006-10-23 18:31 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-11-25 03:07 . 2006-10-23 18:31 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-11-25 02:59 . 2006-10-23 18:31 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-11-25 02:59 . 2006-10-23 18:31 3538496 ----a-w- c:\windows\system32\ati3duag.dll
2009-11-25 02:44 . 2006-10-23 18:31 13533184 ----a-w- c:\windows\system32\atioglxx.dll
2009-11-25 02:43 . 2006-10-23 18:31 2142848 ----a-w- c:\windows\system32\ativvaxx.dll
2009-11-25 02:42 . 2007-06-13 18:57 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-11-25 02:42 . 2007-06-13 18:57 3 ----a-w- c:\windows\system32\ativva5x.dat
2009-11-25 02:26 . 2007-12-21 02:24 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2009-11-25 02:21 . 2006-10-23 18:31 565248 ----a-w- c:\windows\system32\atikvmag.dll
2009-11-25 02:19 . 2008-09-11 01:19 176128 ----a-w- c:\windows\system32\atiadlxx.dll
2009-11-25 02:18 . 2006-10-23 18:31 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-11-25 02:18 . 2006-10-23 18:31 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-11-25 02:17 . 2007-06-13 18:41 397312 ----a-w- c:\windows\system32\atiok3x2.dll
2009-11-25 02:12 . 2006-10-23 18:31 638976 ----a-w- c:\windows\system32\ati2cqag.dll
2009-11-21 16:03 . 2006-10-23 18:24 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-20 22:30 . 2006-11-26 14:24 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-20 21:53 . 2009-02-22 09:39 -------- d-----w- c:\program files\BitSpirit
2009-11-20 14:47 . 2009-11-20 14:47 -------- d-----w- c:\program files\Western Digital Technologies
2009-11-20 14:47 . 2009-11-20 14:47 -------- d-----w- c:\program files\Western Digital
2009-10-29 07:43 . 2006-10-23 18:24 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-22 15:59 . 2006-10-23 18:31 196565 ----a-w- c:\windows\system32\atiicdxx.dat
2009-10-21 05:40 . 2006-10-23 18:24 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2006-10-23 18:24 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-03 23:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2008-05-02 13:37 . 2008-05-02 13:37 251392 ----a-w- c:\program files\opera\program\plugins\dapop.dll
.
------- Sigcheck -------
[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
[-] 2007-06-13 . ED7B460B142A32097B8A8F6ECC941815 . 1033728 . . [6.00.2900.3156] . . c:\windows\$NtServicePackUninstall$\explorer.exe
[-] 2007-06-13 . 9B32416BD5988C97B6397CE0B02CAF97 . 1033728 . . [6.00.2900.3156] . . c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
[-] 2005-04-07 . 0DAAB4200AF0E13968F718F1BA32A922 . 1183232 . . [6.00.2900.2649] . . c:\windows\explorer.exe
[-] 2005-04-07 . 0DAAB4200AF0E13968F718F1BA32A922 . 1183232 . . [6.00.2900.2649] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2005-04-07 . 88260E46E778EC78345959A08F047634 . 1032192 . . [6.00.2900.2649] . . c:\windows\XPize\Backup\explorer.exe
[-] 2004-08-18 . 77FABA5A6440FCF805ABA10A0B868A23 . 30208 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe
[-] 2004-08-18 . 77FABA5A6440FCF805ABA10A0B868A23 . 30208 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2004-08-18 . 77FABA5A6440FCF805ABA10A0B868A23 . 30208 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-18 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\XPize\Backup\ctfmon.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-11 2043160]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):58,50,69,7a,65,5f,4c,6f,67,6f,6e,2e,65,78,65,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-07-31 06:40 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-09-25 11:28 87352 ----a-w- c:\windows\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" -lang 1033 -noicon
"TaskSwitchXP"=c:\program files\TaskSwitchXP\TaskSwitchXP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe"
"HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"TO2SSM_McciTrayApp"=c:\program files\TO2SSM\McciTrayApp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaManager\\PMSManager.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutLauncher.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [25.7.2008 13:10 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [25.7.2008 13:10 335240]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [25.7.2008 13:10 108552]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [14.6.2006 20:44 93824]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [27.4.2009 7:42 908056]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8.1.2009 9:42 297752]
R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [27.4.2009 7:41 1370488]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [5.10.2008 19:53 47640]
R2 Prvflder;Prvflder;c:\windows\system32\drivers\prvflder.sys [21.4.2006 8:22 70912]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [16.5.2008 17:12 102400]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [25.7.2008 13:28 29208]
R3 M1000Srv;M5603C USB2.0 Camera Driver;c:\windows\system32\drivers\M1000KNT.sys [18.6.2007 16:13 276930]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7.7.2007 12:36 685816]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [25.7.2008 13:28 29208]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [21.12.2007 11:26 13224]
S3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [24.6.2004 3:54 23552]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [21.6.2007 16:21 30720]
S3 UltraMonMirror;UltraMonMirror;c:\windows\system32\DRIVERS\UltraMonMirror.sys --> c:\windows\system32\DRIVERS\UltraMonMirror.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [20.11.2009 15:47 11520]
S3 z520bus;Sony Ericsson 520 driver (WDM);c:\windows\system32\drivers\z520bus.sys [21.12.2007 11:44 57648]
S3 z520mdfl;Sony Ericsson 520 USB WMC Modem Filter;c:\windows\system32\drivers\z520mdfl.sys [21.12.2007 11:44 8336]
S3 z520mdm;Sony Ericsson 520 USB WMC Modem Drivers;c:\windows\system32\drivers\z520mdm.sys [21.12.2007 11:44 93488]
S3 z520mgmt;Sony Ericsson 520 USB WMC Device Management Drivers;c:\windows\system32\drivers\z520mgmt.sys [21.12.2007 11:44 84928]
S3 z520obex;Sony Ericsson 520 USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\z520obex.sys [21.12.2007 11:44 82864]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
vvdsvc REG_MULTI_SZ vvdsvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-01-17 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
2010-01-17 c:\windows\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = local
uInternet Settings,ProxyServer = 127.0.0.1:8080
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
DPF: {0A6112F2-F9D1-4FBF-A6EC-B67B22915873} - hxxp://foto.droxi.cz/snadno-vlozit-fotografie/ilt/ilikethisPhotoUploader.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-M1000Mnt - M1000Rmv.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-17 21:35
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OOCC06.00.00.01WSSV"="7069441BF7C737CC26343E34C9595D8C11B71E41647157EBDDFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667C038D530D6EB34528EDD5E5BE2F6E667A6171C11EC38DE3D24A0FC0CF058B70985D8F2D679443BBC00A7B806A8413C6F6C634F8C43C5A4804F9D931DD1C082B600435F43ED42121E19CC807E59AE1B72B5F87B7BE60D1A19861D1F53B452442A2F856C5EADD2C90E74E2C6166CB17CA5C4437D88DAEAB406FD2C1B5CB0659240182D8F5E37A086420F171E2C65E432B7A633A65BC50C900FF81A394832D777FC560A785FD9585E16F75BD10319E57EFE037AFE80229F3F24D07B5A8D7A08710316B207DC3BADDB86D2E6DEC3B0D799711191BF683F59C4D3F22817841B5DF19F1C7ECDBB53527EB956B477F8AB61302A9BB2D7E63EF01A53E1BCBBEBFB3EDE3F3C8C97407083BA74CC800013DAAD626B845DE93597A22D7C3199C6E35A191273E23C6017B17D75A3184E1263E36A4418BFD44DEE16ADDE4B0B626BF2445D5BF00D34574D8C828B5329637BA241CA5CB7559F0A15D7550461AC7E920220807A94CD5DE2544957CAB7074A3E6C3F86A8766189618CCFE1E503671CD65E23F9A7DAC9E31A8485C5F528CED18F40815618A495A0C41C441EC098A0A887B8D9C70B65BC3A4B97B11CC49FAF0BD800FCF98F35343A5A71D0DA46AFD05BA928A369437B7514F4AB132CE2BB6B4B3874FAB3E4C096EBFC1DE36A1C7A06AAF125B5646284D4EB4CC3C04AED405A307E491ACAE60329113C93C0A55ACB61D14F0D16C1EE10527D3A45295179156793318D4C88D4DC6BC7582B7D670D1E18D25E22220D624FF7CB5B7B8C1E8D44929A8A33D53DE150F276C9230590388DF371740888D72A99E21A00150093A3FA6DA97793523B368666403B9A96034DD9D0B49849CD352AE646F22D23EB95AB0FA1EC19E92ED7EDCB039309944427386A216A8553C840B65768A3199C0D0F88F568D046D42C6E1A0E999D48FB75E955466B21ACF727131A2AA3BB335DF4ED10C9120707D6615EBDE38DD1BD1CE3B8749B452EAF6BE550934765929B210723904B81879A59370A508356E7E4A520885B3A5FA8E648DA9CD33832BE258C7D23455CAD0CF0276D57BE4802DAEB2C0BD143977A6DDD8AAD1F81A99D9F59A4E3EA6304A3123070133269B331E935A8DC8ED94CE99C54955885B66F5355F5D41B7491EC80DB32461009A4E8151757F79F3EBD15981BBC2CAD7F017E9145E86AD944EA67787083A19DCCB63079AB1D5AB2E586D3040F407ACE43E170AA98D81926DEFC64D297E65D4875DC74B8B005F2C80D3D0CBC66390DB4085083043C1DF65ECCCCFA6AE2513AF37DC6C64377C04BE7BE5DE867D0B754AA8BB69998E143FD339DD1E6AF22EC59D46419"
"OODEFRAG11.00.00.01WORKSTATION"="E92492385B432A153341A4B8D1A2C41C9E6915B2E68DD11E7BB193C250529D7E26DB601F7C602B615761A11F8EDBE46D4413074BA5C4B4AC93C63FFEF22FD8F01817BC9B288914D46333494DA87028412738EAD99717248B67A518872FBF7F9BF3583D0966FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79338EDD5E5BE2F6E667A6A0AC4980AC7933A6171C11EC38DE3DD00454A597BF0E632B0674B85C827275D1328191B5A08FD0D46E7A21894836784534F22D085DDB9027AFB956A5041181FC2796E4ACF00073D7BE92EB590FFD97047FD3370B7435BFBA33878E01A54C43EC185CC3A92C33BD95528C15FE77709423437B5B799682CE6D9E590F8936D53D3ADB6690A8FD4776576D37537929B19ABCD28EC5F108156F4871CF161E3949C70041EEC0EAC53DB9E74C82710982CCABED76DAB556431F295B1FADF96164A08C5D8951DBF318F9F61A9A05CC3212AF9BD8E74CFC4DF5B9D3398FDBA13CA13C0AF5E710028B3CC8F2C07CF9D7BF9CAD14A2567805C0825F9D771F660A5711E11472074FE1BDACD4C4B5063D993E1C7D90F46515C6DEFBEE09321EFCC32403B9D0FD03D7C15C1A305754C2D2ABFD3C3864FCABFC531AAD2C6B86CFF172D4014FBAC86E95FAF9E7516BFE305EBC95DD5C316D342F4DA794BEEE17ECBF4D604293A0844C9B7B6EAC1094993F2C0E5C93CD71FB7D4EEA0363B1100DA001A203B7DAA56B969DC2D6352B3B8CD8A8F6712851F061FBA1F9E8FD7422118C74D13A03DD42373AF4681300C299C3D3E561349792D2DB159357DCFDDAC9D044004FCA7B383E28989E9347415D4132801A4CCA929F09AC26B377A3B19B0201CD2BA33A29EBB80306BA825C606415C91F1F491FFC6ADE1AFB34E1C89AD297D7A721EA554D5BA60DCC0E07FCF8A4CC85E772FDDC6F48EEEDD9ECB1996E802C0FC03254A95ACF4D152802849AD94F74E0033626F4B7F5A974F6D89428950637657D52258B74F648E64AA4F568867AEBDB0F300F9E5411D6007F15CFCBAE2D809FB4193691785E855AD8A4695F381FE57C9DCA1B50FA9B8D6791E6B91D0B9E26013443F297F47DC7C36AD8FDBB589A6C4BB593BF4A14FBB982BFB23E7BAF6C1A57BBAF5CBC2AA9A5000F386A7C88AED8D3D03D890B3CFD1DB01206DC085708A36F7E6205E290A28BEE46E176661B805C285C9B94D8C34D4C51030D28A96E4AD91CA48417B25386B674849481811799795BBB2A94BCAFFD2FCC819D460B166EAC34C9DF4E164E5AB977B3377B1B38E60A87C387CE043706050BEFAC7498A4135D137F66FA3D1685FC64B0D1E9C16FBB38483F739EBF4841DB7927D5818524BB8196C82A011BF0563AA9CC11E5CA5E4A04BEEB56F1C404EB1A8AF157D0C7525003A11D65"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1296)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
c:\windows\system32\cscui.dll
.
Celkový čas: 2010-01-17 21:37:33
ComboFix-quarantined-files.txt 2010-01-17 20:37
Před spuštěním: Volných bajtů: 29 780 865 024
Po spuštění: Volných bajtů: 30 356 520 960
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - C48E5AFB6A9F032EC063F6F9A774D7D9
Re: Nejde mi spustit spravce pocitace
Než budeme pokračovat tohle :
c:\windows\system32\dllcache\tcpip.sys
c:\windows\explorer.exe
c:\windows\system32\ctfmon.exe
postupně otestuj na VIRUSTOTAL
(po načtení stránky klikni na tlačítko Procházet, najdi cestu k výše zmíněnému souboru a klikni na tlačítko Odeslat soubor
trvá to okolo deseti minut pak mi sem nakopíruj link, to je ten řádek nahoře v prohlížeči)
c:\windows\system32\dllcache\tcpip.sys
c:\windows\explorer.exe
c:\windows\system32\ctfmon.exe
postupně otestuj na VIRUSTOTAL
(po načtení stránky klikni na tlačítko Procházet, najdi cestu k výše zmíněnému souboru a klikni na tlačítko Odeslat soubor
trvá to okolo deseti minut pak mi sem nakopíruj link, to je ten řádek nahoře v prohlížeči)
Re: Nejde mi spustit spravce pocitace
Nechci tě nějak honit ale tohle nebudou tvoje výsledky podle data testování :
Datum: 2010.01.14 11:56:27 UTC
Datum: 2010.01.18 23:58:56 UTC
Datum: 2009.10.27 12:07:35 UTC
fakt potřebuji abys otestoval svoje soubory.
Datum: 2010.01.14 11:56:27 UTC
Datum: 2010.01.18 23:58:56 UTC
Datum: 2009.10.27 12:07:35 UTC
fakt potřebuji abys otestoval svoje soubory.
Re: Nejde mi spustit spravce pocitace
ale ja opravdu delam co mam, nechapu ty vysledky, dam odeslat soubor, trva to mene jak minutu a zkopiruju link. Nic jineho
Re: Nejde mi spustit spravce pocitace
aha, davam znovu testovat, tak moment
Přispějete na provoz fóra?