Prosim o kontrolu logu
Napsal: 26 úno 2010 12:16
Z meho emailu zaclo odchazet velke mnozstvi emailu, prosim o kontrolu logu.
Moc dekuji
FreeFixer v0.50 log
http://www.freefixer.com/
Operating system: Windows XP Service Pack 3
Log dated 2010-02-26 12:10
Registry Startups (17 whitelisted)
HKLM\..\Run, AmIcoSinglun = C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
HKLM\..\Run, ETDWare = C:\Program Files\Elantech\ETDCtrl.exe
HKLM\..\Run, CnwiDeviceAgent = C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
HKCU\..\Run, QIP2005 = C:\Program Files\QIP\qip.exe
HKCU\..\Run, Gadwin PrintScreen = "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
HKCU\..\Run, AdobeBridge = (no file specified)
Autostart shortcuts (1 whitelisted)
Bluetooth.lnk, Zástupce pro spuštění technologie Bluetooth, C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
imagePROGRAF Status Monitor.lnk, , C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
Processes (36 whitelisted)
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\FreeFixer\freefixer.exe
Application modules (72 whitelisted)
C:\WINDOWS\system32\btmmhook.dll
C:\Program Files\Bonjour\mdnsNSP.dll
Services (41 whitelisted)
btwdins, Bluetooth Service, c:\program files\widcomm\bluetooth software\bin\btwdins.exe
IJPLMSVC, PIXMA Extended Survey Program, c:\program files\canon\ijplm\ijplmsvc.exe
Drivers (32 whitelisted)
sptd, , C:\WINDOWS\system32\drivers\sptd.sys
Windows XP Firewall authorized apps (10 whitelisted)
C:\Program Files\Skype\Plugin Manager\skypePM.exe
Firefox Extensions
Rank Checker, C:\Documents and Settings\Krtek\Data aplikací\Mozilla\Firefox\Profiles\lx6h9zi6.default\extensions\jklir@volny.cz\install.rdf
Java Console, C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\install.rdf
Recently created/modified files (1 whitelisted)
26 minutes, c:\32788R22FWJFW\Nircmd.com
26 minutes, c:\WINDOWS\system32\cmd.execf
27 minutes, c:\32788R22FWJFW\ERDNT.e_e
27 minutes, c:\32788R22FWJFW\zip.cfexe
27 minutes, c:\32788R22FWJFW\WRP.cfexe
27 minutes, c:\32788R22FWJFW\unzip.cfexe
27 minutes, c:\32788R22FWJFW\tail.cfexe
27 minutes, c:\32788R22FWJFW\vFind.cfexe
27 minutes, c:\32788R22FWJFW\swxcacls.cfexe
27 minutes, c:\32788R22FWJFW\swsc.cfexe
27 minutes, c:\32788R22FWJFW\SF.cfexe
27 minutes, c:\32788R22FWJFW\setpath.cfexe
27 minutes, c:\32788R22FWJFW\setcsum.cfexe
27 minutes, c:\32788R22FWJFW\sed.cfexe
27 minutes, c:\32788R22FWJFW\pv.cfexe
27 minutes, c:\32788R22FWJFW\NirCmdC.cfexe
27 minutes, c:\32788R22FWJFW\NirCmd.cfexe
27 minutes, c:\32788R22FWJFW\mtee.cfexe
27 minutes, c:\32788R22FWJFW\md5deep.cfexe
27 minutes, c:\32788R22FWJFW\moveex.cfexe
27 minutes, c:\32788R22FWJFW\grep.cfexe
27 minutes, c:\32788R22FWJFW\gsar.cfexe
27 minutes, c:\32788R22FWJFW\extract.cfexe
27 minutes, c:\32788R22FWJFW\fdsv.cfexe
27 minutes, c:\32788R22FWJFW\fi.cfexe
27 minutes, c:\32788R22FWJFW\ERUNT.cfexe
27 minutes, c:\32788R22FWJFW\dumphive.cfexe
27 minutes, c:\32788R22FWJFW\dd.cfexe
27 minutes, c:\32788R22FWJFW\ComboFix-Download.cfexe
History
-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Microsoft Driver Setup
-C:\WINDOWS\wind7upd.exe (on reboot)
-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1827766B-9F49-4854-8034-F6EE26FCB1EC}
-HKLM\SOFTWARE\Classes\CLSID\{1827766B-9F49-4854-8034-F6EE26FCB1EC}
-C:\Program Files\Stopzilla!\Toolbar\SZSG.dll
-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Microsoft Driver Setup
-C:\WINDOWS\wind7upd.exe (on reboot)
-c:\sius.exe
-c:\Documents and Settings\Krtek\Local Settings\Temporary Internet Files\Content.IE5\DHJ7736O\shadi[1].exe
-c:\Documents and Settings\Krtek\Local Settings\Temporary Internet Files\Content.IE5\2GY3SD8I\2krn[1].bin
-c:\Documents and Settings\Krtek\Local Settings\Temp\tmp11.tmp
-c:\Documents and Settings\Krtek\Local Settings\Temp\tmp10.tmp
-c:\WINDOWS\wind7upd.exe (on reboot)
-c:\WINDOWS\system32\31.scr
-c:\WINDOWS\system32\57.scr
-C:\Program Files\ATKGFNEX\GFNEXSrv.exe
-HKLM\SYSTEM\CurrentControlSet\Services\ATKGFNEXSrv
+HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1C025826-9151-4EC4-8BE0-FB94DEA50689}, NameServer =
-C:\Program Files\Bonjour\mDNSResponder.exe
-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}
-HKLM\SOFTWARE\Classes\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}
-C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
+HKCU\SOFTWARE\Microsoft\Internet Explorer\Main, Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
+HKCU\SOFTWARE\Microsoft\Internet Explorer\Main, Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
-HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar, {32099AAC-C132-4136-9E9A-4E364A424E17}
-HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
-C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
-HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar, {98828DED-A591-462F-83BA-D2F62A68B8B8}
-HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar, SITEguard
-HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser, {32099AAC-C132-4136-9E9A-4E364A424E17}
-C:\WINDOWS\system32\twunk_16.exe
-C:\WINDOWS\system32\twunk_32.exe
-HKLM\SYSTEM\CurrentControlSet\Services\Bonjour Service
-HKLM\SYSTEM\CurrentControlSet\Services\PCLEPCI
-c:\windows\system32\drivers\pclepci.sys
-HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List, C:\Program Files\Bonjour\mDNSResponder.exe
-c:\WINDOWS\system32\CF5908.exe
The following errors occurred during the scan:
An exception occurred in the AppInit plugin:
Error when opening a registry key, access is denied. Key: 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows'.
System error message: Přístup byl odepřen. Error code: 5.
An unexpected exception occurred in the AppInitDll plugin:
Error when opening a registry key, access is denied. Key: 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows'.
System error message: Přístup byl odepřen. Error code: 5.
Problems opening folder 'c:\Program Files\COMODO\COMODO Internet Security\Quarantine' to enumerate files. FindFirstFile failed. System error message: Přístup byl odepřen. Error code: 5.
Problems opening folder 'e:\Windows\CSC\v2.0.6' to enumerate files. FindFirstFile failed. System error message: Přístup byl odepřen. Error code: 5.
Problems opening folder 'e:\Windows\System32\LogFiles\WMI\RtBackup' to enumerate files. FindFirstFile failed. System error message: Přístup byl odepřen. Error code: 5.
End of FreeFixer log
Moc dekuji
FreeFixer v0.50 log
http://www.freefixer.com/
Operating system: Windows XP Service Pack 3
Log dated 2010-02-26 12:10
Registry Startups (17 whitelisted)
HKLM\..\Run, AmIcoSinglun = C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
HKLM\..\Run, ETDWare = C:\Program Files\Elantech\ETDCtrl.exe
HKLM\..\Run, CnwiDeviceAgent = C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
HKCU\..\Run, QIP2005 = C:\Program Files\QIP\qip.exe
HKCU\..\Run, Gadwin PrintScreen = "C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe" /nosplash
HKCU\..\Run, AdobeBridge = (no file specified)
Autostart shortcuts (1 whitelisted)
Bluetooth.lnk, Zástupce pro spuštění technologie Bluetooth, C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
imagePROGRAF Status Monitor.lnk, , C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwism.exe
Processes (36 whitelisted)
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\FreeFixer\freefixer.exe
Application modules (72 whitelisted)
C:\WINDOWS\system32\btmmhook.dll
C:\Program Files\Bonjour\mdnsNSP.dll
Services (41 whitelisted)
btwdins, Bluetooth Service, c:\program files\widcomm\bluetooth software\bin\btwdins.exe
IJPLMSVC, PIXMA Extended Survey Program, c:\program files\canon\ijplm\ijplmsvc.exe
Drivers (32 whitelisted)
sptd, , C:\WINDOWS\system32\drivers\sptd.sys
Windows XP Firewall authorized apps (10 whitelisted)
C:\Program Files\Skype\Plugin Manager\skypePM.exe
Firefox Extensions
Rank Checker, C:\Documents and Settings\Krtek\Data aplikací\Mozilla\Firefox\Profiles\lx6h9zi6.default\extensions\jklir@volny.cz\install.rdf
Java Console, C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\install.rdf
Recently created/modified files (1 whitelisted)
26 minutes, c:\32788R22FWJFW\Nircmd.com
26 minutes, c:\WINDOWS\system32\cmd.execf
27 minutes, c:\32788R22FWJFW\ERDNT.e_e
27 minutes, c:\32788R22FWJFW\zip.cfexe
27 minutes, c:\32788R22FWJFW\WRP.cfexe
27 minutes, c:\32788R22FWJFW\unzip.cfexe
27 minutes, c:\32788R22FWJFW\tail.cfexe
27 minutes, c:\32788R22FWJFW\vFind.cfexe
27 minutes, c:\32788R22FWJFW\swxcacls.cfexe
27 minutes, c:\32788R22FWJFW\swsc.cfexe
27 minutes, c:\32788R22FWJFW\SF.cfexe
27 minutes, c:\32788R22FWJFW\setpath.cfexe
27 minutes, c:\32788R22FWJFW\setcsum.cfexe
27 minutes, c:\32788R22FWJFW\sed.cfexe
27 minutes, c:\32788R22FWJFW\pv.cfexe
27 minutes, c:\32788R22FWJFW\NirCmdC.cfexe
27 minutes, c:\32788R22FWJFW\NirCmd.cfexe
27 minutes, c:\32788R22FWJFW\mtee.cfexe
27 minutes, c:\32788R22FWJFW\md5deep.cfexe
27 minutes, c:\32788R22FWJFW\moveex.cfexe
27 minutes, c:\32788R22FWJFW\grep.cfexe
27 minutes, c:\32788R22FWJFW\gsar.cfexe
27 minutes, c:\32788R22FWJFW\extract.cfexe
27 minutes, c:\32788R22FWJFW\fdsv.cfexe
27 minutes, c:\32788R22FWJFW\fi.cfexe
27 minutes, c:\32788R22FWJFW\ERUNT.cfexe
27 minutes, c:\32788R22FWJFW\dumphive.cfexe
27 minutes, c:\32788R22FWJFW\dd.cfexe
27 minutes, c:\32788R22FWJFW\ComboFix-Download.cfexe
History
-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Microsoft Driver Setup
-C:\WINDOWS\wind7upd.exe (on reboot)
-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1827766B-9F49-4854-8034-F6EE26FCB1EC}
-HKLM\SOFTWARE\Classes\CLSID\{1827766B-9F49-4854-8034-F6EE26FCB1EC}
-C:\Program Files\Stopzilla!\Toolbar\SZSG.dll
-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Microsoft Driver Setup
-C:\WINDOWS\wind7upd.exe (on reboot)
-c:\sius.exe
-c:\Documents and Settings\Krtek\Local Settings\Temporary Internet Files\Content.IE5\DHJ7736O\shadi[1].exe
-c:\Documents and Settings\Krtek\Local Settings\Temporary Internet Files\Content.IE5\2GY3SD8I\2krn[1].bin
-c:\Documents and Settings\Krtek\Local Settings\Temp\tmp11.tmp
-c:\Documents and Settings\Krtek\Local Settings\Temp\tmp10.tmp
-c:\WINDOWS\wind7upd.exe (on reboot)
-c:\WINDOWS\system32\31.scr
-c:\WINDOWS\system32\57.scr
-C:\Program Files\ATKGFNEX\GFNEXSrv.exe
-HKLM\SYSTEM\CurrentControlSet\Services\ATKGFNEXSrv
+HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1C025826-9151-4EC4-8BE0-FB94DEA50689}, NameServer =
-C:\Program Files\Bonjour\mDNSResponder.exe
-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}
-HKLM\SOFTWARE\Classes\CLSID\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}
-C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
+HKCU\SOFTWARE\Microsoft\Internet Explorer\Main, Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
+HKCU\SOFTWARE\Microsoft\Internet Explorer\Main, Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
-HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar, {32099AAC-C132-4136-9E9A-4E364A424E17}
-HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
-C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
-HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar, {98828DED-A591-462F-83BA-D2F62A68B8B8}
-HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar, SITEguard
-HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser, {32099AAC-C132-4136-9E9A-4E364A424E17}
-C:\WINDOWS\system32\twunk_16.exe
-C:\WINDOWS\system32\twunk_32.exe
-HKLM\SYSTEM\CurrentControlSet\Services\Bonjour Service
-HKLM\SYSTEM\CurrentControlSet\Services\PCLEPCI
-c:\windows\system32\drivers\pclepci.sys
-HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List, C:\Program Files\Bonjour\mDNSResponder.exe
-c:\WINDOWS\system32\CF5908.exe
The following errors occurred during the scan:
An exception occurred in the AppInit plugin:
Error when opening a registry key, access is denied. Key: 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows'.
System error message: Přístup byl odepřen. Error code: 5.
An unexpected exception occurred in the AppInitDll plugin:
Error when opening a registry key, access is denied. Key: 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows'.
System error message: Přístup byl odepřen. Error code: 5.
Problems opening folder 'c:\Program Files\COMODO\COMODO Internet Security\Quarantine' to enumerate files. FindFirstFile failed. System error message: Přístup byl odepřen. Error code: 5.
Problems opening folder 'e:\Windows\CSC\v2.0.6' to enumerate files. FindFirstFile failed. System error message: Přístup byl odepřen. Error code: 5.
Problems opening folder 'e:\Windows\System32\LogFiles\WMI\RtBackup' to enumerate files. FindFirstFile failed. System error message: Přístup byl odepřen. Error code: 5.
End of FreeFixer log