Dobry den,
prosim o radu. Nejde mi spustit IExplorer (po kliknuti na ikonku se neobjevi zadne okno, nefunguje ani odkat pres Start-Programy-Internet Explorer). V nouzovem rezimu Windows se siti uz spustit lze. Pri stahovani souboru vetsich nez 1 MB se stahovani po chvili zastavi a uz nepokracuje. Firefox je nainstalovany, ale po jeho spusteni je obsah okna rozhozeny po cele obrazovce a nelze ho tedy pouzivat. Avast 5 je nainstalovany, ale nefunguje. Pise hlaseni: Zastavena sluzba programu Avast - Program byl zastaven nebo pracuje v nestalem stavu. Stiskem tlacitka "Opravit" se nic nezmeni.
Mam Windows XP SP 3, Internet Explorer 8. Prikladam log z RSIT.
Dekuji
Logfile of random's system information tool 1.06 (written by random/random)
Run by Ferda Mravenec at 2010-03-03 16:47:40
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 71 MB (1%) free of 7 GB
Total RAM: 735 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:47:57, on 3.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\TOTALCMD\TOTALCMD.EXE
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Internet Explorer\iexplore.exe
H:\RSIT.exe
D:\Program Files\trend micro\Ferda Mravenec.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:1080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - D:\Program Files\IEPro\iepro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (file missing)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - D:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - D:\Program Files\Hotspot Shield\hssie\HssIE.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - D:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [GhostStartTrayApp] D:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [FastTVSync] "D:\Program Files\Common Files\InterVideo\FastTVSync\FastTVSync.exe"
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "D:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "D:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] h:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Uniblue Registry Booster] D:\DOCUME~1\FERDAM~1\LOCALS~1\Temp\Rar$EX01.906\RegistryBooster.exe /S
O4 - HKCU\..\Run: [USB Safely Remove] H:\SE-TOOL\SETOOLSv2\Docs\usb_safely\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [TOY5KNQ8OC] D:\DOCUME~1\FERDAM~1\LOCALS~1\Temp\Khx.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - S-1-5-18 Startup: Secunia PSI.lnk = D:\Program Files\Secunia\PSI\psi.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Secunia PSI.lnk = D:\Program Files\Secunia\PSI\psi.exe (User 'Default user')
O4 - Startup: Secunia PSI.lnk = D:\Program Files\Secunia\PSI\psi.exe
O4 - Global Startup: TV883LP Remote Control.lnk = D:\Program Files\V-Stream Multimedia\TV883LP Utilities\C8XRCtl.exe
O4 - Global Startup: InterVideo Scheduler server.lnk = D:\Program Files\InterVideo\DVD5R\SchSvr.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - D:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - D:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - D:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - D:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsup ... gctlsr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6241707140
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - ALWIL Software - h:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - h:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - h:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GhostStartService - Symantec Corporation - D:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - D:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
--
End of file - 7984 bytes
======Scheduled tasks folder======
D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00011268-E188-40DF-A514-835FCD78B1BF}]
IE7Pro BHO - D:\Program Files\IEPro\iepro.dll [2008-09-24 756840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - D:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-28 41368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-28 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
Hotspot Shield Class - D:\Program Files\Hotspot Shield\hssie\HssIE.dll [2009-11-28 218160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Foxit Toolbar - D:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=NvQTwk,NvCplDaemon initialize []
"nwiz"=nwiz.exe /install []
"NVIDIA nForce APU1 Utilities"=D:\WINDOWS\SYSTEM32\NVATray.exe [2002-06-18 45056]
"AGRSMMSG"=D:\WINDOWS\AGRSMMSG.exe [2003-05-23 88363]
"GhostStartTrayApp"=D:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe [2002-08-14 94208]
"FastTVSync"=D:\Program Files\Common Files\InterVideo\FastTVSync\FastTVSync.exe [2004-02-10 245760]
"NeroCheck"=D:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SSBkgdUpdate"=D:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=D:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"QuickTime Task"=D:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"SunJavaUpdateSched"=D:\Program Files\Java\jre6\bin\jusched.exe [2009-07-28 148888]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe []
"avast5"=h:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-02-11 2756488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Uniblue Registry Booster"=D:\DOCUME~1\FERDAM~1\LOCALS~1\Temp\Rar$EX01.906\RegistryBooster.exe /S []
"USB Safely Remove"=H:\SE-TOOL\SETOOLSv2\Docs\usb_safely\USBSafelyRemove.exe [2009-03-03 743936]
"TOY5KNQ8OC"=D:\DOCUME~1\FERDAM~1\LOCALS~1\Temp\Khx.exe [2010-02-13 137728]
D:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
TV883LP Remote Control.lnk - D:\Program Files\V-Stream Multimedia\TV883LP Utilities\C8XRCtl.exe
InterVideo Scheduler server.lnk - D:\Program Files\InterVideo\DVD5R\SchSvr.exe
InterVideo WinCinema Manager.lnk - D:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Microsoft Office.lnk - D:\Program Files\Microsoft Office\Office\OSA9.EXE
D:\Documents and Settings\Ferda Mravenec\Nabídka Start\Programy\Po spuštění
Secunia PSI.lnk - D:\Program Files\Secunia\PSI\psi.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\IEPro\MiniDM.exe"="D:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"E:\utorrent\utorrent.exe"="E:\utorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\SoftCross\Prnt\Prnt.exe"="D:\Program Files\SoftCross\Prnt\Prnt.exe:*:Disabled:Prnt"
"D:\WINDOWS\System32\USMT\migwiz.exe"="D:\WINDOWS\System32\USMT\migwiz.exe:*:Enabled:Průvodce přenesením souborů a nastavení"
"D:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="D:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Program Files\Hide The IP 2010\HideTheIP.exe"="D:\Program Files\Hide The IP 2010\HideTheIP.exe:*:Enabled:Hide The IP"
"D:\Program Files\Easy-Hide-IP 2.1\EasyHideIp.exe"="D:\Program Files\Easy-Hide-IP 2.1\EasyHideIp.exe:*:Enabled:Easy-Hide-IP"
"D:\Program Files\Easy-Hide-IP 1.3\EasyHideIp.exe"="D:\Program Files\Easy-Hide-IP 1.3\EasyHideIp.exe:*:Enabled:Easy-Hide-IP"
"D:\WINDOWS\System32\ftp.exe"="D:\WINDOWS\System32\ftp.exe:*:Enabled:Program pro přenos souborů"
"E:\ruzne dokumenty\Program Files\Skype\Phone\Skype.exe"="E:\ruzne dokumenty\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\HTTP-Tunnel\HTTP-TunnelClient.exe"="D:\Program Files\HTTP-Tunnel\HTTP-TunnelClient.exe:*:Enabled:HTTP-Tunnel Client"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-03-03 16:47:40 ----D---- D:\rsit
2010-03-03 16:47:40 ----D---- D:\Program Files\trend micro
2010-03-02 23:34:53 ----D---- D:\Documents and Settings\Ferda Mravenec\Data aplikací\MSN6
2010-03-02 23:34:53 ----D---- D:\Documents and Settings\All Users\Data aplikací\MSN6
2010-03-02 21:09:02 ----SHD---- D:\FOUND.000
2010-03-02 20:36:46 ----A---- D:\WINDOWS\system32\aswBoot.exe
2010-03-02 03:32:33 ----D---- D:\Program Files\HTTP-Tunnel
2010-02-26 00:01:27 ----HD---- D:\WINDOWS\$NtUninstallKB979306$
2010-02-25 22:32:47 ----D---- D:\Documents and Settings\Ferda Mravenec\Data aplikací\Foxit Software
2010-02-25 22:30:17 ----D---- D:\Program Files\Foxit Software
2010-02-25 22:27:26 ----D---- D:\Program Files\AskBarDis
2010-02-25 22:27:01 ----D---- D:\Documents and Settings\Ferda Mravenec\Data aplikací\Foxit
2010-02-17 15:30:38 ----D---- D:\Program Files\Speccy
2010-02-17 15:28:20 ----N---- D:\WINDOWS\Setup1.exe
2010-02-17 15:28:16 ----A---- D:\WINDOWS\ST6UNST.EXE
2010-02-16 14:54:51 ----D---- D:\Documents and Settings\Ferda Mravenec\Data aplikací\AVG8
2010-02-16 10:20:12 ----A---- D:\WINDOWS\system32\mucltui.dll.mui
2010-02-16 10:20:12 ----A---- D:\WINDOWS\system32\mucltui.dll
2010-02-15 14:38:15 ----D---- D:\Program Files\Secunia
2010-02-14 05:07:20 ----HD---- D:\WINDOWS\$NtUninstallKB977165$
2010-02-14 05:03:43 ----D---- D:\Documents and Settings\Ferda Mravenec\Data aplikací\Adobe
2010-02-14 04:34:47 ----D---- D:\Program Files\Common Files\Adobe
2010-02-14 04:34:47 ----D---- D:\Documents and Settings\All Users\Data aplikací\FLEXnet
2010-02-13 22:48:28 ----A---- D:\WINDOWS\msb.exe
2010-02-13 22:43:33 ----A---- D:\WINDOWS\msa.exe
2010-02-13 22:43:00 ----A---- D:\WINDOWS\system32\sshnas21.dll
2010-02-13 14:50:06 ----D---- D:\Program Files\Penezni denik
2010-02-12 18:33:24 ----D---- D:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-02-12 15:45:31 ----D---- D:\Documents and Settings\All Users\Data aplikací\Backup
2010-02-12 13:07:09 ----D---- D:\Documents and Settings\Ferda Mravenec\Data aplikací\Skype
2010-02-12 01:51:26 ----HD---- D:\WINDOWS\$NtUninstallKB978262$
2010-02-12 01:51:06 ----HD---- D:\WINDOWS\$NtUninstallKB971468$
2010-02-12 01:50:58 ----HD---- D:\WINDOWS\$NtUninstallKB978037$
2010-02-12 01:50:50 ----HD---- D:\WINDOWS\$NtUninstallKB975713$
2010-02-12 01:50:41 ----HD---- D:\WINDOWS\$NtUninstallKB978251$
2010-02-12 01:50:33 ----HD---- D:\WINDOWS\$NtUninstallKB975560$
2010-02-12 01:50:17 ----HD---- D:\WINDOWS\$NtUninstallKB977914$
2010-02-12 01:49:57 ----HD---- D:\WINDOWS\$NtUninstallKB978706$
2010-02-10 01:12:35 ----D---- D:\WINDOWS\pss
2010-02-08 00:28:32 ----A---- D:\WINDOWS\wcx_ftp.ini
2010-02-06 11:27:25 ----D---- D:\Documents and Settings\Ferda Mravenec\Data aplikací\USBSafelyRemove
2010-02-06 07:33:57 ----D---- D:\Documents and Settings\Ferda Mravenec\Data aplikací\Hide IP NG
2010-02-06 06:30:08 ----A---- D:\WINDOWS\MyProg.ini
2010-02-06 06:30:04 ----D---- D:\Program Files\Easy-Hide-IP 1.3
2010-02-06 05:21:14 ----D---- D:\Documents and Settings\Ferda Mravenec\Data aplikací\AutoHideIP
2010-02-06 05:21:14 ----D---- D:\Documents and Settings\All Users\Data aplikací\AutoHideIP
2010-02-06 04:28:11 ----D---- D:\Program Files\Hide The IP 2.2.1
2010-02-06 04:25:40 ----A---- D:\WINDOWS\system32\BASSMOD.dll
2010-02-06 03:55:00 ----A---- D:\WINDOWS\system32\AVLibrary.dll
2010-02-06 03:54:53 ----D---- D:\Program Files\Hide The IP 2010
2010-02-06 02:03:08 ----D---- D:\Documents and Settings\Ferda Mravenec\Data aplikací\VitySoft
2010-02-06 00:35:20 ----A---- D:\WINDOWS\ultimatecd.ini
2010-02-05 06:45:14 ----D---- D:\Documents and Settings\All Users\Data aplikací\Office Genuine Advantage
======List of files/folders modified in the last 1 months======
2010-03-03 16:12:54 ----A---- D:\WINDOWS\WINCMD.INI
2010-03-03 14:31:58 ----A---- D:\WINDOWS\ntbtlog.txt
2010-03-02 20:43:58 ----A---- D:\WINDOWS\SchedLgU.Txt
2010-03-01 02:11:54 ----A---- D:\WINDOWS\imsins.BAK
2010-02-18 13:57:32 ----A---- D:\WINDOWS\win.ini
2010-02-12 15:52:28 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 GhPciScan;GhostPciScanner; \??\D:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 Iviaspi;IVI ASPI Shell; D:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-10 21060]
R3 NVENET;NVIDIA nForce MCP Networking Adapter Driver; D:\WINDOWS\System32\DRIVERS\NVENET.sys [2002-07-10 80896]
R3 Pfc;Padus ASPI Shell; D:\WINDOWS\system32\drivers\pfc.sys [2003-08-24 10240]
R3 Rasirda;WAN Miniport (IrDA); D:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 taphss;Anchorfree HSS Adapter; D:\WINDOWS\system32\DRIVERS\taphss.sys [2009-11-12 32768]
R3 tapvpn;TAP VPN Adapter; D:\WINDOWS\system32\DRIVERS\tapvpn.sys [2008-01-23 27136]
R3 usbhub;Rozbočovač umožnující USB2; D:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; D:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
S1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2010-02-11 28880]
S1 AmdK7;Ovladač procesoru AMD K7; D:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-14 41600]
S1 aswSP;aswSP; D:\WINDOWS\system32\drivers\aswSP.sys [2010-02-11 162512]
S1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2010-02-11 46672]
S2 Aspi32;Aspi32; D:\WINDOWS\system32\drivers\Aspi32.sys [2002-07-17 16512]
S2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-02-11 19024]
S2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2010-02-11 100432]
S2 CX23880;Conexant TV88X Video Capture; D:\WINDOWS\system32\drivers\cx88vid.sys [2004-03-16 186240]
S2 CX88XBAR;Conexant TV88X Crossbar; D:\WINDOWS\system32\drivers\CX88XBAR.sys [2003-12-10 9600]
S2 CXTUNE;Conexant TV88X Tuner; D:\WINDOWS\system32\drivers\CX88TUNE.sys [2003-12-10 31360]
S2 irda;Protokol IrDA; D:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
S3 AgereSoftModem;InPorte Home; D:\WINDOWS\System32\DRIVERS\AGRSM.sys [2003-05-23 1171648]
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\D:\WINDOWS\System32\DRIVERS\ASPI32.sys []
S3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2010-02-11 23376]
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 cpuz130;cpuz130; \??\D:\DOCUME~1\FERDAM~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 ENTECH;ENTECH; \??\D:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 FUTUREX;FUTUREX; \??\D:\Program Files\AIDA32 - Enterprise System Information\aida32.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; D:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 MosIrUsb;MosIrUsb.sys; D:\WINDOWS\system32\DRIVERS\MosIrUsb.sys [2004-04-14 20736]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\D:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\D:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\D:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\D:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\D:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\D:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSIRCOMM;Microsoft IR Communications Driver; D:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-14 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nv;nv; D:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2002-05-24 944330]
S3 nvax;Service for NVIDIA® nForce(TM) Audio Enumerator; D:\WINDOWS\system32\drivers\nvax.sys [2002-06-18 13184]
S3 nvnforce;Service for NVIDIA® nForce(TM) Audio; D:\WINDOWS\system32\drivers\nvapu.sys [2002-06-18 205056]
S3 PSI;PSI; D:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; D:\WINDOWS\System32\Drivers\RootMdm.sys [2002-09-23 5888]
S3 RTCore32;RTCore32; \??\D:\Program Files\RMClock\RTCore32.sys []
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; D:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tap0901;TAP-Win32 Adapter V9; D:\WINDOWS\system32\DRIVERS\tap0901.sys [2009-07-22 28592]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; D:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-23 12032]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 Apple Mobile Device;Apple Mobile Device; D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
S2 avast! Antivirus;avast! Antivirus; h:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
S2 Bonjour Service;Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S2 GhostStartService;GhostStartService; D:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE [2002-08-14 200704]
S2 HotspotShieldService;Hotspot Shield Service; D:\Program Files\Hotspot Shield\bin\openvpnas.exe [2010-01-09 234032]
S2 HssSrv;Hotspot Shield Routing Service; D:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe [2010-01-09 331824]
S2 Irmon;Sledování infračerveného přenosu; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2009-07-28 152984]
S2 NVSvc;NVIDIA Driver Helper Service; D:\WINDOWS\System32\nvsvc32.exe [2002-05-24 61440]
S2 SSHNAS;SSHNAS; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 UleadBurningHelper;Ulead Burning Helper; D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 avast! Mail Scanner;avast! Mail Scanner; h:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
S3 avast! Web Scanner;avast! Web Scanner; h:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-02-11 40384]
S3 HssTrayService;Hotspot Shield Tray Service; D:\Program Files\Hotspot Shield\bin\HssTrayService.EXE [2010-01-09 57640]
S3 iPod Service;iPod Service; D:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
S3 LiveUpdate;LiveUpdate; D:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2009-02-19 3220856]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; D:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2009-02-19 238968]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nefunguje IExplorer, nejde stahovat vetsi soubory
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Nefunguje IExplorer, nejde stahovat vetsi soubory
Můžeme smazat Foxit Toolbar 
Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrází stránka s licenčnímy podmínkami, pokračujte stisknutím tlačítka "Ano" Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna 
Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte. Během skenování může být počítač restartován.
Re: Nefunguje IExplorer, nejde stahovat vetsi soubory
Foxit Toolbar jsem odinstaloval.
Combofix jsem spustil, ale 2x zamrzl (neobjevilo se okno s lic. ujednanim, pri druhem pokusu se neobjevilo okno s modrym pozadim).
Pri spusteni v nouzovem rezimu Win Combofix fungoval. V normal. rezimu Win pak zacal fungovat IExplorer.
ComboFix 10-03-03.02 - Ferda Mravenec 03.03.2010 18:16:27.1.1 - FAT32x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.735.484 [GMT 1:00]
Spuštěný z: d:\documents and settings\Ferda Mravenec\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\program files\Windows Media Player\pidgen.dll
d:\windows\EventSystem.log
d:\windows\msa.exe
d:\windows\msb.exe
d:\windows\system32\sshnas21.dll
d:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
-------\Service_SSHNAS
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-03 do 2010-03-03 )))))))))))))))))))))))))))))))
.
2010-03-03 17:01 . 2010-03-03 17:01 -------- d-----w- D:\FOUND.001
2010-03-03 15:47 . 2010-03-03 15:47 -------- d-----w- d:\program files\trend micro
2010-03-03 14:13 . 2010-03-03 14:13 664 ----a-w- d:\windows\system32\d3d9caps.dat
2010-03-02 20:09 . 2010-03-02 20:09 -------- d-----w- D:\FOUND.000
2010-03-02 19:37 . 2010-02-11 18:38 19024 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys
2010-03-02 19:37 . 2010-02-11 18:42 162512 ----a-w- d:\windows\system32\drivers\aswSP.sys
2010-03-02 19:37 . 2010-02-11 18:39 23376 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2010-03-02 19:37 . 2010-02-11 18:42 46672 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2010-03-02 19:37 . 2010-02-11 18:38 100432 ----a-w- d:\windows\system32\drivers\aswmon2.sys
2010-03-02 19:37 . 2010-02-11 18:38 94800 ----a-w- d:\windows\system32\drivers\aswmon.sys
2010-03-02 19:37 . 2010-02-11 18:38 28880 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2010-03-02 19:36 . 2010-02-11 18:53 38848 ----a-w- d:\windows\system32\avastSS.scr
2010-03-02 19:36 . 2010-02-11 18:53 153184 ----a-w- d:\windows\system32\aswBoot.exe
2010-03-02 02:32 . 2010-03-02 02:32 -------- d-----w- d:\program files\HTTP-Tunnel
2010-02-25 21:30 . 2010-02-25 21:30 -------- d-----w- d:\program files\Foxit Software
2010-02-19 15:33 . 2010-02-19 15:33 -------- d-----w- d:\documents and settings\LocalService.NT AUTHORITY\Data aplikací
2010-02-19 15:33 . 2010-02-19 15:33 -------- d-sh--w- d:\documents and settings\LocalService.NT AUTHORITY
2010-02-17 14:30 . 2010-02-17 14:30 -------- d-----w- d:\program files\Speccy
2010-02-17 14:28 . 2010-02-17 14:28 249856 ------w- d:\windows\Setup1.exe
2010-02-17 14:28 . 2010-02-17 14:28 73216 ----a-w- d:\windows\ST6UNST.EXE
2010-02-16 09:20 . 2009-08-06 18:23 274288 ----a-w- d:\windows\system32\mucltui.dll
2010-02-15 13:38 . 2010-02-15 13:38 -------- d-----w- d:\program files\Secunia
2010-02-14 03:34 . 2010-02-14 03:34 -------- d-----w- d:\program files\Common Files\Adobe
2010-02-13 13:50 . 2010-02-13 13:50 -------- d-----w- d:\program files\Penezni denik
2010-02-06 05:30 . 2010-02-06 05:30 -------- d-----w- d:\program files\Easy-Hide-IP 1.3
2010-02-06 03:28 . 2010-02-06 03:28 -------- d-----w- d:\program files\Hide The IP 2.2.1
2010-02-06 02:55 . 2009-11-28 16:58 202048 ----a-w- d:\windows\system32\AVLibrary.dll
2010-02-06 02:54 . 2010-02-06 02:54 -------- d-----w- d:\program files\Hide The IP 2010
2010-02-06 00:06 . 2010-02-06 00:06 -------- d-----w- d:\documents and settings\Ferda Mravenec\.amokexifsorter
2010-02-05 23:56 . 2010-02-05 23:56 -------- d-----w- d:\documents and settings\Ferda Mravenec\.amokpop2rss
2010-02-02 01:33 . 2010-02-02 01:33 -------- d-----w- d:\program files\Fighters
2010-02-02 01:24 . 2010-02-02 01:24 -------- d-----w- d:\program files\CleanCenter
2010-02-02 01:15 . 2010-02-02 01:15 -------- d-----w- d:\program files\SBMAV Disk Cleaner Lite
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-22 22:10 . 2010-02-22 22:07 175328 ----a-w- d:\windows\PCHealth\HelpCtr\Config\Cache\Personal_32_1029.dat
2010-02-12 14:52 . 2002-09-23 11:00 61958 ----a-w- d:\windows\system32\perfc005.dat
2010-02-12 14:52 . 2002-09-23 11:00 379294 ----a-w- d:\windows\system32\perfh005.dat
2010-01-19 20:42 . 2010-01-19 20:42 -------- d-----w- d:\program files\AMD
2010-01-19 20:17 . 2010-01-19 20:17 -------- d-----w- d:\program files\RMClock
2010-01-17 21:19 . 2010-01-17 21:19 -------- d-----w- d:\program files\Common Files\Futuremark Shared
2010-01-10 18:55 . 2010-01-10 18:55 -------- d-----w- d:\program files\Oxygen Software
2009-12-31 16:50 . 2002-09-23 11:00 353792 ----a-w- d:\windows\system32\drivers\srv.sys
2009-12-17 07:42 . 2004-06-26 14:53 343552 ----a-w- d:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2002-09-23 11:00 33280 ----a-w- d:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2002-09-23 11:00 2191360 ----a-w- d:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2002-09-20 16:12 2068224 ----a-w- d:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2002-09-23 11:00 455424 ----a-w- d:\windows\system32\drivers\mrxsmb.sys
2009-11-16 20:05 . 2009-11-16 20:05 10534 ----a-w- d:\program files\Common Files\lmouse.sys
2009-11-16 18:21 . 2009-11-16 18:21 10534 ----a-w- d:\program files\Common Files\acpiec.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2009-11-28 20:10 218160 ----a-w- d:\program files\Hotspot Shield\hssie\HssIE.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB Safely Remove"="h:\se-tool\SETOOLSv2\Docs\usb_safely\USBSafelyRemove.exe" [2009-03-03 743936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="NvQTwk" [X]
"nwiz"="nwiz.exe" [2002-05-24 372736]
"NVIDIA nForce APU1 Utilities"="NVATray.exe" [2002-06-18 45056]
"AGRSMMSG"="AGRSMMSG.exe" [2003-05-23 88363]
"GhostStartTrayApp"="d:\program files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe" [2002-08-14 94208]
"FastTVSync"="d:\program files\Common Files\InterVideo\FastTVSync\FastTVSync.exe" [2004-02-09 245760]
"NeroCheck"="d:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SSBkgdUpdate"="d:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="d:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-07-28 148888]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\ctfmon.exe" [2008-04-14 15360]
d:\documents and settings\Ferda Mravenec\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI.lnk - d:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]
d:\documents and settings\Ferda Mravenec\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI.lnk - d:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]
d:\documents and settings\Ferda Mravenec\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI.lnk - d:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
TV883LP Remote Control.lnk - d:\program files\V-Stream Multimedia\TV883LP Utilities\C8XRCtl.exe [2004-6-26 57344]
InterVideo Scheduler server.lnk - d:\program files\InterVideo\DVD5R\SchSvr.exe [2004-6-26 143360]
InterVideo WinCinema Manager.lnk - d:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-6-26 184320]
Microsoft Office.lnk - d:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
d:\documents and settings\Ferda Mravenec\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI.lnk - d:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\IEPro\\MiniDM.exe"=
"d:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\Program Files\\iTunes\\iTunes.exe"=
"e:\\utorrent\\utorrent.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\System32\\USMT\\migwiz.exe"=
"d:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"d:\\Program Files\\Easy-Hide-IP 1.3\\EasyHideIp.exe"=
"d:\\WINDOWS\\System32\\ftp.exe"=
"e:\\ruzne dokumenty\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\HTTP-Tunnel\\HTTP-TunnelClient.exe"=
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [2.3.2010 20:37 162512]
R1 GhPciScan;GhostPciScanner;d:\program files\Symantec\Norton Ghost 2003\GhPciScan.sys [14.8.2002 15:11 5632]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [2.3.2010 20:37 19024]
R2 CX88XBAR;Conexant TV88X Crossbar;d:\windows\system32\drivers\cx88xbar.sys [12.5.2004 23:48 9600]
R3 PSI;PSI;d:\windows\system32\drivers\psi_mf.sys [17.6.2009 13:20 12648]
S3 ASPI;Advanced SCSI Programming Interface Driver;d:\windows\system32\drivers\ASPI32.SYS [26.6.2004 17:15 16512]
S3 cpuz130;cpuz130;\??\d:\docume~1\FERDAM~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> d:\docume~1\FERDAM~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 FUTUREX;FUTUREX;\??\d:\program files\AIDA32 - Enterprise System Information\aida32.sys --> d:\program files\AIDA32 - Enterprise System Information\aida32.sys [?]
S3 MosIrUsb;MosIrUsb.sys;d:\windows\system32\drivers\MosIrUsb.sys [14.4.2004 14:52 20736]
S3 RTCore32;RTCore32;d:\program files\RMClock\RTCore32.sys [19.1.2010 21:25 4608]
.
Obsah adresáře 'Naplánované úlohy'
2010-02-24 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uInternet Settings,ProxyServer = 127.0.0.1:1080
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
DPF: DirectAnimation Java Classes - file://d:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://d:\windows\Java\classes\xmldso.cab
FF - ProfilePath - d:\documents and settings\Ferda Mravenec\Data aplikací\Mozilla\Firefox\Profiles\2vnrg6u7.default\
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-Adobe ARM - d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
AddRemove-AIDA32_is1 - d:\program files\AIDA32 - Enterprise System Information\unins000.exe
AddRemove-MotiveReportAgent - d:\program files\TO2SAM\McciBrowser.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-03 18:24
Windows 5.1.2600 Service Pack 3 FAT NTAPI
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(3656)
d:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
h:\program files\Alwil Software\Avast5\AvastSvc.exe
d:\windows\AGRSMMSG.exe
d:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
d:\program files\Bonjour\mDNSResponder.exe
d:\progra~1\Symantec\NORTON~1\GHOSTS~2.EXE
d:\program files\Hotspot Shield\bin\openvpnas.exe
d:\program files\Hotspot Shield\HssWPR\hsssrv.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\windows\System32\nvsvc32.exe
d:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
d:\program files\iPod\bin\iPodService.exe
d:\program files\Hotspot Shield\bin\openvpntray.exe
d:\program files\TOTALCMD\TOTALCMD.EXE
.
**************************************************************************
.
Celkový čas: 2010-03-03 18:29:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-03 17:29
Před spuštěním: 21 778 432
Po spuštění: 39 010 304
- - End Of File - - 5466AF91F84C562B828585D82E2F8191
Combofix jsem spustil, ale 2x zamrzl (neobjevilo se okno s lic. ujednanim, pri druhem pokusu se neobjevilo okno s modrym pozadim).
Pri spusteni v nouzovem rezimu Win Combofix fungoval. V normal. rezimu Win pak zacal fungovat IExplorer.
ComboFix 10-03-03.02 - Ferda Mravenec 03.03.2010 18:16:27.1.1 - FAT32x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.735.484 [GMT 1:00]
Spuštěný z: d:\documents and settings\Ferda Mravenec\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
d:\program files\Windows Media Player\pidgen.dll
d:\windows\EventSystem.log
d:\windows\msa.exe
d:\windows\msb.exe
d:\windows\system32\sshnas21.dll
d:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
-------\Service_SSHNAS
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-03 do 2010-03-03 )))))))))))))))))))))))))))))))
.
2010-03-03 17:01 . 2010-03-03 17:01 -------- d-----w- D:\FOUND.001
2010-03-03 15:47 . 2010-03-03 15:47 -------- d-----w- d:\program files\trend micro
2010-03-03 14:13 . 2010-03-03 14:13 664 ----a-w- d:\windows\system32\d3d9caps.dat
2010-03-02 20:09 . 2010-03-02 20:09 -------- d-----w- D:\FOUND.000
2010-03-02 19:37 . 2010-02-11 18:38 19024 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys
2010-03-02 19:37 . 2010-02-11 18:42 162512 ----a-w- d:\windows\system32\drivers\aswSP.sys
2010-03-02 19:37 . 2010-02-11 18:39 23376 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2010-03-02 19:37 . 2010-02-11 18:42 46672 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2010-03-02 19:37 . 2010-02-11 18:38 100432 ----a-w- d:\windows\system32\drivers\aswmon2.sys
2010-03-02 19:37 . 2010-02-11 18:38 94800 ----a-w- d:\windows\system32\drivers\aswmon.sys
2010-03-02 19:37 . 2010-02-11 18:38 28880 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2010-03-02 19:36 . 2010-02-11 18:53 38848 ----a-w- d:\windows\system32\avastSS.scr
2010-03-02 19:36 . 2010-02-11 18:53 153184 ----a-w- d:\windows\system32\aswBoot.exe
2010-03-02 02:32 . 2010-03-02 02:32 -------- d-----w- d:\program files\HTTP-Tunnel
2010-02-25 21:30 . 2010-02-25 21:30 -------- d-----w- d:\program files\Foxit Software
2010-02-19 15:33 . 2010-02-19 15:33 -------- d-----w- d:\documents and settings\LocalService.NT AUTHORITY\Data aplikací
2010-02-19 15:33 . 2010-02-19 15:33 -------- d-sh--w- d:\documents and settings\LocalService.NT AUTHORITY
2010-02-17 14:30 . 2010-02-17 14:30 -------- d-----w- d:\program files\Speccy
2010-02-17 14:28 . 2010-02-17 14:28 249856 ------w- d:\windows\Setup1.exe
2010-02-17 14:28 . 2010-02-17 14:28 73216 ----a-w- d:\windows\ST6UNST.EXE
2010-02-16 09:20 . 2009-08-06 18:23 274288 ----a-w- d:\windows\system32\mucltui.dll
2010-02-15 13:38 . 2010-02-15 13:38 -------- d-----w- d:\program files\Secunia
2010-02-14 03:34 . 2010-02-14 03:34 -------- d-----w- d:\program files\Common Files\Adobe
2010-02-13 13:50 . 2010-02-13 13:50 -------- d-----w- d:\program files\Penezni denik
2010-02-06 05:30 . 2010-02-06 05:30 -------- d-----w- d:\program files\Easy-Hide-IP 1.3
2010-02-06 03:28 . 2010-02-06 03:28 -------- d-----w- d:\program files\Hide The IP 2.2.1
2010-02-06 02:55 . 2009-11-28 16:58 202048 ----a-w- d:\windows\system32\AVLibrary.dll
2010-02-06 02:54 . 2010-02-06 02:54 -------- d-----w- d:\program files\Hide The IP 2010
2010-02-06 00:06 . 2010-02-06 00:06 -------- d-----w- d:\documents and settings\Ferda Mravenec\.amokexifsorter
2010-02-05 23:56 . 2010-02-05 23:56 -------- d-----w- d:\documents and settings\Ferda Mravenec\.amokpop2rss
2010-02-02 01:33 . 2010-02-02 01:33 -------- d-----w- d:\program files\Fighters
2010-02-02 01:24 . 2010-02-02 01:24 -------- d-----w- d:\program files\CleanCenter
2010-02-02 01:15 . 2010-02-02 01:15 -------- d-----w- d:\program files\SBMAV Disk Cleaner Lite
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-22 22:10 . 2010-02-22 22:07 175328 ----a-w- d:\windows\PCHealth\HelpCtr\Config\Cache\Personal_32_1029.dat
2010-02-12 14:52 . 2002-09-23 11:00 61958 ----a-w- d:\windows\system32\perfc005.dat
2010-02-12 14:52 . 2002-09-23 11:00 379294 ----a-w- d:\windows\system32\perfh005.dat
2010-01-19 20:42 . 2010-01-19 20:42 -------- d-----w- d:\program files\AMD
2010-01-19 20:17 . 2010-01-19 20:17 -------- d-----w- d:\program files\RMClock
2010-01-17 21:19 . 2010-01-17 21:19 -------- d-----w- d:\program files\Common Files\Futuremark Shared
2010-01-10 18:55 . 2010-01-10 18:55 -------- d-----w- d:\program files\Oxygen Software
2009-12-31 16:50 . 2002-09-23 11:00 353792 ----a-w- d:\windows\system32\drivers\srv.sys
2009-12-17 07:42 . 2004-06-26 14:53 343552 ----a-w- d:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2002-09-23 11:00 33280 ----a-w- d:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2002-09-23 11:00 2191360 ----a-w- d:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2002-09-20 16:12 2068224 ----a-w- d:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2002-09-23 11:00 455424 ----a-w- d:\windows\system32\drivers\mrxsmb.sys
2009-11-16 20:05 . 2009-11-16 20:05 10534 ----a-w- d:\program files\Common Files\lmouse.sys
2009-11-16 18:21 . 2009-11-16 18:21 10534 ----a-w- d:\program files\Common Files\acpiec.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}]
2009-11-28 20:10 218160 ----a-w- d:\program files\Hotspot Shield\hssie\HssIE.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB Safely Remove"="h:\se-tool\SETOOLSv2\Docs\usb_safely\USBSafelyRemove.exe" [2009-03-03 743936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="NvQTwk" [X]
"nwiz"="nwiz.exe" [2002-05-24 372736]
"NVIDIA nForce APU1 Utilities"="NVATray.exe" [2002-06-18 45056]
"AGRSMMSG"="AGRSMMSG.exe" [2003-05-23 88363]
"GhostStartTrayApp"="d:\program files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe" [2002-08-14 94208]
"FastTVSync"="d:\program files\Common Files\InterVideo\FastTVSync\FastTVSync.exe" [2004-02-09 245760]
"NeroCheck"="d:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SSBkgdUpdate"="d:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="d:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"SunJavaUpdateSched"="d:\program files\Java\jre6\bin\jusched.exe" [2009-07-28 148888]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\ctfmon.exe" [2008-04-14 15360]
d:\documents and settings\Ferda Mravenec\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI.lnk - d:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]
d:\documents and settings\Ferda Mravenec\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI.lnk - d:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]
d:\documents and settings\Ferda Mravenec\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI.lnk - d:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]
d:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
TV883LP Remote Control.lnk - d:\program files\V-Stream Multimedia\TV883LP Utilities\C8XRCtl.exe [2004-6-26 57344]
InterVideo Scheduler server.lnk - d:\program files\InterVideo\DVD5R\SchSvr.exe [2004-6-26 143360]
InterVideo WinCinema Manager.lnk - d:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2004-6-26 184320]
Microsoft Office.lnk - d:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
d:\documents and settings\Ferda Mravenec\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI.lnk - d:\program files\Secunia\PSI\psi.exe [2009-8-21 900816]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\IEPro\\MiniDM.exe"=
"d:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\Program Files\\iTunes\\iTunes.exe"=
"e:\\utorrent\\utorrent.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\WINDOWS\\System32\\USMT\\migwiz.exe"=
"d:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"d:\\Program Files\\Easy-Hide-IP 1.3\\EasyHideIp.exe"=
"d:\\WINDOWS\\System32\\ftp.exe"=
"e:\\ruzne dokumenty\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\HTTP-Tunnel\\HTTP-TunnelClient.exe"=
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [2.3.2010 20:37 162512]
R1 GhPciScan;GhostPciScanner;d:\program files\Symantec\Norton Ghost 2003\GhPciScan.sys [14.8.2002 15:11 5632]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [2.3.2010 20:37 19024]
R2 CX88XBAR;Conexant TV88X Crossbar;d:\windows\system32\drivers\cx88xbar.sys [12.5.2004 23:48 9600]
R3 PSI;PSI;d:\windows\system32\drivers\psi_mf.sys [17.6.2009 13:20 12648]
S3 ASPI;Advanced SCSI Programming Interface Driver;d:\windows\system32\drivers\ASPI32.SYS [26.6.2004 17:15 16512]
S3 cpuz130;cpuz130;\??\d:\docume~1\FERDAM~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> d:\docume~1\FERDAM~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 FUTUREX;FUTUREX;\??\d:\program files\AIDA32 - Enterprise System Information\aida32.sys --> d:\program files\AIDA32 - Enterprise System Information\aida32.sys [?]
S3 MosIrUsb;MosIrUsb.sys;d:\windows\system32\drivers\MosIrUsb.sys [14.4.2004 14:52 20736]
S3 RTCore32;RTCore32;d:\program files\RMClock\RTCore32.sys [19.1.2010 21:25 4608]
.
Obsah adresáře 'Naplánované úlohy'
2010-02-24 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uInternet Settings,ProxyServer = 127.0.0.1:1080
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
DPF: DirectAnimation Java Classes - file://d:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://d:\windows\Java\classes\xmldso.cab
FF - ProfilePath - d:\documents and settings\Ferda Mravenec\Data aplikací\Mozilla\Firefox\Profiles\2vnrg6u7.default\
FF - plugin: d:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-Run-Adobe ARM - d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
AddRemove-AIDA32_is1 - d:\program files\AIDA32 - Enterprise System Information\unins000.exe
AddRemove-MotiveReportAgent - d:\program files\TO2SAM\McciBrowser.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-03 18:24
Windows 5.1.2600 Service Pack 3 FAT NTAPI
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(3656)
d:\program files\ScanSoft\OmniPageSE4\OpHookSE4.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
h:\program files\Alwil Software\Avast5\AvastSvc.exe
d:\windows\AGRSMMSG.exe
d:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
d:\program files\Bonjour\mDNSResponder.exe
d:\progra~1\Symantec\NORTON~1\GHOSTS~2.EXE
d:\program files\Hotspot Shield\bin\openvpnas.exe
d:\program files\Hotspot Shield\HssWPR\hsssrv.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\windows\System32\nvsvc32.exe
d:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
d:\program files\iPod\bin\iPodService.exe
d:\program files\Hotspot Shield\bin\openvpntray.exe
d:\program files\TOTALCMD\TOTALCMD.EXE
.
**************************************************************************
.
Celkový čas: 2010-03-03 18:29:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-03 17:29
Před spuštěním: 21 778 432
Po spuštění: 39 010 304
- - End Of File - - 5466AF91F84C562B828585D82E2F8191
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Nefunguje IExplorer, nejde stahovat vetsi soubory
Zacal fungovat IEplorer. Funguje uz i Avast.
Problemy zustaly s Firefoxem a s nemoznosti stahovat v IE vetsi soubory.
Byl tam nejaky vir?
Problemy zustaly s Firefoxem a s nemoznosti stahovat v IE vetsi soubory.
Byl tam nejaky vir?
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Nefunguje IExplorer, nejde stahovat vetsi soubory
Asi tam něco bylo. 
Odinstalujte všechny emulátory virtuálních mechanik.
Stáhněte SPTD http://www.duplexsecure.com/en/downloads
Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe
Start > Spustit (Win + R)
Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
Odinstalujte všechny emulátory virtuálních mechanik. Stáhněte SPTD http://www.duplexsecure.com/en/downloads
- Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
- zvolte možnost Uninstall a restartujte PC.
Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe Start > Spustit (Win + R)- Vyskočí okénko, zkopírujte do něj:
Kód: Vybrat vše
"%userprofile%\plocha\mbr" -t- Klikněte na OK
- Vytvoří se log s názvem mbr.log, vložte ho sem.
Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878Re: Nefunguje IExplorer, nejde stahovat vetsi soubory
SPTD 1.62 v odkazu http://www.duplexsecure.com/en/downloads slo stahnout jen z casti - asi chyba na jejich serveru. Pouzil jsem proto jiny odkaz http://disc-tools.com/download/sptd . Program vypsal: No SPTD version was detected, tlacitko Uninstall neslo stisknout.
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
kernel: MBR read successfully
user & kernel MBR OK
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-03-03 19:10:32
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: D:\DOCUME~1\FERDAM~1\LOCALS~1\Temp\kwddipoc.sys
---- System - GMER 1.0.15 ----
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0xF2C464FE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0xF2C46322]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0xF2C4645C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/ALWIL Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-03-03 19:20:40
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: D:\DOCUME~1\FERDAM~1\LOCALS~1\Temp\kwddipoc.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xF2C39C5A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xF2C39B16]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteKey [0xF2C3A0CA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xF2C39FF4]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xF2C396EC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xF2C39BF0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xF2C3962C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xF2C39690]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xF2C39D10]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRenameKey [0xF2C3A198]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xF2C39CD0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xF2C39E50]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0xF2C464FE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0xF2C46322]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0xF2C4645C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
init D:\WINDOWS\system32\drivers\nvax.sys entry point in "init" section [0xF7C20412]
? D:\DOCUME~1\FERDAM~1\LOCALS~1\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !
---- User code sections - GMER 1.0.15 ----
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 414E541D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 415B9865 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!CallNextHookEx 7E37B3C6 5 Bytes JMP 415ACEE9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 415BD6EC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 41524602 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 416B441F D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 416B4351 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 416B43BC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 416B4222 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 416B4284 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 416B4482 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 416B42E6 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] ole32.dll!CoCreateInstance 774F057E 5 Bytes JMP 415BD748 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] ole32.dll!OleLoadFromStream 77519C85 5 Bytes JMP 416B47A0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 414E541D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 415BD6EC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 416B441F D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 416B4351 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 416B43BC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 416B4222 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 416B4284 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 416B4482 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 416B42E6 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 414E541D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 415B9865 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!CallNextHookEx 7E37B3C6 5 Bytes JMP 415ACEE9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 415BD6EC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 41524602 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 416B441F D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 416B4351 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 416B43BC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 416B4222 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 416B4284 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 416B4482 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 416B42E6 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] ole32.dll!CoCreateInstance 774F057E 5 Bytes JMP 415BD748 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] ole32.dll!OleLoadFromStream 77519C85 5 Bytes JMP 416B47A0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
---- User IAT/EAT - GMER 1.0.15 ----
IAT D:\WINDOWS\system32\services.exe[1036] @ D:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002
IAT D:\WINDOWS\system32\services.exe[1036] @ D:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000
IAT D:\Program Files\internet explorer\iexplore.exe[3080] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] D:\Program Files\internet explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT D:\Program Files\internet explorer\iexplore.exe[3916] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] D:\Program Files\internet explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fastfat \FatCdrom aswSP.SYS (avast! self protection module/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/ALWIL Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
---- EOF - GMER 1.0.15 ----
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
kernel: MBR read successfully
user & kernel MBR OK
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-03-03 19:10:32
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: D:\DOCUME~1\FERDAM~1\LOCALS~1\Temp\kwddipoc.sys
---- System - GMER 1.0.15 ----
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0xF2C464FE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0xF2C46322]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0xF2C4645C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/ALWIL Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-03-03 19:20:40
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: D:\DOCUME~1\FERDAM~1\LOCALS~1\Temp\kwddipoc.sys
---- System - GMER 1.0.15 ----
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xF2C39C5A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xF2C39B16]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteKey [0xF2C3A0CA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xF2C39FF4]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xF2C396EC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xF2C39BF0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xF2C3962C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xF2C39690]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xF2C39D10]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRenameKey [0xF2C3A198]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xF2C39CD0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xF2C39E50]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0xF2C464FE]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0xF2C46322]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0xF2C4645C]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject
---- Kernel code sections - GMER 1.0.15 ----
init D:\WINDOWS\system32\drivers\nvax.sys entry point in "init" section [0xF7C20412]
? D:\DOCUME~1\FERDAM~1\LOCALS~1\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !
---- User code sections - GMER 1.0.15 ----
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 414E541D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 415B9865 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!CallNextHookEx 7E37B3C6 5 Bytes JMP 415ACEE9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 415BD6EC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 41524602 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 416B441F D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 416B4351 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 416B43BC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 416B4222 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 416B4284 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 416B4482 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 416B42E6 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] ole32.dll!CoCreateInstance 774F057E 5 Bytes JMP 415BD748 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3080] ole32.dll!OleLoadFromStream 77519C85 5 Bytes JMP 416B47A0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 414E541D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 415BD6EC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 416B441F D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 416B4351 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 416B43BC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 416B4222 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 416B4284 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 416B4482 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3192] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 416B42E6 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!DialogBoxParamW 7E3747AB 5 Bytes JMP 414E541D D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!SetWindowsHookExW 7E37820F 5 Bytes JMP 415B9865 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!CallNextHookEx 7E37B3C6 5 Bytes JMP 415ACEE9 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!CreateWindowExW 7E37D0A3 5 Bytes JMP 415BD6EC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!UnhookWindowsHookEx 7E37D5F3 5 Bytes JMP 41524602 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!DialogBoxIndirectParamW 7E382072 5 Bytes JMP 416B441F D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!MessageBoxIndirectA 7E38A082 5 Bytes JMP 416B4351 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!DialogBoxParamA 7E38B144 5 Bytes JMP 416B43BC D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!MessageBoxExW 7E3A0838 5 Bytes JMP 416B4222 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!MessageBoxExA 7E3A085C 5 Bytes JMP 416B4284 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!DialogBoxIndirectParamA 7E3A6D7D 5 Bytes JMP 416B4482 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] USER32.dll!MessageBoxIndirectW 7E3B64D5 5 Bytes JMP 416B42E6 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] ole32.dll!CoCreateInstance 774F057E 5 Bytes JMP 415BD748 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text D:\Program Files\internet explorer\iexplore.exe[3916] ole32.dll!OleLoadFromStream 77519C85 5 Bytes JMP 416B47A0 D:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
---- User IAT/EAT - GMER 1.0.15 ----
IAT D:\WINDOWS\system32\services.exe[1036] @ D:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003D0002
IAT D:\WINDOWS\system32\services.exe[1036] @ D:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003D0000
IAT D:\Program Files\internet explorer\iexplore.exe[3080] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] D:\Program Files\internet explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
IAT D:\Program Files\internet explorer\iexplore.exe[3916] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [451F1ACB] D:\Program Files\internet explorer\xpshims.dll (Internet Explorer Compatibility Shims for XP/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)
AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
Device \FileSystem\Fastfat \FatCdrom aswSP.SYS (avast! self protection module/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
Device \FileSystem\Fastfat \Fat aswSP.SYS (avast! self protection module/ALWIL Software)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
---- EOF - GMER 1.0.15 ----
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Nefunguje IExplorer, nejde stahovat vetsi soubory
Stahněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229- Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
- Nic nemažte MBAM má občas falešné detekce a mohl by smazat např. systémové soubory.
- Log vložte sem.
Re: Nefunguje IExplorer, nejde stahovat vetsi soubory
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3822
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
3.3.2010 20:27:43
mbam-log-2010-03-03 (20-27-43).txt
Typ kontroly: Kompletní kontrola (D:\|)
Zkontrolované objekty: 154272
Uplynulý čas: 44 minute(s), 35 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
Verze databáze: 3822
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
3.3.2010 20:27:43
mbam-log-2010-03-03 (20-27-43).txt
Typ kontroly: Kompletní kontrola (D:\|)
Zkontrolované objekty: 154272
Uplynulý čas: 44 minute(s), 35 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Nefunguje IExplorer, nejde stahovat vetsi soubory
Pokračujte podle návodu AVPTool http://www.viry.cz/forum/viewtopic.php?f=29&t=58179Re: Nefunguje IExplorer, nejde stahovat vetsi soubory
Bohuzel AVPTool se mi nepodarilo stahnout (po stahnuti nekolika MB se stahovani samo zastavi). Neslo to ani v nouzovem rezimu.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Nefunguje IExplorer, nejde stahovat vetsi soubory
Zkuste ho stáhnout v jiném prohlížeči nebo na jiném PC. Ostatní PC v síti fungují
Re: Nefunguje IExplorer, nejde stahovat vetsi soubory
Podarilo se mi stahnout a nainstalovat prohlizec World browser. Ten dokazal AVPTool stahnout (pri tom mel 18 x retry). Nyni jsem spustil scan v AVPTool.
Jiny pocitac nemam k dispozici a v siti nejsem.
Jiny pocitac nemam k dispozici a v siti nejsem.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Přispějete na provoz fóra?