Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
mrzne PC
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
- Vzorný návštěvník
- Příspěvky: 68
- Registrován: 22 led 2007 14:27
- Bydliště: Banská Bystrica
- Kontaktovat uživatele:
mrzne PC
Zdravím ! Pozrie sa mi niekto na log ? Po spusteni video suborov vo Winampe mi to cele zmrzne,winamp sa neda vypnut a zostane biela plocha.Trva to par minut kym sa to dostane do normalu,ale potom je vsetko spomalene.Za prip. radu dakujem.
Logfile of random's system information tool 1.08 (written by random/random)
Run by Janči at 2010-12-25 15:22:15
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 131 GB (66%) free of 198 GB
Total RAM: 1021 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:23:16, on 25. 12. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Janči\Desktop\SUPERAntiSpyware.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Huawei technologies\Mobile Connect\Mobile Connect.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Janči\Desktop\RSIT.exe
C:\Program Files\trend micro\Janči.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Sonne Video Converter\codec\quicktime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Users\Janči\Desktop\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{6DF2AB3B-4E16-4B56-BDC2-E666DC2BF2B9}: NameServer = 213.151.200.30 213.151.208.161
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 6706 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-04-02 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-01-27 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-01-27 798771]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"QuickTime Task"=C:\Program Files\Sonne Video Converter\codec\quicktime\QTTask.exe [2007-10-19 286720]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2009-07-22 83336]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-01-30 13605408]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-01-30 92704]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2010-04-02 40368]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"SUPERAntiSpyware"=C:\Users\Janči\Desktop\SUPERAntiSpyware.exe [2009-12-16 2002160]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-12-25 15:22:16 ----D---- C:\Program Files\trend micro
2010-12-25 15:22:15 ----D---- C:\rsit
2010-12-25 13:22:35 ----D---- C:\Users\Janči\AppData\Roaming\SUPERAntiSpyware.com
2010-12-25 12:01:59 ----A---- C:\Windows\system32\drivers\revoflt.sys
2010-12-25 12:01:57 ----D---- C:\Program Files\VS Revo Group
2010-12-25 11:38:39 ----SHD---- C:\Config.Msi
2010-12-24 16:40:53 ----D---- C:\Program Files\b4ficons
2010-12-24 16:40:52 ----D---- C:\Program Files\Burn4Free
2010-12-21 16:36:14 ----D---- C:\ProgramData\Kaspersky Lab
2010-12-21 13:03:05 ----AD---- C:\Windows\rundll16.exe
2010-12-21 13:03:05 ----AD---- C:\Windows\logo1_.exe
2010-12-18 12:24:23 ----D---- C:\Windows\system32\RTCOM
2010-12-18 12:23:37 ----A---- C:\Windows\DIFxAPI.dll
2010-12-18 12:23:35 ----A---- C:\Windows\system32\SRSWOW.dll
2010-12-18 12:23:35 ----A---- C:\Windows\system32\SRSTSXT.dll
2010-12-18 12:23:35 ----A---- C:\Windows\RtlUpd.exe
2010-12-18 12:23:34 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2010-12-18 12:23:33 ----A---- C:\Windows\system32\RtkPgExt.dll
2010-12-18 12:23:33 ----A---- C:\Windows\system32\RtkCoInst.dll
2010-12-18 12:23:33 ----A---- C:\Windows\system32\RtkAPO.dll
2010-12-18 12:23:32 ----A---- C:\Windows\RtHDVCpl.exe
2010-12-18 12:23:31 ----D---- C:\Program Files\Realtek
2010-12-18 12:23:08 ----A---- C:\Windows\HideWin.exe
2010-12-18 12:23:07 ----A---- C:\Windows\RtlExUpd.dll
2010-12-18 11:10:10 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2010-12-16 13:53:28 ----A---- C:\Windows\system32\iertutil.dll
2010-12-16 13:53:27 ----A---- C:\Windows\system32\mshtml.dll
2010-12-16 13:53:26 ----A---- C:\Windows\system32\mstime.dll
2010-12-16 13:53:26 ----A---- C:\Windows\system32\ieframe.dll
2010-12-16 13:53:24 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-16 13:53:23 ----A---- C:\Windows\system32\wininet.dll
2010-12-16 13:53:22 ----A---- C:\Windows\system32\urlmon.dll
2010-12-16 13:53:22 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-16 13:53:22 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-16 13:53:21 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-16 13:53:20 ----A---- C:\Windows\system32\ieui.dll
2010-12-16 13:53:19 ----A---- C:\Windows\system32\occache.dll
2010-12-16 13:53:19 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-16 13:53:19 ----A---- C:\Windows\system32\iepeers.dll
2010-12-16 13:53:18 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-16 13:53:18 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-16 13:53:18 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-16 13:53:18 ----A---- C:\Windows\system32\iesetup.dll
2010-12-16 13:53:17 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-16 13:53:17 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-16 13:53:17 ----A---- C:\Windows\system32\iernonce.dll
2010-12-16 13:52:17 ----A---- C:\Windows\system32\consent.exe
2010-12-16 13:51:53 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-16 13:51:52 ----A---- C:\Windows\system32\taskschd.dll
2010-12-16 13:51:51 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-16 13:51:51 ----A---- C:\Windows\system32\taskeng.exe
2010-12-16 13:51:50 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-16 13:51:41 ----A---- C:\Windows\system32\atmlib.dll
2010-12-16 13:51:41 ----A---- C:\Windows\system32\atmfd.dll
2010-12-16 13:51:40 ----A---- C:\Windows\system32\fontsub.dll
2010-12-16 13:51:30 ----A---- C:\Windows\system32\gameux.dll
2010-12-16 13:51:26 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-12-16 13:51:25 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-12-16 13:51:01 ----A---- C:\Windows\system32\tzres.dll
2010-12-16 13:49:22 ----A---- C:\Windows\system32\win32k.sys
2010-12-16 13:44:31 ----A---- C:\Windows\system32\schannel.dll
2010-12-16 13:38:50 ----AD---- C:\Windows\VDLL.DLL
2010-12-16 13:38:50 ----AD---- C:\Windows\system32\runouce.exe
2010-12-16 13:38:50 ----AD---- C:\Windows\RUNDL132.EXE
2010-12-16 13:38:50 ----AD---- C:\Windows\logo_1.exe
2010-12-16 13:24:29 ----A---- C:\Windows\system32\msvcp80.dll
2010-12-16 13:24:28 ----A---- C:\Windows\system32\eEmpty.exe
2010-12-16 13:24:23 ----D---- C:\Program Files\Common Files\MicroWorld
2010-12-16 13:24:18 ----D---- C:\ProgramData\MicroWorld
2010-12-15 16:13:42 ----D---- C:\Users\Janči\AppData\Roaming\ICQ
2010-12-15 16:13:33 ----D---- C:\Program Files\ICQ7.2
2010-12-11 19:45:31 ----A---- C:\Windows\system32\wmp.dll
2010-12-11 19:45:27 ----A---- C:\Windows\system32\wmploc.DLL
2010-12-11 19:44:16 ----A---- C:\Windows\system32\srvsvc.dll
2010-12-11 19:44:16 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-12-11 19:44:16 ----A---- C:\Windows\system32\drivers\srv.sys
2010-12-11 19:44:15 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-12-11 19:44:14 ----A---- C:\Windows\system32\netevent.dll
2010-12-11 19:40:03 ----A---- C:\Windows\system32\mfc40.dll
2010-12-11 19:40:02 ----A---- C:\Windows\system32\mfc40u.dll
2010-12-11 19:39:13 ----A---- C:\Windows\system32\ole32.dll
2010-12-11 19:36:48 ----A---- C:\Windows\system32\comctl32.dll
2010-12-11 19:35:49 ----A---- C:\Windows\system32\msshsq.dll
2010-12-11 19:35:47 ----A---- C:\Windows\system32\t2embed.dll
2010-12-11 19:35:45 ----A---- C:\Windows\system32\wmpmde.dll
======List of files/folders modified in the last 1 months======
2010-12-25 15:23:11 ----D---- C:\Windows\Prefetch
2010-12-25 15:22:16 ----RD---- C:\Program Files
2010-12-25 15:06:39 ----D---- C:\Windows\Temp
2010-12-25 14:59:18 ----AD---- C:\ProgramData\TEMP
2010-12-25 12:02:03 ----D---- C:\Windows\system32\drivers
2010-12-25 11:39:07 ----SHD---- C:\Windows\Installer
2010-12-25 11:39:07 ----D---- C:\Program Files\Common Files
2010-12-25 11:38:12 ----SHD---- C:\System Volume Information
2010-12-24 16:16:52 ----D---- C:\Windows\System32
2010-12-24 16:16:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-24 16:16:51 ----D---- C:\Windows\inf
2010-12-23 17:01:04 ----D---- C:\Windows\system32\Tasks
2010-12-23 16:47:46 ----D---- C:\ProgramData\Skype
2010-12-23 16:45:34 ----D---- C:\Users\Janči\AppData\Roaming\Skype
2010-12-23 15:35:43 ----D---- C:\Windows\system32\LogFiles
2010-12-23 11:19:12 ----SD---- C:\Users\Janči\AppData\Roaming\Microsoft
2010-12-23 11:08:53 ----D---- C:\Users\Janči\AppData\Roaming\skypePM
2010-12-22 10:23:14 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-12-21 16:36:14 ----HD---- C:\ProgramData
2010-12-21 13:05:24 ----D---- C:\Program Files\PowerISO
2010-12-21 13:05:21 ----D---- C:\Windows
2010-12-19 15:06:20 ----D---- C:\Windows\system32\catroot2
2010-12-18 12:24:16 ----D---- C:\Windows\system32\catroot
2010-12-18 12:23:30 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-18 11:09:58 ----RSD---- C:\Windows\assembly
2010-12-16 14:29:52 ----D---- C:\Windows\Microsoft.NET
2010-12-16 14:26:46 ----D---- C:\Windows\rescache
2010-12-16 14:20:09 ----D---- C:\Windows\winsxs
2010-12-16 14:06:18 ----D---- C:\Windows\system32\migration
2010-12-16 14:06:18 ----D---- C:\Windows\AppPatch
2010-12-16 14:06:18 ----D---- C:\Program Files\Windows Mail
2010-12-16 14:06:18 ----D---- C:\Program Files\Internet Explorer
2010-12-16 14:02:51 ----D---- C:\Windows\system32\sk-SK
2010-12-16 11:31:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-12-11 21:32:10 ----D---- C:\Windows\system32\en-US
2010-12-11 21:32:10 ----D---- C:\Program Files\Windows Media Player
2010-12-11 17:44:02 ----D---- C:\Program Files\Mozilla Firefox
2010-12-08 21:34:08 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-27 721904]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-07-27 58908]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-02-28 92032]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-01-30 7544832]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2009-06-19 290816]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 15216]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S1 SASDIFSV;SASDIFSV; \??\C:\Users\Janči\Desktop\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\Users\Janči\Desktop\SASKUTIL.sys []
S3 azhb48s0;azhb48s0; C:\Windows\system32\drivers\azhb48s0.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2008-11-04 86696]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2008-11-04 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2008-11-04 114472]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2008-11-04 108328]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2008-11-04 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2008-11-04 104616]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2008-11-04 109736]
S3 SASENUM;SASENUM; \??\C:\Users\Janči\Desktop\SASENUM.SYS []
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 169320]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 61168]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 49400]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-01-30 203296]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 148848]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-06 136176]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by Janči at 2010-12-25 15:22:15
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 131 GB (66%) free of 198 GB
Total RAM: 1021 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:23:16, on 25. 12. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Janči\Desktop\SUPERAntiSpyware.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Huawei technologies\Mobile Connect\Mobile Connect.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Janči\Desktop\RSIT.exe
C:\Program Files\trend micro\Janči.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Sonne Video Converter\codec\quicktime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Users\Janči\Desktop\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{6DF2AB3B-4E16-4B56-BDC2-E666DC2BF2B9}: NameServer = 213.151.200.30 213.151.208.161
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 6706 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-04-02 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-01-27 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-01-27 798771]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"QuickTime Task"=C:\Program Files\Sonne Video Converter\codec\quicktime\QTTask.exe [2007-10-19 286720]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2009-07-22 83336]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-01-30 13605408]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-01-30 92704]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2010-04-02 40368]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-02-15 4390912]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"SUPERAntiSpyware"=C:\Users\Janči\Desktop\SUPERAntiSpyware.exe [2009-12-16 2002160]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-12-25 15:22:16 ----D---- C:\Program Files\trend micro
2010-12-25 15:22:15 ----D---- C:\rsit
2010-12-25 13:22:35 ----D---- C:\Users\Janči\AppData\Roaming\SUPERAntiSpyware.com
2010-12-25 12:01:59 ----A---- C:\Windows\system32\drivers\revoflt.sys
2010-12-25 12:01:57 ----D---- C:\Program Files\VS Revo Group
2010-12-25 11:38:39 ----SHD---- C:\Config.Msi
2010-12-24 16:40:53 ----D---- C:\Program Files\b4ficons
2010-12-24 16:40:52 ----D---- C:\Program Files\Burn4Free
2010-12-21 16:36:14 ----D---- C:\ProgramData\Kaspersky Lab
2010-12-21 13:03:05 ----AD---- C:\Windows\rundll16.exe
2010-12-21 13:03:05 ----AD---- C:\Windows\logo1_.exe
2010-12-18 12:24:23 ----D---- C:\Windows\system32\RTCOM
2010-12-18 12:23:37 ----A---- C:\Windows\DIFxAPI.dll
2010-12-18 12:23:35 ----A---- C:\Windows\system32\SRSWOW.dll
2010-12-18 12:23:35 ----A---- C:\Windows\system32\SRSTSXT.dll
2010-12-18 12:23:35 ----A---- C:\Windows\RtlUpd.exe
2010-12-18 12:23:34 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys
2010-12-18 12:23:33 ----A---- C:\Windows\system32\RtkPgExt.dll
2010-12-18 12:23:33 ----A---- C:\Windows\system32\RtkCoInst.dll
2010-12-18 12:23:33 ----A---- C:\Windows\system32\RtkAPO.dll
2010-12-18 12:23:32 ----A---- C:\Windows\RtHDVCpl.exe
2010-12-18 12:23:31 ----D---- C:\Program Files\Realtek
2010-12-18 12:23:08 ----A---- C:\Windows\HideWin.exe
2010-12-18 12:23:07 ----A---- C:\Windows\RtlExUpd.dll
2010-12-18 11:10:10 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2010-12-16 13:53:28 ----A---- C:\Windows\system32\iertutil.dll
2010-12-16 13:53:27 ----A---- C:\Windows\system32\mshtml.dll
2010-12-16 13:53:26 ----A---- C:\Windows\system32\mstime.dll
2010-12-16 13:53:26 ----A---- C:\Windows\system32\ieframe.dll
2010-12-16 13:53:24 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-16 13:53:23 ----A---- C:\Windows\system32\wininet.dll
2010-12-16 13:53:22 ----A---- C:\Windows\system32\urlmon.dll
2010-12-16 13:53:22 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-16 13:53:22 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-16 13:53:21 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-16 13:53:20 ----A---- C:\Windows\system32\ieui.dll
2010-12-16 13:53:19 ----A---- C:\Windows\system32\occache.dll
2010-12-16 13:53:19 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-16 13:53:19 ----A---- C:\Windows\system32\iepeers.dll
2010-12-16 13:53:18 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-16 13:53:18 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-16 13:53:18 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-16 13:53:18 ----A---- C:\Windows\system32\iesetup.dll
2010-12-16 13:53:17 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-16 13:53:17 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-16 13:53:17 ----A---- C:\Windows\system32\iernonce.dll
2010-12-16 13:52:17 ----A---- C:\Windows\system32\consent.exe
2010-12-16 13:51:53 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-16 13:51:52 ----A---- C:\Windows\system32\taskschd.dll
2010-12-16 13:51:51 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-16 13:51:51 ----A---- C:\Windows\system32\taskeng.exe
2010-12-16 13:51:50 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-16 13:51:41 ----A---- C:\Windows\system32\atmlib.dll
2010-12-16 13:51:41 ----A---- C:\Windows\system32\atmfd.dll
2010-12-16 13:51:40 ----A---- C:\Windows\system32\fontsub.dll
2010-12-16 13:51:30 ----A---- C:\Windows\system32\gameux.dll
2010-12-16 13:51:26 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-12-16 13:51:25 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-12-16 13:51:01 ----A---- C:\Windows\system32\tzres.dll
2010-12-16 13:49:22 ----A---- C:\Windows\system32\win32k.sys
2010-12-16 13:44:31 ----A---- C:\Windows\system32\schannel.dll
2010-12-16 13:38:50 ----AD---- C:\Windows\VDLL.DLL
2010-12-16 13:38:50 ----AD---- C:\Windows\system32\runouce.exe
2010-12-16 13:38:50 ----AD---- C:\Windows\RUNDL132.EXE
2010-12-16 13:38:50 ----AD---- C:\Windows\logo_1.exe
2010-12-16 13:24:29 ----A---- C:\Windows\system32\msvcp80.dll
2010-12-16 13:24:28 ----A---- C:\Windows\system32\eEmpty.exe
2010-12-16 13:24:23 ----D---- C:\Program Files\Common Files\MicroWorld
2010-12-16 13:24:18 ----D---- C:\ProgramData\MicroWorld
2010-12-15 16:13:42 ----D---- C:\Users\Janči\AppData\Roaming\ICQ
2010-12-15 16:13:33 ----D---- C:\Program Files\ICQ7.2
2010-12-11 19:45:31 ----A---- C:\Windows\system32\wmp.dll
2010-12-11 19:45:27 ----A---- C:\Windows\system32\wmploc.DLL
2010-12-11 19:44:16 ----A---- C:\Windows\system32\srvsvc.dll
2010-12-11 19:44:16 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-12-11 19:44:16 ----A---- C:\Windows\system32\drivers\srv.sys
2010-12-11 19:44:15 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-12-11 19:44:14 ----A---- C:\Windows\system32\netevent.dll
2010-12-11 19:40:03 ----A---- C:\Windows\system32\mfc40.dll
2010-12-11 19:40:02 ----A---- C:\Windows\system32\mfc40u.dll
2010-12-11 19:39:13 ----A---- C:\Windows\system32\ole32.dll
2010-12-11 19:36:48 ----A---- C:\Windows\system32\comctl32.dll
2010-12-11 19:35:49 ----A---- C:\Windows\system32\msshsq.dll
2010-12-11 19:35:47 ----A---- C:\Windows\system32\t2embed.dll
2010-12-11 19:35:45 ----A---- C:\Windows\system32\wmpmde.dll
======List of files/folders modified in the last 1 months======
2010-12-25 15:23:11 ----D---- C:\Windows\Prefetch
2010-12-25 15:22:16 ----RD---- C:\Program Files
2010-12-25 15:06:39 ----D---- C:\Windows\Temp
2010-12-25 14:59:18 ----AD---- C:\ProgramData\TEMP
2010-12-25 12:02:03 ----D---- C:\Windows\system32\drivers
2010-12-25 11:39:07 ----SHD---- C:\Windows\Installer
2010-12-25 11:39:07 ----D---- C:\Program Files\Common Files
2010-12-25 11:38:12 ----SHD---- C:\System Volume Information
2010-12-24 16:16:52 ----D---- C:\Windows\System32
2010-12-24 16:16:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-24 16:16:51 ----D---- C:\Windows\inf
2010-12-23 17:01:04 ----D---- C:\Windows\system32\Tasks
2010-12-23 16:47:46 ----D---- C:\ProgramData\Skype
2010-12-23 16:45:34 ----D---- C:\Users\Janči\AppData\Roaming\Skype
2010-12-23 15:35:43 ----D---- C:\Windows\system32\LogFiles
2010-12-23 11:19:12 ----SD---- C:\Users\Janči\AppData\Roaming\Microsoft
2010-12-23 11:08:53 ----D---- C:\Users\Janči\AppData\Roaming\skypePM
2010-12-22 10:23:14 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-12-21 16:36:14 ----HD---- C:\ProgramData
2010-12-21 13:05:24 ----D---- C:\Program Files\PowerISO
2010-12-21 13:05:21 ----D---- C:\Windows
2010-12-19 15:06:20 ----D---- C:\Windows\system32\catroot2
2010-12-18 12:24:16 ----D---- C:\Windows\system32\catroot
2010-12-18 12:23:30 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-18 11:09:58 ----RSD---- C:\Windows\assembly
2010-12-16 14:29:52 ----D---- C:\Windows\Microsoft.NET
2010-12-16 14:26:46 ----D---- C:\Windows\rescache
2010-12-16 14:20:09 ----D---- C:\Windows\winsxs
2010-12-16 14:06:18 ----D---- C:\Windows\system32\migration
2010-12-16 14:06:18 ----D---- C:\Windows\AppPatch
2010-12-16 14:06:18 ----D---- C:\Program Files\Windows Mail
2010-12-16 14:06:18 ----D---- C:\Program Files\Internet Explorer
2010-12-16 14:02:51 ----D---- C:\Windows\system32\sk-SK
2010-12-16 11:31:11 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-12-11 21:32:10 ----D---- C:\Windows\system32\en-US
2010-12-11 21:32:10 ----D---- C:\Program Files\Windows Media Player
2010-12-11 17:44:02 ----D---- C:\Program Files\Mozilla Firefox
2010-12-08 21:34:08 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-27 721904]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-07-27 58908]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-02-28 92032]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-02-14 1740904]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-01-30 7544832]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2009-06-19 290816]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 15216]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S1 SASDIFSV;SASDIFSV; \??\C:\Users\Janči\Desktop\SASDIFSV.SYS []
S1 SASKUTIL;SASKUTIL; \??\C:\Users\Janči\Desktop\SASKUTIL.sys []
S3 azhb48s0;azhb48s0; C:\Windows\system32\drivers\azhb48s0.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2008-11-04 86696]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2008-11-04 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2008-11-04 114472]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2008-11-04 108328]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2008-11-04 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2008-11-04 104616]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2008-11-04 109736]
S3 SASENUM;SASENUM; \??\C:\Users\Janči\Desktop\SASENUM.SYS []
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 169320]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 61168]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 49400]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-01-30 203296]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 148848]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-06 136176]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
-
- Vzorný návštěvník
- Příspěvky: 68
- Registrován: 22 led 2007 14:27
- Bydliště: Banská Bystrica
- Kontaktovat uživatele:
Re: mrzne PC
Ešte to upresním.To isté robí aj mozila.V priebehu načítavania prestane reagovať,zostane biela plocha a vyskočí okno zlyhanie možnosti zabezpečenia,tak isto aj pri tom Winampe.potom nereagujú ani ikony na lište a správca úloh sa dá spustiť tiež až po niekoľkých minútach.
Re: mrzne PC
Dobré ranko
Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
- Vzorný návštěvník
- Příspěvky: 68
- Registrován: 22 led 2007 14:27
- Bydliště: Banská Bystrica
- Kontaktovat uživatele:
Re: mrzne PC
Podarilo sa mi to až na 3x.Dva krát mi počas scanu vyskočila modrá obrazovka s textom(asi niečo s pamäťou),potom čierna a počítač som musel znovu zapnuť a znovu spustiť combofix.Prikladám log
ComboFix 10-12-26.01 - Janči . 12. 2010 14:33:57.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.1021.415 [GMT 1:00]
Running from: c:\users\Janči\Desktop\ComboFix.exe
AV: avast! antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\hpe6EF8.dll
c:\programdata\hpe70EB.dll
.
((((((((((((((((((((((((( Files Created from 2010-11-27 to 2010-12-27 )))))))))))))))))))))))))))))))
.
2010-12-27 13:43 . 2010-12-27 13:43 -------- d-----w- c:\users\Janči\AppData\Local\temp
2010-12-27 13:43 . 2010-12-27 13:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-25 15:26 . 2010-12-25 15:26 -------- d-----w- c:\program files\Winamp Detect
2010-12-25 15:26 . 2010-12-27 02:12 -------- d-----w- c:\users\Janči\AppData\Roaming\Winamp
2010-12-25 15:26 . 2010-12-25 15:28 -------- d-----w- c:\program files\Winamp
2010-12-25 14:50 . 2008-06-21 03:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-12-25 14:50 . 2010-12-25 14:50 -------- d-----w- c:\program files\Sunbelt Software
2010-12-25 14:22 . 2010-12-25 14:23 -------- d-----w- c:\program files\trend micro
2010-12-25 14:22 . 2010-12-25 14:23 -------- d-----w- C:\rsit
2010-12-25 12:22 . 2010-12-25 12:22 -------- d-----w- c:\users\Janči\AppData\Roaming\SUPERAntiSpyware.com
2010-12-25 11:01 . 2009-12-30 11:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-12-25 11:01 . 2010-12-25 11:03 -------- d-----w- c:\program files\VS Revo Group
2010-12-24 15:40 . 2010-12-24 15:40 -------- d-----w- c:\program files\b4ficons
2010-12-24 15:40 . 2010-12-24 15:41 -------- d-----w- c:\program files\Burn4Free
2010-12-21 15:36 . 2010-12-23 07:54 -------- d-----w- c:\programdata\Kaspersky Lab
2010-12-21 12:03 . 2010-12-21 12:03 -------- d---a-w- c:\windows\rundll16.exe
2010-12-21 12:03 . 2010-12-21 12:03 -------- d---a-w- c:\windows\logo1_.exe
2010-12-18 11:24 . 2007-02-09 13:56 176 ----a-w- c:\windows\system32\drivers\RTHDAEQ0.dat
2010-12-18 11:24 . 2007-02-09 13:56 176 ----a-w- c:\windows\system32\drivers\RTHDAEQ1.dat
2010-12-18 11:24 . 2010-12-18 11:24 -------- d-----w- c:\windows\system32\RTCOM
2010-12-18 10:10 . 2010-12-18 10:10 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2010-12-16 12:52 . 2010-10-12 13:41 515584 ----a-w- c:\program files\Windows Mail\wab.exe
2010-12-16 12:52 . 2010-10-12 15:53 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll
2010-12-16 12:52 . 2010-10-12 13:41 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe
2010-12-16 12:52 . 2010-10-18 13:37 81920 ----a-w- c:\windows\system32\consent.exe
2010-12-16 12:52 . 2010-11-03 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-12-16 12:51 . 2010-11-04 18:55 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-12-16 12:51 . 2010-11-04 18:55 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-12-16 12:51 . 2010-11-04 18:56 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-12-16 12:51 . 2010-11-04 16:34 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-12-16 12:51 . 2010-11-04 18:55 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-12-16 12:51 . 2010-10-28 15:44 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-12-16 12:51 . 2010-10-28 13:27 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-16 12:51 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-12-16 12:51 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-12-16 12:51 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-12-16 12:51 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-12-16 12:51 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-16 12:49 . 2010-10-18 13:31 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-12-16 12:44 . 2010-08-10 15:53 274944 ----a-w- c:\windows\system32\schannel.dll
2010-12-16 12:38 . 2010-12-16 12:38 -------- d---a-w- c:\windows\VDLL.DLL
2010-12-16 12:38 . 2010-12-16 12:38 -------- d---a-w- c:\windows\system32\runouce.exe
2010-12-16 12:38 . 2010-12-16 12:38 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-12-16 12:38 . 2010-12-16 12:38 -------- d---a-w- c:\windows\logo_1.exe
2010-12-16 12:24 . 2010-12-16 12:24 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-12-16 12:24 . 2010-12-16 12:24 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-12-16 12:24 . 2010-12-16 12:24 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-12-16 12:24 . 2010-12-16 12:24 -------- d-----w- c:\programdata\MicroWorld
2010-12-15 15:13 . 2010-12-16 13:12 -------- d-----w- c:\users\Janči\AppData\Roaming\ICQ
2010-12-15 15:13 . 2010-12-15 15:13 -------- d-----w- c:\users\Janči\AppData\Local\AOL
2010-12-15 15:13 . 2010-12-15 15:21 -------- d-----w- c:\program files\ICQ7.2
2010-12-11 18:45 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-12-11 18:45 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-12-11 18:44 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-12-11 18:44 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-12-11 18:44 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-12-11 18:44 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-12-11 18:44 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-12-11 18:40 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-12-11 18:40 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-12-11 18:39 . 2010-06-28 17:00 1316864 ----a-w- c:\windows\system32\ole32.dll
2010-12-11 18:39 . 2010-06-28 14:54 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2010-12-11 18:36 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-12-11 18:35 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-12-11 18:35 . 2010-08-26 16:37 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-12-11 18:35 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-12-11 18:35 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-12-02 15:58 . 2010-12-02 15:58 12800 ----a-w- c:\program files\Mozilla Firefox\plugins\npwachk.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-21 12:05 . 2010-12-21 12:03 11745946 ----a-w- c:\windows\REGBK00.ZIP
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"SUPERAntiSpyware"="c:\users\Janči\Desktop\SUPERAntiSpyware.exe" [2009-12-16 2002160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"QuickTime Task"="c:\program files\Sonne Video Converter\codec\quicktime\QTTask.exe" [2007-10-19 286720]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-30 92704]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-04-02 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-12-8 2717024]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2517944506-1680038036-544962124-1000]
"EnableNotificationsRef"=dword:00000001
R1 SASDIFSV;SASDIFSV;c:\users\Janči\Desktop\SASDIFSV.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\Janči\Desktop\SASKUTIL.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-06 136176]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2008-11-04 86696]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2008-11-04 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2008-11-04 114472]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2008-11-04 108328]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2008-11-04 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2008-11-04 104616]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2008-11-04 109736]
R3 SASENUM;SASENUM;c:\users\Janči\Desktop\SASENUM.SYS [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-27 721904]
S1 aswSP;avast! Self Protection; [x]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2008-10-31 270888]
S1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-06-21 66600]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
2010-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-06 08:57]
2010-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-06 08:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.sk/
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\Janči\AppData\Roaming\Mozilla\Firefox\Profiles\yxjpn1ee.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.sk/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: WebTran: {003D3EDC-99B9-4a34-9C20-60CB94F7E829} - %profile%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-ITSecMng - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-27 14:43
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-12-27 14:47:59
ComboFix-quarantined-files.txt 2010-12-27 13:47
Pre-Run: 133 788 299 264 bytes free
Post-Run: 133 741 752 320 bytes free
- - End Of File - - 21E6707CE87D6AD9568D4297D5E94E12
ComboFix 10-12-26.01 - Janči . 12. 2010 14:33:57.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.1021.415 [GMT 1:00]
Running from: c:\users\Janči\Desktop\ComboFix.exe
AV: avast! antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\hpe6EF8.dll
c:\programdata\hpe70EB.dll
.
((((((((((((((((((((((((( Files Created from 2010-11-27 to 2010-12-27 )))))))))))))))))))))))))))))))
.
2010-12-27 13:43 . 2010-12-27 13:43 -------- d-----w- c:\users\Janči\AppData\Local\temp
2010-12-27 13:43 . 2010-12-27 13:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-25 15:26 . 2010-12-25 15:26 -------- d-----w- c:\program files\Winamp Detect
2010-12-25 15:26 . 2010-12-27 02:12 -------- d-----w- c:\users\Janči\AppData\Roaming\Winamp
2010-12-25 15:26 . 2010-12-25 15:28 -------- d-----w- c:\program files\Winamp
2010-12-25 14:50 . 2008-06-21 03:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-12-25 14:50 . 2010-12-25 14:50 -------- d-----w- c:\program files\Sunbelt Software
2010-12-25 14:22 . 2010-12-25 14:23 -------- d-----w- c:\program files\trend micro
2010-12-25 14:22 . 2010-12-25 14:23 -------- d-----w- C:\rsit
2010-12-25 12:22 . 2010-12-25 12:22 -------- d-----w- c:\users\Janči\AppData\Roaming\SUPERAntiSpyware.com
2010-12-25 11:01 . 2009-12-30 11:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2010-12-25 11:01 . 2010-12-25 11:03 -------- d-----w- c:\program files\VS Revo Group
2010-12-24 15:40 . 2010-12-24 15:40 -------- d-----w- c:\program files\b4ficons
2010-12-24 15:40 . 2010-12-24 15:41 -------- d-----w- c:\program files\Burn4Free
2010-12-21 15:36 . 2010-12-23 07:54 -------- d-----w- c:\programdata\Kaspersky Lab
2010-12-21 12:03 . 2010-12-21 12:03 -------- d---a-w- c:\windows\rundll16.exe
2010-12-21 12:03 . 2010-12-21 12:03 -------- d---a-w- c:\windows\logo1_.exe
2010-12-18 11:24 . 2007-02-09 13:56 176 ----a-w- c:\windows\system32\drivers\RTHDAEQ0.dat
2010-12-18 11:24 . 2007-02-09 13:56 176 ----a-w- c:\windows\system32\drivers\RTHDAEQ1.dat
2010-12-18 11:24 . 2010-12-18 11:24 -------- d-----w- c:\windows\system32\RTCOM
2010-12-18 10:10 . 2010-12-18 10:10 -------- d-----w- c:\programdata\PC Drivers HeadQuarters
2010-12-16 12:52 . 2010-10-12 13:41 515584 ----a-w- c:\program files\Windows Mail\wab.exe
2010-12-16 12:52 . 2010-10-12 15:53 33280 ----a-w- c:\program files\Windows Mail\wabfind.dll
2010-12-16 12:52 . 2010-10-12 13:41 66048 ----a-w- c:\program files\Windows Mail\wabmig.exe
2010-12-16 12:52 . 2010-10-18 13:37 81920 ----a-w- c:\windows\system32\consent.exe
2010-12-16 12:52 . 2010-11-03 10:51 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2010-12-16 12:51 . 2010-11-04 18:55 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-12-16 12:51 . 2010-11-04 18:55 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-12-16 12:51 . 2010-11-04 18:56 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-12-16 12:51 . 2010-11-04 16:34 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-12-16 12:51 . 2010-11-04 18:55 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-12-16 12:51 . 2010-10-28 15:44 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-12-16 12:51 . 2010-10-28 13:27 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-12-16 12:51 . 2010-06-16 15:30 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-12-16 12:51 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-12-16 12:51 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-12-16 12:51 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-12-16 12:51 . 2010-10-28 13:20 2048 ----a-w- c:\windows\system32\tzres.dll
2010-12-16 12:49 . 2010-10-18 13:31 2038272 ----a-w- c:\windows\system32\win32k.sys
2010-12-16 12:44 . 2010-08-10 15:53 274944 ----a-w- c:\windows\system32\schannel.dll
2010-12-16 12:38 . 2010-12-16 12:38 -------- d---a-w- c:\windows\VDLL.DLL
2010-12-16 12:38 . 2010-12-16 12:38 -------- d---a-w- c:\windows\system32\runouce.exe
2010-12-16 12:38 . 2010-12-16 12:38 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-12-16 12:38 . 2010-12-16 12:38 -------- d---a-w- c:\windows\logo_1.exe
2010-12-16 12:24 . 2010-12-16 12:24 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-12-16 12:24 . 2010-12-16 12:24 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-12-16 12:24 . 2010-12-16 12:24 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-12-16 12:24 . 2010-12-16 12:24 -------- d-----w- c:\programdata\MicroWorld
2010-12-15 15:13 . 2010-12-16 13:12 -------- d-----w- c:\users\Janči\AppData\Roaming\ICQ
2010-12-15 15:13 . 2010-12-15 15:13 -------- d-----w- c:\users\Janči\AppData\Local\AOL
2010-12-15 15:13 . 2010-12-15 15:21 -------- d-----w- c:\program files\ICQ7.2
2010-12-11 18:45 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-12-11 18:45 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-12-11 18:44 . 2010-09-06 16:20 125952 ----a-w- c:\windows\system32\srvsvc.dll
2010-12-11 18:44 . 2010-09-06 13:45 304128 ----a-w- c:\windows\system32\drivers\srv.sys
2010-12-11 18:44 . 2010-09-06 13:45 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-12-11 18:44 . 2010-09-06 13:45 145408 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-12-11 18:44 . 2010-09-06 16:19 17920 ----a-w- c:\windows\system32\netevent.dll
2010-12-11 18:40 . 2010-08-31 15:46 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-12-11 18:40 . 2010-08-31 15:46 954288 ----a-w- c:\windows\system32\mfc40u.dll
2010-12-11 18:39 . 2010-06-28 17:00 1316864 ----a-w- c:\windows\system32\ole32.dll
2010-12-11 18:39 . 2010-06-28 14:54 339968 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2010-12-11 18:36 . 2010-08-31 15:44 531968 ----a-w- c:\windows\system32\comctl32.dll
2010-12-11 18:35 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2010-12-11 18:35 . 2010-08-26 16:37 157184 ----a-w- c:\windows\system32\t2embed.dll
2010-12-11 18:35 . 2010-08-20 16:05 867328 ----a-w- c:\windows\system32\wmpmde.dll
2010-12-11 18:35 . 2010-10-19 04:27 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-12-02 15:58 . 2010-12-02 15:58 12800 ----a-w- c:\program files\Mozilla Firefox\plugins\npwachk.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-21 12:05 . 2010-12-21 12:03 11745946 ----a-w- c:\windows\REGBK00.ZIP
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"SUPERAntiSpyware"="c:\users\Janči\Desktop\SUPERAntiSpyware.exe" [2009-12-16 2002160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"QuickTime Task"="c:\program files\Sonne Video Converter\codec\quicktime\QTTask.exe" [2007-10-19 286720]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-30 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-30 92704]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-04-02 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"RtHDVCpl"="RtHDVCpl.exe" [2007-02-15 4390912]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-12-8 2717024]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2517944506-1680038036-544962124-1000]
"EnableNotificationsRef"=dword:00000001
R1 SASDIFSV;SASDIFSV;c:\users\Janči\Desktop\SASDIFSV.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\Janči\Desktop\SASKUTIL.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-06 136176]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2008-11-04 86696]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2008-11-04 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2008-11-04 114472]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2008-11-04 108328]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2008-11-04 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2008-11-04 104616]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2008-11-04 109736]
R3 SASENUM;SASENUM;c:\users\Janči\Desktop\SASENUM.SYS [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-27 721904]
S1 aswSP;avast! Self Protection; [x]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2008-10-31 270888]
S1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-06-21 66600]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328]
S2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
2010-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-06 08:57]
2010-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-06 08:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.sk/
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
FF - ProfilePath - c:\users\Janči\AppData\Roaming\Mozilla\Firefox\Profiles\yxjpn1ee.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.sk/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8 ... &gfns=1&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: WebTran: {003D3EDC-99B9-4a34-9C20-60CB94F7E829} - %profile%\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-ITSecMng - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-27 14:43
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-12-27 14:47:59
ComboFix-quarantined-files.txt 2010-12-27 13:47
Pre-Run: 133 788 299 264 bytes free
Post-Run: 133 741 752 320 bytes free
- - End Of File - - 21E6707CE87D6AD9568D4297D5E94E12
Re: mrzne PC
Změnilo se něco?
Asi bych zkusila otestovat ty paměti
Zkuste otestovat Ramky - nechejte to běžet delší dobu
http://www.memtest.org/download/2.11/me ... 11.iso.zip
(musíte cd napřed vypálit třeba v Imgburnu, stažený zip soubor napřed rozbalit)
Asi bych zkusila otestovat ty paměti
Zkuste otestovat Ramky - nechejte to běžet delší dobu
http://www.memtest.org/download/2.11/me ... 11.iso.zip
(musíte cd napřed vypálit třeba v Imgburnu, stažený zip soubor napřed rozbalit)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
- Vzorný návštěvník
- Příspěvky: 68
- Registrován: 22 led 2007 14:27
- Bydliště: Banská Bystrica
- Kontaktovat uživatele:
Re: mrzne PC
Nezmenilo sa nič.Skusim este tie pamäte otestovať,ak sa mi podarí.Zatiaľ vďaka!
-
- Vzorný návštěvník
- Příspěvky: 68
- Registrován: 22 led 2007 14:27
- Bydliště: Banská Bystrica
- Kontaktovat uživatele:
Re: mrzne PC
pamete sa zdaju byt po teste v poriadku.
Re: mrzne PC
Zkuste je testovat aspon 10-12 hodin
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
- Vzorný návštěvník
- Příspěvky: 68
- Registrován: 22 led 2007 14:27
- Bydliště: Banská Bystrica
- Kontaktovat uživatele:
Re: mrzne PC
Myslím ,že to vyriešila obnova systemu k 13.11.2010.Vďaka za rady.
Re: mrzne PC
Když myslíte Pokud by se BSOD stále vyskytovaly, napište
Nechcete sem dát raději ještě log ze Rsitu ?
Nechcete sem dát raději ještě log ze Rsitu ?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
- Vzorný návštěvník
- Příspěvky: 68
- Registrován: 22 led 2007 14:27
- Bydliště: Banská Bystrica
- Kontaktovat uživatele:
Re: mrzne PC
Logfile of random's system information tool 1.08 (written by random/random)
Run by Janči at 2010-12-28 13:47:37
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 128 GB (65%) free of 198 GB
Total RAM: 1021 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:48:40, on 28. 12. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Huawei technologies\Mobile Connect\Mobile Connect.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Janči\Desktop\RSIT.exe
C:\Program Files\trend micro\Janči.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Sonne Video Converter\codec\quicktime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{6DF2AB3B-4E16-4B56-BDC2-E666DC2BF2B9}: NameServer = 213.151.200.30 213.151.208.161
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 6949 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-04-02 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-01-27 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-01-27 798771]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"QuickTime Task"=C:\Program Files\Sonne Video Converter\codec\quicktime\QTTask.exe [2007-10-19 286720]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2009-07-22 83336]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-01-30 13605408]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-01-30 92704]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2010-04-02 40368]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-12-28 00:52:06 ----A---- C:\Windows\system32\taskschd.dll
2010-12-28 00:52:06 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-28 00:52:05 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-28 00:52:04 ----A---- C:\Windows\system32\taskeng.exe
2010-12-28 00:52:04 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-28 00:51:46 ----A---- C:\Windows\system32\wmp.dll
2010-12-28 00:51:42 ----A---- C:\Windows\system32\wmploc.DLL
2010-12-28 00:51:04 ----A---- C:\Windows\system32\srvsvc.dll
2010-12-28 00:51:04 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-12-28 00:51:04 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-12-28 00:51:04 ----A---- C:\Windows\system32\drivers\srv.sys
2010-12-28 00:51:03 ----A---- C:\Windows\system32\netevent.dll
2010-12-28 00:50:37 ----A---- C:\Windows\system32\ole32.dll
2010-12-28 00:50:33 ----A---- C:\Windows\system32\consent.exe
2010-12-28 00:50:31 ----A---- C:\Windows\system32\schannel.dll
2010-12-28 00:50:07 ----A---- C:\Windows\system32\win32k.sys
2010-12-28 00:50:05 ----A---- C:\Windows\system32\t2embed.dll
2010-12-28 00:50:02 ----A---- C:\Windows\system32\mfc40.dll
2010-12-28 00:50:01 ----A---- C:\Windows\system32\mfc40u.dll
2010-12-28 00:49:57 ----A---- C:\Windows\system32\atmlib.dll
2010-12-28 00:49:57 ----A---- C:\Windows\system32\atmfd.dll
2010-12-28 00:49:56 ----A---- C:\Windows\system32\fontsub.dll
2010-12-28 00:49:46 ----A---- C:\Windows\system32\comctl32.dll
2010-12-28 00:49:41 ----A---- C:\Windows\system32\wmpmde.dll
2010-12-28 00:49:26 ----A---- C:\Windows\system32\tzres.dll
2010-12-28 00:45:21 ----A---- C:\Windows\system32\msshsq.dll
2010-12-27 16:31:09 ----D---- C:\Users\Janči\AppData\Roaming\Uniblue
2010-12-27 16:29:40 ----D---- C:\Users\Janči\AppData\Roaming\ImgBurn
2010-12-27 16:28:31 ----D---- C:\Program Files\ImgBurn
2010-12-27 15:14:47 ----D---- C:\Program Files\WinASO
2010-12-27 14:48:06 ----D---- C:\Windows\temp
2010-12-27 14:48:02 ----A---- C:\ComboFix.txt
2010-12-27 14:32:08 ----D---- C:\ComboFix
2010-12-27 14:19:30 ----D---- C:\Windows\Minidump
2010-12-27 14:07:01 ----D---- C:\Qoobox
2010-12-25 16:26:19 ----D---- C:\Users\Janči\AppData\Roaming\Winamp(134)
2010-12-25 16:26:19 ----D---- C:\Program Files\Winamp(99)
2010-12-25 15:50:08 ----D---- C:\Program Files\Sunbelt Software
2010-12-25 15:22:16 ----D---- C:\Program Files\trend micro
2010-12-25 15:22:15 ----D---- C:\rsit
2010-12-25 13:22:35 ----D---- C:\Users\Janči\AppData\Roaming\SUPERAntiSpyware(133).com
2010-12-25 12:01:57 ----D---- C:\Program Files\VS Revo Group(98)
2010-12-24 16:40:52 ----D---- C:\Program Files\Burn4Free
2010-12-21 16:36:14 ----D---- C:\ProgramData\Kaspersky Lab
2010-12-21 13:03:05 ----AD---- C:\Windows\rundll16.exe
2010-12-21 13:03:05 ----AD---- C:\Windows\logo1_.exe
2010-12-16 13:38:50 ----AD---- C:\Windows\VDLL.DLL
2010-12-16 13:38:50 ----AD---- C:\Windows\system32\runouce.exe
2010-12-16 13:38:50 ----AD---- C:\Windows\RUNDL132.EXE
2010-12-16 13:38:50 ----AD---- C:\Windows\logo_1.exe
2010-12-16 13:24:23 ----D---- C:\Program Files\Common Files\MicroWorld
2010-12-16 13:24:18 ----D---- C:\ProgramData\MicroWorld
2010-12-15 16:13:42 ----D---- C:\Users\Janči\AppData\Roaming\ICQ
2010-12-15 16:13:33 ----D---- C:\Program Files\ICQ7.2
======List of files/folders modified in the last 1 months======
2010-12-28 13:48:34 ----D---- C:\Windows\Prefetch
2010-12-28 13:29:52 ----AD---- C:\ProgramData\TEMP
2010-12-28 10:38:46 ----D---- C:\Windows\rescache
2010-12-28 10:34:45 ----D---- C:\Windows\winsxs
2010-12-28 10:33:09 ----D---- C:\Program Files\Mozilla Firefox
2010-12-28 10:27:17 ----D---- C:\Windows\System32
2010-12-28 10:27:17 ----D---- C:\Windows\inf
2010-12-28 10:27:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-28 01:17:07 ----D---- C:\Windows\system32\catroot
2010-12-28 01:13:29 ----D---- C:\Windows\system32\sk-SK
2010-12-28 01:13:29 ----D---- C:\Windows\system32\en-US
2010-12-28 01:13:29 ----D---- C:\Windows\system32\drivers
2010-12-28 01:13:29 ----D---- C:\Program Files\Windows Media Player
2010-12-28 01:13:28 ----D---- C:\Program Files\Windows Mail
2010-12-28 01:13:27 ----D---- C:\Program Files\Internet Explorer
2010-12-28 00:58:57 ----SHD---- C:\System Volume Information
2010-12-28 00:49:05 ----D---- C:\Windows\system32\catroot2
2010-12-28 00:41:33 ----D---- C:\Program Files\MP3 Rocket
2010-12-28 00:41:17 ----SHD---- C:\Windows\Installer
2010-12-28 00:41:16 ----RD---- C:\Program Files
2010-12-28 00:14:27 ----D---- C:\Windows\system32\Msdtc
2010-12-28 00:14:25 ----D---- C:\Windows\system32\wbem
2010-12-28 00:14:25 ----D---- C:\Windows
2010-12-28 00:13:38 ----D---- C:\Windows\system32\config
2010-12-28 00:12:31 ----SD---- C:\Windows\Downloaded Program Files
2010-12-28 00:12:31 ----RSD---- C:\Windows\Media
2010-12-28 00:12:31 ----D---- C:\Program Files\Common Files\Services
2010-12-28 00:12:29 ----D---- C:\Windows\Tasks
2010-12-28 00:12:29 ----D---- C:\Windows\system32\Tasks
2010-12-28 00:12:29 ----D---- C:\Windows\system32\spool
2010-12-28 00:12:29 ----D---- C:\Windows\system32\drivers\UMDF
2010-12-28 00:12:29 ----D---- C:\Windows\system32\drivers\etc
2010-12-28 00:12:29 ----D---- C:\Windows\system32\CodeIntegrity
2010-12-28 00:12:27 ----D---- C:\Users\Janči\AppData\Roaming\Winamp
2010-12-28 00:12:26 ----D---- C:\Users\Janči\AppData\Roaming\SUPERAntiSpyware.com
2010-12-28 00:12:24 ----HD---- C:\ProgramData
2010-12-28 00:12:24 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-12-28 00:12:24 ----D---- C:\Program Files\Winamp
2010-12-28 00:12:23 ----D---- C:\Program Files\Winamp Detect
2010-12-28 00:12:23 ----D---- C:\Program Files\VS Revo Group
2010-12-28 00:12:23 ----D---- C:\Program Files\SUPERAntiSpyware
2010-12-28 00:12:22 ----RD---- C:\Program Files\Skype
2010-12-28 00:12:22 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-12-28 00:12:22 ----D---- C:\Program Files\PowerISO
2010-12-28 00:12:20 ----SHD---- C:\$Recycle.Bin
2010-12-28 00:12:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-12-28 00:12:20 ----D---- C:\Program Files\Common Files\Skype
2010-12-28 00:12:20 ----D---- C:\Program Files\Common Files
2010-12-28 00:12:03 ----D---- C:\Windows\registration
2010-12-27 23:55:43 ----D---- C:\Windows\system32\LogFiles
2010-12-27 15:16:04 ----D---- C:\Windows\Debug
2010-12-23 16:47:46 ----D---- C:\ProgramData\Skype
2010-12-23 16:45:34 ----D---- C:\Users\Janči\AppData\Roaming\Skype
2010-12-23 11:19:12 ----SD---- C:\Users\Janči\AppData\Roaming\Microsoft
2010-12-23 11:08:53 ----D---- C:\Users\Janči\AppData\Roaming\skypePM
2010-12-18 12:23:30 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-18 11:09:58 ----RSD---- C:\Windows\assembly
2010-12-16 14:29:52 ----D---- C:\Windows\Microsoft.NET
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-27 721904]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2009-12-16 9968]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2009-12-16 74480]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-07-27 58908]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-02-28 92032]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-01-30 7544832]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2009-06-19 290816]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 15216]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 akld34qf;akld34qf; C:\Windows\system32\drivers\akld34qf.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2008-11-04 86696]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2008-11-04 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2008-11-04 114472]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2008-11-04 108328]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2008-11-04 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2008-11-04 104616]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2008-11-04 109736]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-12-16 7408]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 169320]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 61168]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 49400]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-01-30 203296]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 148848]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-06 136176]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Run by Janči at 2010-12-28 13:47:37
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 128 GB (65%) free of 198 GB
Total RAM: 1021 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:48:40, on 28. 12. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Huawei technologies\Mobile Connect\Mobile Connect.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Janči\Desktop\RSIT.exe
C:\Program Files\trend micro\Janči.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\Sonne Video Converter\codec\quicktime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{6DF2AB3B-4E16-4B56-BDC2-E666DC2BF2B9}: NameServer = 213.151.200.30 213.151.208.161
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
--
End of file - 6949 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-04-02 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2010-01-27 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2010-01-27 798771]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"QuickTime Task"=C:\Program Files\Sonne Video Converter\codec\quicktime\QTTask.exe [2007-10-19 286720]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2009-07-22 83336]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-01-30 13605408]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-01-30 92704]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2010-04-02 40368]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-12-28 00:52:06 ----A---- C:\Windows\system32\taskschd.dll
2010-12-28 00:52:06 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-28 00:52:05 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-28 00:52:04 ----A---- C:\Windows\system32\taskeng.exe
2010-12-28 00:52:04 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-28 00:51:46 ----A---- C:\Windows\system32\wmp.dll
2010-12-28 00:51:42 ----A---- C:\Windows\system32\wmploc.DLL
2010-12-28 00:51:04 ----A---- C:\Windows\system32\srvsvc.dll
2010-12-28 00:51:04 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-12-28 00:51:04 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-12-28 00:51:04 ----A---- C:\Windows\system32\drivers\srv.sys
2010-12-28 00:51:03 ----A---- C:\Windows\system32\netevent.dll
2010-12-28 00:50:37 ----A---- C:\Windows\system32\ole32.dll
2010-12-28 00:50:33 ----A---- C:\Windows\system32\consent.exe
2010-12-28 00:50:31 ----A---- C:\Windows\system32\schannel.dll
2010-12-28 00:50:07 ----A---- C:\Windows\system32\win32k.sys
2010-12-28 00:50:05 ----A---- C:\Windows\system32\t2embed.dll
2010-12-28 00:50:02 ----A---- C:\Windows\system32\mfc40.dll
2010-12-28 00:50:01 ----A---- C:\Windows\system32\mfc40u.dll
2010-12-28 00:49:57 ----A---- C:\Windows\system32\atmlib.dll
2010-12-28 00:49:57 ----A---- C:\Windows\system32\atmfd.dll
2010-12-28 00:49:56 ----A---- C:\Windows\system32\fontsub.dll
2010-12-28 00:49:46 ----A---- C:\Windows\system32\comctl32.dll
2010-12-28 00:49:41 ----A---- C:\Windows\system32\wmpmde.dll
2010-12-28 00:49:26 ----A---- C:\Windows\system32\tzres.dll
2010-12-28 00:45:21 ----A---- C:\Windows\system32\msshsq.dll
2010-12-27 16:31:09 ----D---- C:\Users\Janči\AppData\Roaming\Uniblue
2010-12-27 16:29:40 ----D---- C:\Users\Janči\AppData\Roaming\ImgBurn
2010-12-27 16:28:31 ----D---- C:\Program Files\ImgBurn
2010-12-27 15:14:47 ----D---- C:\Program Files\WinASO
2010-12-27 14:48:06 ----D---- C:\Windows\temp
2010-12-27 14:48:02 ----A---- C:\ComboFix.txt
2010-12-27 14:32:08 ----D---- C:\ComboFix
2010-12-27 14:19:30 ----D---- C:\Windows\Minidump
2010-12-27 14:07:01 ----D---- C:\Qoobox
2010-12-25 16:26:19 ----D---- C:\Users\Janči\AppData\Roaming\Winamp(134)
2010-12-25 16:26:19 ----D---- C:\Program Files\Winamp(99)
2010-12-25 15:50:08 ----D---- C:\Program Files\Sunbelt Software
2010-12-25 15:22:16 ----D---- C:\Program Files\trend micro
2010-12-25 15:22:15 ----D---- C:\rsit
2010-12-25 13:22:35 ----D---- C:\Users\Janči\AppData\Roaming\SUPERAntiSpyware(133).com
2010-12-25 12:01:57 ----D---- C:\Program Files\VS Revo Group(98)
2010-12-24 16:40:52 ----D---- C:\Program Files\Burn4Free
2010-12-21 16:36:14 ----D---- C:\ProgramData\Kaspersky Lab
2010-12-21 13:03:05 ----AD---- C:\Windows\rundll16.exe
2010-12-21 13:03:05 ----AD---- C:\Windows\logo1_.exe
2010-12-16 13:38:50 ----AD---- C:\Windows\VDLL.DLL
2010-12-16 13:38:50 ----AD---- C:\Windows\system32\runouce.exe
2010-12-16 13:38:50 ----AD---- C:\Windows\RUNDL132.EXE
2010-12-16 13:38:50 ----AD---- C:\Windows\logo_1.exe
2010-12-16 13:24:23 ----D---- C:\Program Files\Common Files\MicroWorld
2010-12-16 13:24:18 ----D---- C:\ProgramData\MicroWorld
2010-12-15 16:13:42 ----D---- C:\Users\Janči\AppData\Roaming\ICQ
2010-12-15 16:13:33 ----D---- C:\Program Files\ICQ7.2
======List of files/folders modified in the last 1 months======
2010-12-28 13:48:34 ----D---- C:\Windows\Prefetch
2010-12-28 13:29:52 ----AD---- C:\ProgramData\TEMP
2010-12-28 10:38:46 ----D---- C:\Windows\rescache
2010-12-28 10:34:45 ----D---- C:\Windows\winsxs
2010-12-28 10:33:09 ----D---- C:\Program Files\Mozilla Firefox
2010-12-28 10:27:17 ----D---- C:\Windows\System32
2010-12-28 10:27:17 ----D---- C:\Windows\inf
2010-12-28 10:27:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-28 01:17:07 ----D---- C:\Windows\system32\catroot
2010-12-28 01:13:29 ----D---- C:\Windows\system32\sk-SK
2010-12-28 01:13:29 ----D---- C:\Windows\system32\en-US
2010-12-28 01:13:29 ----D---- C:\Windows\system32\drivers
2010-12-28 01:13:29 ----D---- C:\Program Files\Windows Media Player
2010-12-28 01:13:28 ----D---- C:\Program Files\Windows Mail
2010-12-28 01:13:27 ----D---- C:\Program Files\Internet Explorer
2010-12-28 00:58:57 ----SHD---- C:\System Volume Information
2010-12-28 00:49:05 ----D---- C:\Windows\system32\catroot2
2010-12-28 00:41:33 ----D---- C:\Program Files\MP3 Rocket
2010-12-28 00:41:17 ----SHD---- C:\Windows\Installer
2010-12-28 00:41:16 ----RD---- C:\Program Files
2010-12-28 00:14:27 ----D---- C:\Windows\system32\Msdtc
2010-12-28 00:14:25 ----D---- C:\Windows\system32\wbem
2010-12-28 00:14:25 ----D---- C:\Windows
2010-12-28 00:13:38 ----D---- C:\Windows\system32\config
2010-12-28 00:12:31 ----SD---- C:\Windows\Downloaded Program Files
2010-12-28 00:12:31 ----RSD---- C:\Windows\Media
2010-12-28 00:12:31 ----D---- C:\Program Files\Common Files\Services
2010-12-28 00:12:29 ----D---- C:\Windows\Tasks
2010-12-28 00:12:29 ----D---- C:\Windows\system32\Tasks
2010-12-28 00:12:29 ----D---- C:\Windows\system32\spool
2010-12-28 00:12:29 ----D---- C:\Windows\system32\drivers\UMDF
2010-12-28 00:12:29 ----D---- C:\Windows\system32\drivers\etc
2010-12-28 00:12:29 ----D---- C:\Windows\system32\CodeIntegrity
2010-12-28 00:12:27 ----D---- C:\Users\Janči\AppData\Roaming\Winamp
2010-12-28 00:12:26 ----D---- C:\Users\Janči\AppData\Roaming\SUPERAntiSpyware.com
2010-12-28 00:12:24 ----HD---- C:\ProgramData
2010-12-28 00:12:24 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-12-28 00:12:24 ----D---- C:\Program Files\Winamp
2010-12-28 00:12:23 ----D---- C:\Program Files\Winamp Detect
2010-12-28 00:12:23 ----D---- C:\Program Files\VS Revo Group
2010-12-28 00:12:23 ----D---- C:\Program Files\SUPERAntiSpyware
2010-12-28 00:12:22 ----RD---- C:\Program Files\Skype
2010-12-28 00:12:22 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-12-28 00:12:22 ----D---- C:\Program Files\PowerISO
2010-12-28 00:12:20 ----SHD---- C:\$Recycle.Bin
2010-12-28 00:12:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-12-28 00:12:20 ----D---- C:\Program Files\Common Files\Skype
2010-12-28 00:12:20 ----D---- C:\Program Files\Common Files
2010-12-28 00:12:03 ----D---- C:\Windows\registration
2010-12-27 23:55:43 ----D---- C:\Windows\system32\LogFiles
2010-12-27 15:16:04 ----D---- C:\Windows\Debug
2010-12-23 16:47:46 ----D---- C:\ProgramData\Skype
2010-12-23 16:45:34 ----D---- C:\Users\Janči\AppData\Roaming\Skype
2010-12-23 11:19:12 ----SD---- C:\Users\Janči\AppData\Roaming\Microsoft
2010-12-23 11:08:53 ----D---- C:\Users\Janči\AppData\Roaming\skypePM
2010-12-18 12:23:30 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-18 11:09:58 ----RSD---- C:\Windows\assembly
2010-12-16 14:29:52 ----D---- C:\Windows\Microsoft.NET
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-27 721904]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2009-12-16 9968]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2009-12-16 74480]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-07-27 58908]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2009-07-28 69480]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-02-28 92032]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-01-30 7544832]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 44544]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2009-06-19 290816]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2009-06-17 46984]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2009-07-13 15216]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 akld34qf;akld34qf; C:\Windows\system32\drivers\akld34qf.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\Windows\system32\DRIVERS\s1018bus.sys [2008-11-04 86696]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1018mdfl.sys [2008-11-04 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1018mdm.sys [2008-11-04 114472]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1018mgmt.sys [2008-11-04 108328]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1018nd5.sys [2008-11-04 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1018obex.sys [2008-11-04 104616]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1018unic.sys [2008-11-04 109736]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-12-16 7408]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2009-09-24 169320]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2009-06-19 42472]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2009-06-19 79872]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2009-07-24 21608]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2009-08-05 61168]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2009-09-14 49400]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-01-30 203296]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2009-10-21 148848]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-06 136176]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------
Re: mrzne PC
Log je ok. Pokud nejsou problémy, je to vše
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.