
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
winfile.jpg - pre motji
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: winfile.jpg - pre motji
tak som tu...tu je link na ten virustotal
http://www.virustotal.com/analisis/12b2 ... 1239980789
http://www.virustotal.com/analisis/12b2 ... 1239980789
Re: winfile.jpg - pre motji
a tu je log z Combofix:
ComboFix 10-02-09.04 - Administrator . 02. 2010 16:50:20.4.1 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1279.975 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Dokumenty\Preberanie\ComboFix.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-10 do 2010-02-10 )))))))))))))))))))))))))))))))
.
2010-02-10 08:07 . 2010-02-10 08:07 -------- d-----w- C:\ba039d253938ac142b24d4
2010-02-09 21:42 . 2010-02-09 21:42 -------- d-----w- c:\program files\trend micro
2010-02-09 21:42 . 2010-02-09 21:42 -------- d-----w- C:\rsit
2010-02-09 20:28 . 2010-02-09 21:32 -------- d-----w- C:\UsbFix
2010-02-09 12:34 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\75352052.sys
2010-02-09 12:34 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\7535205.sys
2010-02-09 12:34 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\75352051.sys
2010-02-09 07:31 . 2010-02-09 07:31 -------- d-----w- c:\windows\ServicePackFiles
2010-02-09 07:22 . 2010-02-09 07:22 -------- d-----w- c:\program files\MSXML 4.0
2010-02-07 20:09 . 2010-02-09 18:24 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-07 17:15 . 2010-02-07 17:15 -------- d-----w- C:\e8017108cc3deb276a
2010-02-07 16:58 . 2010-02-07 17:03 -------- d-----w- C:\ee4a4a261e5ca29600642f5e256fed
2010-02-07 16:56 . 2010-02-07 17:18 -------- d-----w- c:\windows\SxsCaPendDel
2010-02-07 12:09 . 2010-02-07 12:09 -------- d-----w- C:\2eeb0e0543f0ba0a457a0d82e41232
2010-02-07 12:08 . 2010-02-07 12:08 -------- d-----w- C:\4234931c44bcdeb9d34c9a
2010-02-07 11:56 . 2010-02-07 11:56 -------- d-----w- C:\fb1195dc7ebe0691e6a19485
2010-02-07 11:23 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-07 11:23 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-07 11:23 . 2010-02-07 11:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-06 15:39 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-02-06 15:39 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-02-06 12:31 . 2010-02-06 12:31 -------- d-----w- c:\program files\CCleaner
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-09 07:27 . 2009-09-24 13:04 -------- d-----w- c:\program files\Common Files\Merge Modules
2010-02-09 06:40 . 2001-10-25 16:00 96358 ----a-w- c:\windows\system32\perfc005.dat
2010-02-09 06:40 . 2001-10-25 16:00 478362 ----a-w- c:\windows\system32\perfh005.dat
2010-01-24 18:18 . 2002-01-01 05:36 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-14 15:52 . 2009-01-03 10:52 -------- d-----w- c:\program files\Seznam DVD
2010-01-14 15:36 . 2009-01-03 10:50 -------- d-----w- c:\program files\ViViDVD Player 2.0
2010-01-11 13:24 . 2009-10-10 10:10 -------- d-----w- c:\program files\DivX
2010-01-07 13:10 . 2010-01-07 13:10 0 ----a-w- c:\windows\nsreg.dat
2010-01-05 14:29 . 2010-01-05 14:29 -------- d-----w- c:\program files\ShowMyPCService
2009-12-31 16:14 . 2004-08-03 23:14 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-28 20:45 . 2009-01-03 16:35 -------- d-----w- c:\program files\ICQ6.5
2009-12-26 17:28 . 2009-12-26 17:26 -------- d-----w- c:\program files\OpenSong
2009-12-17 08:00 . 2009-01-03 10:12 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:37 . 2004-08-17 15:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:28 . 2004-08-17 15:45 2059904 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-09 10:28 . 2004-08-17 15:45 2182528 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-04 14:41 . 2004-08-03 23:15 453760 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:35 . 2004-08-17 15:49 1293824 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:35 . 2004-08-17 15:49 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:40 . 2004-08-17 15:49 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:40 . 2004-08-17 15:49 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:40 . 2004-08-17 15:49 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:40 . 2001-10-25 16:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:40 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-21 16:46 . 2004-08-17 15:49 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NeroHomeFirstStart"="c:\program files\Common Files\Nero\Lib\NMFirstStart.exe" [2007-10-23 19240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"Lexmark 2200 Series"="c:\program files\Lexmark 2200 Series\lxbvbmgr.exe" [2004-02-13 57344]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^Timo^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
path=c:\documents and settings\Timo\Nabídka Start\Programy\Po spuštění\Stardock ObjectDock.lnk
backup=c:\windows\pss\Stardock ObjectDock.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-17 15:49 110592 ----a-w- c:\windows\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON]
2004-08-17 15:49 114688 ----a-w- c:\windows\system32\wscript.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2008-06-10 11:56 1406024 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 2200 Series]
2004-02-13 06:08 57344 ------w- c:\program files\Lexmark 2200 Series\lxbvbmgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
2009-01-03 11:13 26624 ----a-w- c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
2007-09-02 12:58 495616 ----a-w- c:\program files\RocketDock\RocketDock.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"RDSessMgr"=0 (0x0)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"NMIndexingService"=3 (0x3)
"Nero BackItUp Scheduler 3"=2 (0x2)
"LexBceS"=3 (0x3)
"iPod Service"=3 (0x3)
"gupdate1c998e5aaa3f7f1"=2 (0x2)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 75352052;75352052 Boot Guard Driver;c:\windows\system32\drivers\75352052.sys [9. 2. 2010 13:34 37392]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [25. 5. 2009 17:46 717296]
S1 75352051;75352051;c:\windows\system32\drivers\75352051.sys [9. 2. 2010 13:34 128016]
S1 setup_9.0.0.722_09.02.2010_11-25drv;setup_9.0.0.722_09.02.2010_11-25drv;c:\windows\system32\drivers\7535205.sys [9. 2. 2010 13:34 315408]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [4. 1. 2009 16:46 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [4. 1. 2009 16:46 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [4. 1. 2009 16:46 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [4. 1. 2009 16:46 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [4. 1. 2009 16:46 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [4. 1. 2009 16:46 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [4. 1. 2009 16:46 110120]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://home.sweetim.com
uInternet Connection Wizard,ShellNext = hxxp://home.sweetim.com/
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
DPF: {D7208880-9B7A-43E1-AABB-8C888A5704F9} - hxxp://87.197.6.203/NetCamPlayerWeb11gv2.cab
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\q5vro8y8.default\
FF - prefs.js: network.proxy.type - 2
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-10 16:59
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(576)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-02-10 17:01:46
ComboFix-quarantined-files.txt 2010-02-10 16:01
Před spuštěním: Volných bajtů: 45 535 252 480
Po spuštění: Volných bajtů: 45 578 362 880
- - End Of File - - A7F46AFEAFAC10B7D85BDC0DF960D0B1
ComboFix 10-02-09.04 - Administrator . 02. 2010 16:50:20.4.1 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1279.975 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Dokumenty\Preberanie\ComboFix.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-10 do 2010-02-10 )))))))))))))))))))))))))))))))
.
2010-02-10 08:07 . 2010-02-10 08:07 -------- d-----w- C:\ba039d253938ac142b24d4
2010-02-09 21:42 . 2010-02-09 21:42 -------- d-----w- c:\program files\trend micro
2010-02-09 21:42 . 2010-02-09 21:42 -------- d-----w- C:\rsit
2010-02-09 20:28 . 2010-02-09 21:32 -------- d-----w- C:\UsbFix
2010-02-09 12:34 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\75352052.sys
2010-02-09 12:34 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\7535205.sys
2010-02-09 12:34 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\75352051.sys
2010-02-09 07:31 . 2010-02-09 07:31 -------- d-----w- c:\windows\ServicePackFiles
2010-02-09 07:22 . 2010-02-09 07:22 -------- d-----w- c:\program files\MSXML 4.0
2010-02-07 20:09 . 2010-02-09 18:24 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-07 17:15 . 2010-02-07 17:15 -------- d-----w- C:\e8017108cc3deb276a
2010-02-07 16:58 . 2010-02-07 17:03 -------- d-----w- C:\ee4a4a261e5ca29600642f5e256fed
2010-02-07 16:56 . 2010-02-07 17:18 -------- d-----w- c:\windows\SxsCaPendDel
2010-02-07 12:09 . 2010-02-07 12:09 -------- d-----w- C:\2eeb0e0543f0ba0a457a0d82e41232
2010-02-07 12:08 . 2010-02-07 12:08 -------- d-----w- C:\4234931c44bcdeb9d34c9a
2010-02-07 11:56 . 2010-02-07 11:56 -------- d-----w- C:\fb1195dc7ebe0691e6a19485
2010-02-07 11:23 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-07 11:23 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-07 11:23 . 2010-02-07 11:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-06 15:39 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-02-06 15:39 . 2009-08-06 18:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-02-06 12:31 . 2010-02-06 12:31 -------- d-----w- c:\program files\CCleaner
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-09 07:27 . 2009-09-24 13:04 -------- d-----w- c:\program files\Common Files\Merge Modules
2010-02-09 06:40 . 2001-10-25 16:00 96358 ----a-w- c:\windows\system32\perfc005.dat
2010-02-09 06:40 . 2001-10-25 16:00 478362 ----a-w- c:\windows\system32\perfh005.dat
2010-01-24 18:18 . 2002-01-01 05:36 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-14 15:52 . 2009-01-03 10:52 -------- d-----w- c:\program files\Seznam DVD
2010-01-14 15:36 . 2009-01-03 10:50 -------- d-----w- c:\program files\ViViDVD Player 2.0
2010-01-11 13:24 . 2009-10-10 10:10 -------- d-----w- c:\program files\DivX
2010-01-07 13:10 . 2010-01-07 13:10 0 ----a-w- c:\windows\nsreg.dat
2010-01-05 14:29 . 2010-01-05 14:29 -------- d-----w- c:\program files\ShowMyPCService
2009-12-31 16:14 . 2004-08-03 23:14 352640 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-28 20:45 . 2009-01-03 16:35 -------- d-----w- c:\program files\ICQ6.5
2009-12-26 17:28 . 2009-12-26 17:26 -------- d-----w- c:\program files\OpenSong
2009-12-17 08:00 . 2009-01-03 10:12 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:37 . 2004-08-17 15:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:28 . 2004-08-17 15:45 2059904 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-09 10:28 . 2004-08-17 15:45 2182528 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-04 14:41 . 2004-08-03 23:15 453760 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:35 . 2004-08-17 15:49 1293824 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:35 . 2004-08-17 15:49 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:40 . 2004-08-17 15:49 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:40 . 2004-08-17 15:49 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:40 . 2004-08-17 15:49 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:40 . 2001-10-25 16:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:40 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-21 16:46 . 2004-08-17 15:49 470528 ----a-w- c:\windows\AppPatch\aclayers.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NeroHomeFirstStart"="c:\program files\Common Files\Nero\Lib\NMFirstStart.exe" [2007-10-23 19240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"Lexmark 2200 Series"="c:\program files\Lexmark 2200 Series\lxbvbmgr.exe" [2004-02-13 57344]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^Timo^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
path=c:\documents and settings\Timo\Nabídka Start\Programy\Po spuštění\Stardock ObjectDock.lnk
backup=c:\windows\pss\Stardock ObjectDock.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-17 15:49 110592 ----a-w- c:\windows\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON]
2004-08-17 15:49 114688 ----a-w- c:\windows\system32\wscript.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2008-06-10 11:56 1406024 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 2200 Series]
2004-02-13 06:08 57344 ------w- c:\program files\Lexmark 2200 Series\lxbvbmgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
2009-01-03 11:13 26624 ----a-w- c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
2007-09-02 12:58 495616 ----a-w- c:\program files\RocketDock\RocketDock.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"RDSessMgr"=0 (0x0)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"NMIndexingService"=3 (0x3)
"Nero BackItUp Scheduler 3"=2 (0x2)
"LexBceS"=3 (0x3)
"iPod Service"=3 (0x3)
"gupdate1c998e5aaa3f7f1"=2 (0x2)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R0 75352052;75352052 Boot Guard Driver;c:\windows\system32\drivers\75352052.sys [9. 2. 2010 13:34 37392]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [25. 5. 2009 17:46 717296]
S1 75352051;75352051;c:\windows\system32\drivers\75352051.sys [9. 2. 2010 13:34 128016]
S1 setup_9.0.0.722_09.02.2010_11-25drv;setup_9.0.0.722_09.02.2010_11-25drv;c:\windows\system32\drivers\7535205.sys [9. 2. 2010 13:34 315408]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [4. 1. 2009 16:46 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [4. 1. 2009 16:46 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [4. 1. 2009 16:46 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [4. 1. 2009 16:46 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [4. 1. 2009 16:46 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [4. 1. 2009 16:46 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [4. 1. 2009 16:46 110120]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
2010-01-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Doplňkový sken -------
.
mStart Page = hxxp://home.sweetim.com
uInternet Connection Wizard,ShellNext = hxxp://home.sweetim.com/
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
DPF: {D7208880-9B7A-43E1-AABB-8C888A5704F9} - hxxp://87.197.6.203/NetCamPlayerWeb11gv2.cab
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\q5vro8y8.default\
FF - prefs.js: network.proxy.type - 2
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-10 16:59
Windows 5.1.2600 Service Pack 2 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(576)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2010-02-10 17:01:46
ComboFix-quarantined-files.txt 2010-02-10 16:01
Před spuštěním: Volných bajtů: 45 535 252 480
Po spuštění: Volných bajtů: 45 578 362 880
- - End Of File - - A7F46AFEAFAC10B7D85BDC0DF960D0B1
Re: winfile.jpg - pre motji
Fajn, jak to vypadá s počítačem?
Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir
Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
Z mého podpisu stahněte Ccleaner
-nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner
záložka Registry
-klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy
udělat zálohu registrů - nemusíte
-kliknete opravit všechny problémy
ok
zavřít
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

Start >> Spustit zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

http://sweb.cz/Marinus/T-Cleaner.exe
-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

http://oldtimer.geekstogo.com/OTC.exe

-nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner
záložka Registry
-klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy

-kliknete opravit všechny problémy


Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data

Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: winfile.jpg - pre motji
neda sa mi tak odinstalovat combofix
Re: winfile.jpg - pre motji
Nevadí použijte T-cleaner
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data

Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: winfile.jpg - pre motji
okey vsetko som spravil a tu je posledny log :
Logfile of random's system information tool 1.06 (written by random/random)
Run by Timo at 2010-02-10 21:39:33
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 44 GB (57%) free of 76 GB
Total RAM: 1279 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:39:41, on 10. 2. 2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Timo\Plocha\RSIT.exe
C:\Program Files\trend micro\Timo.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zoznam.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: setup_9.0.0.722_09.02.2010_11-25.lnk = C:\Documents and Settings\Timo\Plocha\Virus Removal Tool\setup_9.0.0.722_09.02.2010_11-25\startup.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: ICQ Lite - {E59EB121-F339-4851-A3BA-FE49C35617C2} - ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {E59EB121-F339-4851-A3BA-FE49C35617C2} - ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D7208880-9B7A-43E1-AABB-8C888A5704F9} (NetCamPlayerWeb11gv2 Control) - http://87.197.6.203/NetCamPlayerWeb11gv2.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 6259 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-03 503808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-03 503808]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"Lexmark 2200 Series"=C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe [2004-02-13 57344]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON]
C:\WINDOWS\system32\wscript.exe [2004-08-17 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-06-10 1406024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 2200 Series]
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe [2004-02-13 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2009-01-03 26624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Timo^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
C:\PROGRA~1\Stardock\OBJECT~1\OBJECT~1.EXE [2007-04-25 3444008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"RDSessMgr"=0
"ose"=3
"odserv"=3
"NMIndexingService"=3
"Nero BackItUp Scheduler 3"=2
"LexBceS"=3
"iPod Service"=3
"gupdate1c998e5aaa3f7f1"=2
"Bonjour Service"=2
"Apple Mobile Device"=2
C:\Documents and Settings\Timo\Nabídka Start\Programy\Po spuštění
setup_9.0.0.722_09.02.2010_11-25.lnk - C:\Documents and Settings\Timo\Plocha\Virus Removal Tool\setup_9.0.0.722_09.02.2010_11-25\startup.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoInstrumentation"=0
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.1"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Disabled:Half-Life Launcher"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======File associations======
.scr - open -
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2010-02-10 21:39:34 ----D---- C:\Program Files\trend micro
2010-02-10 21:39:33 ----D---- C:\rsit
2010-02-10 17:21:02 ----SHD---- C:\RECYCLER
2010-02-10 17:01:48 ----D---- C:\WINDOWS\temp
2010-02-10 16:31:55 ----A---- C:\WINDOWS\ntbtlog.txt
2010-02-10 15:16:13 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-10 09:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 09:13:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 09:13:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 09:12:59 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 09:12:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 09:12:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 09:11:50 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 09:11:35 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 09:11:20 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-10 09:07:18 ----D---- C:\ba039d253938ac142b24d4
2010-02-10 09:07:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-10 09:06:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-10 09:06:33 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-02-10 08:57:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-10 08:42:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-02-10 08:41:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-10 08:36:37 ----A---- C:\WINDOWS\imsins.BAK
2010-02-10 08:36:04 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-02-10 08:31:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-09 21:59:52 ----A---- C:\UsbFix.txt
2010-02-09 21:28:56 ----D---- C:\UsbFix
2010-02-09 08:33:03 ----D---- C:\Config.Msi
2010-02-09 08:32:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-09 08:31:55 ----D---- C:\WINDOWS\ServicePackFiles
2010-02-09 08:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-02-09 08:25:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-09 08:24:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2010-02-09 08:22:33 ----D---- C:\Program Files\MSXML 4.0
2010-02-08 20:44:54 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-08 20:43:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-07 18:15:24 ----D---- C:\e8017108cc3deb276a
2010-02-07 17:58:27 ----D---- C:\ee4a4a261e5ca29600642f5e256fed
2010-02-07 17:56:33 ----D---- C:\WINDOWS\SxsCaPendDel
2010-02-07 13:09:00 ----D---- C:\2eeb0e0543f0ba0a457a0d82e41232
2010-02-07 13:08:30 ----D---- C:\4234931c44bcdeb9d34c9a
2010-02-07 12:56:17 ----D---- C:\fb1195dc7ebe0691e6a19485
2010-02-07 12:24:59 ----D---- C:\Documents and Settings\Timo\Data aplikací\Malwarebytes
2010-02-07 12:23:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-02-07 12:23:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-07 12:14:06 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-07 11:53:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-07 11:52:20 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-07 11:48:22 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-06 16:39:54 ----A---- C:\WINDOWS\system32\muweb.dll
2010-02-06 16:39:54 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-02-06 16:39:54 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-02-06 14:34:29 ----A---- C:\Boot.bak
2010-02-06 14:34:20 ----RASHD---- C:\cmdcons
2010-02-06 13:31:36 ----D---- C:\Program Files\CCleaner
======List of files/folders modified in the last 1 months======
2010-02-10 21:39:34 ----RD---- C:\Program Files
2010-02-10 21:38:02 ----D---- C:\Program Files\Mozilla Firefox
2010-02-10 21:34:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-10 21:28:49 ----D---- C:\WINDOWS\Minidump
2010-02-10 21:28:22 ----D---- C:\WINDOWS\system32\Restore
2010-02-10 21:28:20 ----D---- C:\WINDOWS
2010-02-10 21:20:52 ----SHD---- C:\System Volume Information
2010-02-10 19:02:40 ----D---- C:\WINDOWS\system32
2010-02-10 17:21:03 ----D---- C:\WINDOWS\Prefetch
2010-02-10 16:59:39 ----A---- C:\WINDOWS\system.ini
2010-02-10 16:57:27 ----D---- C:\WINDOWS\system32\drivers
2010-02-10 16:55:05 ----D---- C:\WINDOWS\AppPatch
2010-02-10 16:55:05 ----D---- C:\Program Files\Common Files
2010-02-10 15:52:12 ----D---- C:\Documents and Settings\Timo\Data aplikací\MxBoost
2010-02-10 15:16:20 ----HD---- C:\WINDOWS\inf
2010-02-10 15:16:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-10 15:16:09 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-10 15:15:59 ----SHD---- C:\WINDOWS\Installer
2010-02-10 15:15:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-10 09:07:08 ----D---- C:\Program Files\Outlook Express
2010-02-10 09:06:50 ----D---- C:\WINDOWS\Microsoft.NET
2010-02-10 08:57:17 ----RSD---- C:\WINDOWS\assembly
2010-02-10 08:55:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-09 22:02:19 ----A---- C:\WINDOWS\WINCMD.INI
2010-02-09 13:31:53 ----D---- C:\WINDOWS\Debug
2010-02-09 12:35:27 ----D---- C:\WINDOWS\system32\config
2010-02-09 12:14:34 ----D---- C:\WINDOWS\system32\Setup
2010-02-09 08:27:52 ----D---- C:\Program Files\Common Files\Merge Modules
2010-02-09 08:22:33 ----D---- C:\WINDOWS\WinSxS
2010-02-09 07:39:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-07 18:09:36 ----D---- C:\WINDOWS\system32\XPSViewer
2010-02-07 18:09:18 ----D---- C:\WINDOWS\system32\en-us
2010-02-07 18:08:49 ----RSD---- C:\WINDOWS\Fonts
2010-02-07 17:41:21 ----D---- C:\Program Files\Internet Explorer
2010-02-06 18:49:31 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-06 18:48:06 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-02-06 16:39:46 ----D---- C:\WINDOWS\Help
2010-02-06 14:34:29 ----RASH---- C:\boot.ini
2010-02-06 13:49:25 ----D---- C:\Documents and Settings\Timo\Data aplikací\Mozilla
2010-02-03 18:58:10 ----D---- C:\Documents and Settings\Timo\Data aplikací\Skype
2010-02-03 18:43:10 ----D---- C:\Documents and Settings\Timo\Data aplikací\skypePM
2010-01-24 19:18:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-01-24 19:18:11 ----D---- C:\Program Files\Common Files\Adobe
2010-01-24 15:47:40 ----D---- C:\Documents and Settings
2010-01-22 14:09:37 ----D---- C:\WINDOWS\system32\NtmsData
2010-01-20 22:26:38 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-14 16:53:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hagel Technologies
2010-01-14 16:52:17 ----D---- C:\Program Files\Seznam DVD
2010-01-14 16:36:00 ----D---- C:\Program Files\ViViDVD Player 2.0
2010-01-11 15:20:06 ----SD---- C:\WINDOWS\Tasks
2010-01-11 14:24:11 ----D---- C:\Program Files\DivX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2009-01-03 10368]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2008-12-04 27784]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 75352051;75352051; C:\WINDOWS\system32\DRIVERS\75352051.sys [2009-09-25 128016]
S1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-17 41216]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S1 setup_9.0.0.722_09.02.2010_11-25drv;setup_9.0.0.722_09.02.2010_11-25drv; C:\WINDOWS\system32\DRIVERS\7535205.sys [2009-10-09 315408]
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-04-14 25280]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-17 25600]
S3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2008-06-09 18504]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
S3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2003-12-23 40704]
S3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2003-12-23 316672]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s3017bus.sys [2007-12-10 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS); C:\WINDOWS\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s3017obex.sys [2007-12-10 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\WINDOWS\system32\DRIVERS\s3017unic.sys [2007-12-10 110120]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC301b;USB WEBCAM; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-03-03 90534]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-05-25 717296]
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-17 73344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe []
S4 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2004-01-14 311296]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2007-11-07 3004416]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
-----------------EOF-----------------
Logfile of random's system information tool 1.06 (written by random/random)
Run by Timo at 2010-02-10 21:39:33
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 44 GB (57%) free of 76 GB
Total RAM: 1279 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:39:41, on 10. 2. 2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Timo\Plocha\RSIT.exe
C:\Program Files\trend micro\Timo.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zoznam.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: setup_9.0.0.722_09.02.2010_11-25.lnk = C:\Documents and Settings\Timo\Plocha\Virus Removal Tool\setup_9.0.0.722_09.02.2010_11-25\startup.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: ICQ Lite - {E59EB121-F339-4851-A3BA-FE49C35617C2} - ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {E59EB121-F339-4851-A3BA-FE49C35617C2} - ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D7208880-9B7A-43E1-AABB-8C888A5704F9} (NetCamPlayerWeb11gv2 Control) - http://87.197.6.203/NetCamPlayerWeb11gv2.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 6259 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-03 503808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2009-01-03 503808]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"Lexmark 2200 Series"=C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe [2004-02-13 57344]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON]
C:\WINDOWS\system32\wscript.exe [2004-08-17 114688]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2008-06-10 1406024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 2200 Series]
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe [2004-02-13 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2009-01-03 26624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock]
C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Timo^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
C:\PROGRA~1\Stardock\OBJECT~1\OBJECT~1.EXE [2007-04-25 3444008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"RDSessMgr"=0
"ose"=3
"odserv"=3
"NMIndexingService"=3
"Nero BackItUp Scheduler 3"=2
"LexBceS"=3
"iPod Service"=3
"gupdate1c998e5aaa3f7f1"=2
"Bonjour Service"=2
"Apple Mobile Device"=2
C:\Documents and Settings\Timo\Nabídka Start\Programy\Po spuštění
setup_9.0.0.722_09.02.2010_11-25.lnk - C:\Documents and Settings\Timo\Plocha\Virus Removal Tool\setup_9.0.0.722_09.02.2010_11-25\startup.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoInstrumentation"=0
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe"="C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe:*:Enabled:Sony Ericsson Media Manager 1.1"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Disabled:Half-Life Launcher"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======File associations======
.scr - open -
.scr - install -
.scr - config -
======List of files/folders created in the last 1 months======
2010-02-10 21:39:34 ----D---- C:\Program Files\trend micro
2010-02-10 21:39:33 ----D---- C:\rsit
2010-02-10 17:21:02 ----SHD---- C:\RECYCLER
2010-02-10 17:01:48 ----D---- C:\WINDOWS\temp
2010-02-10 16:31:55 ----A---- C:\WINDOWS\ntbtlog.txt
2010-02-10 15:16:13 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-10 09:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 09:13:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 09:13:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 09:12:59 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 09:12:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 09:12:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 09:11:50 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 09:11:35 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 09:11:20 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-10 09:07:18 ----D---- C:\ba039d253938ac142b24d4
2010-02-10 09:07:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-10 09:06:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-10 09:06:33 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-02-10 08:57:50 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-10 08:42:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-02-10 08:41:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-10 08:36:37 ----A---- C:\WINDOWS\imsins.BAK
2010-02-10 08:36:04 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-02-10 08:31:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-09 21:59:52 ----A---- C:\UsbFix.txt
2010-02-09 21:28:56 ----D---- C:\UsbFix
2010-02-09 08:33:03 ----D---- C:\Config.Msi
2010-02-09 08:32:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-09 08:31:55 ----D---- C:\WINDOWS\ServicePackFiles
2010-02-09 08:31:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-02-09 08:25:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-09 08:24:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2010-02-09 08:22:33 ----D---- C:\Program Files\MSXML 4.0
2010-02-08 20:44:54 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-08 20:43:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-07 18:15:24 ----D---- C:\e8017108cc3deb276a
2010-02-07 17:58:27 ----D---- C:\ee4a4a261e5ca29600642f5e256fed
2010-02-07 17:56:33 ----D---- C:\WINDOWS\SxsCaPendDel
2010-02-07 13:09:00 ----D---- C:\2eeb0e0543f0ba0a457a0d82e41232
2010-02-07 13:08:30 ----D---- C:\4234931c44bcdeb9d34c9a
2010-02-07 12:56:17 ----D---- C:\fb1195dc7ebe0691e6a19485
2010-02-07 12:24:59 ----D---- C:\Documents and Settings\Timo\Data aplikací\Malwarebytes
2010-02-07 12:23:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-02-07 12:23:02 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-07 12:14:06 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-07 11:53:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-07 11:52:20 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-07 11:48:22 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-06 16:39:54 ----A---- C:\WINDOWS\system32\muweb.dll
2010-02-06 16:39:54 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-02-06 16:39:54 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-02-06 14:34:29 ----A---- C:\Boot.bak
2010-02-06 14:34:20 ----RASHD---- C:\cmdcons
2010-02-06 13:31:36 ----D---- C:\Program Files\CCleaner
======List of files/folders modified in the last 1 months======
2010-02-10 21:39:34 ----RD---- C:\Program Files
2010-02-10 21:38:02 ----D---- C:\Program Files\Mozilla Firefox
2010-02-10 21:34:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-10 21:28:49 ----D---- C:\WINDOWS\Minidump
2010-02-10 21:28:22 ----D---- C:\WINDOWS\system32\Restore
2010-02-10 21:28:20 ----D---- C:\WINDOWS
2010-02-10 21:20:52 ----SHD---- C:\System Volume Information
2010-02-10 19:02:40 ----D---- C:\WINDOWS\system32
2010-02-10 17:21:03 ----D---- C:\WINDOWS\Prefetch
2010-02-10 16:59:39 ----A---- C:\WINDOWS\system.ini
2010-02-10 16:57:27 ----D---- C:\WINDOWS\system32\drivers
2010-02-10 16:55:05 ----D---- C:\WINDOWS\AppPatch
2010-02-10 16:55:05 ----D---- C:\Program Files\Common Files
2010-02-10 15:52:12 ----D---- C:\Documents and Settings\Timo\Data aplikací\MxBoost
2010-02-10 15:16:20 ----HD---- C:\WINDOWS\inf
2010-02-10 15:16:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-10 15:16:09 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-10 15:15:59 ----SHD---- C:\WINDOWS\Installer
2010-02-10 15:15:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-10 09:07:08 ----D---- C:\Program Files\Outlook Express
2010-02-10 09:06:50 ----D---- C:\WINDOWS\Microsoft.NET
2010-02-10 08:57:17 ----RSD---- C:\WINDOWS\assembly
2010-02-10 08:55:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-09 22:02:19 ----A---- C:\WINDOWS\WINCMD.INI
2010-02-09 13:31:53 ----D---- C:\WINDOWS\Debug
2010-02-09 12:35:27 ----D---- C:\WINDOWS\system32\config
2010-02-09 12:14:34 ----D---- C:\WINDOWS\system32\Setup
2010-02-09 08:27:52 ----D---- C:\Program Files\Common Files\Merge Modules
2010-02-09 08:22:33 ----D---- C:\WINDOWS\WinSxS
2010-02-09 07:39:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-07 18:09:36 ----D---- C:\WINDOWS\system32\XPSViewer
2010-02-07 18:09:18 ----D---- C:\WINDOWS\system32\en-us
2010-02-07 18:08:49 ----RSD---- C:\WINDOWS\Fonts
2010-02-07 17:41:21 ----D---- C:\Program Files\Internet Explorer
2010-02-06 18:49:31 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-06 18:48:06 ----D---- C:\WINDOWS\system32\CatRoot_bak
2010-02-06 16:39:46 ----D---- C:\WINDOWS\Help
2010-02-06 14:34:29 ----RASH---- C:\boot.ini
2010-02-06 13:49:25 ----D---- C:\Documents and Settings\Timo\Data aplikací\Mozilla
2010-02-03 18:58:10 ----D---- C:\Documents and Settings\Timo\Data aplikací\Skype
2010-02-03 18:43:10 ----D---- C:\Documents and Settings\Timo\Data aplikací\skypePM
2010-01-24 19:18:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-01-24 19:18:11 ----D---- C:\Program Files\Common Files\Adobe
2010-01-24 15:47:40 ----D---- C:\Documents and Settings
2010-01-22 14:09:37 ----D---- C:\WINDOWS\system32\NtmsData
2010-01-20 22:26:38 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-14 16:53:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hagel Technologies
2010-01-14 16:52:17 ----D---- C:\Program Files\Seznam DVD
2010-01-14 16:36:00 ----D---- C:\Program Files\ViViDVD Player 2.0
2010-01-11 15:20:06 ----SD---- C:\WINDOWS\Tasks
2010-01-11 14:24:11 ----D---- C:\Program Files\DivX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2002-11-27 80896]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2009-01-03 10368]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2008-12-04 27784]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S1 75352051;75352051; C:\WINDOWS\system32\DRIVERS\75352051.sys [2009-09-25 128016]
S1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-17 41216]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S1 setup_9.0.0.722_09.02.2010_11-25drv;setup_9.0.0.722_09.02.2010_11-25drv; C:\WINDOWS\system32\DRIVERS\7535205.sys [2009-10-09 315408]
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-04-14 25280]
S3 HidBth;Miniport Bluetooth HID Microsoft; C:\WINDOWS\system32\DRIVERS\hidbth.sys [2004-08-17 25600]
S3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2008-06-09 18504]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
S3 nvax;Service for NVIDIA(R) nForce(TM) Audio Enumerator; C:\WINDOWS\system32\drivers\nvax.sys [2003-12-23 40704]
S3 nvnforce;Service for NVIDIA(R) nForce(TM) Audio; C:\WINDOWS\system32\drivers\nvapu.sys [2003-12-23 316672]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM); C:\WINDOWS\system32\DRIVERS\s3017bus.sys [2007-12-10 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS); C:\WINDOWS\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s3017obex.sys [2007-12-10 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM); C:\WINDOWS\system32\DRIVERS\s3017unic.sys [2007-12-10 110120]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZSMC301b;USB WEBCAM; C:\WINDOWS\System32\Drivers\usbVM31b.sys [2004-03-03 90534]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-05-25 717296]
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2004-08-17 73344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe []
S4 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2004-01-14 311296]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2007-11-07 3004416]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
-----------------EOF-----------------
Re: winfile.jpg - pre motji

Kód: Vybrat vše
REGEDIT4
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.

C:\UsbFix.txt
C:\UsbFix

Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data

Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: winfile.jpg - pre motji
no mam to...dufam ze to uz bude v poriadku...uz by nemal byt ziadny vir na USB?je to vsetko?
Re: winfile.jpg - pre motji
Neměl by tam žádný být.
Nevidím antivir a firewall, doinstalujte.
Kdyby byli problémy, ozvěte se
Nevidím antivir a firewall, doinstalujte.
Kdyby byli problémy, ozvěte se

Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data

Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: winfile.jpg - pre motji
super...ano nainstalujem WIN7 a dam tam antivir atd... 
dakujem velmi pekne a ked by bol problem ozvem sa...diki moc

dakujem velmi pekne a ked by bol problem ozvem sa...diki moc

Re: winfile.jpg - pre motji
Není zač 

Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data

Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.