Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Bubenak
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 27 črc 2010 14:30

Prosím o kontrolu logu

#1 Příspěvek od Bubenak »

Prosím o kontrolu logu , AVG mi nahlásil trojský kůň ale už nevím na jakém to bylo přesně souboru, hadam neco jako snshas21.dll tak sem googlil a zkusil nějak problém odstranit a asi se povedlo ale přesto bych byl rád kdyby jste mi můj log překontrolovaly,
Děkuji


Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2010-07-27 15:27:06
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 22 GB (43%) free of 50 GB
Total RAM: 2047 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:32:49, on 27.7.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG9\avgtray.exe
D:\Programy\PowerISO\PWRISOVM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ICQ7.1\ICQ.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\Plocha\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/skins7/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.arbo.bbelements.com/please/re ... 5/80358_11_?
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Programy\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RGSC] D:\Hry\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.1\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [UpdateMyDrivers] C:\Program Files\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe -t
O4 - HKCU\..\Run: [XA5RJ9EADJ] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Xmh.exe
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /I "C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MST" WISE_SETUP_EXE_PATH="E:\Driver\PhysX\PhysX_setup.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 7372 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Automatic troubleshooting.job
C:\WINDOWS\tasks\WGASetup.job
C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-23 1619296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-20 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-20 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-04-12 1018616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-10-16 18782720]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-23 2065760]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]
"PWRISOVM.EXE"=D:\Programy\PowerISO\PWRISOVM.EXE [2009-03-15 180224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"RGSC"=D:\Hry\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
"ICQ"=C:\Program Files\ICQ7.1\ICQ.exe [2010-06-08 133368]
"UpdateMyDrivers"=C:\Program Files\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe [2010-07-22 4376968]
"XA5RJ9EADJ"=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Xmh.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"=MSIEXEC /I C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MSI TRANSFORMS=C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MST WISE_SETUP_EXE_PATH=E:\Driver\PhysX\PhysX_setup.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
C:\WINDOWS\system32\avgrsstx.dll [2010-07-23 12536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\AVG\AVG9\avgemc.exe"="C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Hry\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe"="D:\Hry\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Hry\Burnout Paradise Install\BurnoutLauncher.exe"="D:\Hry\Burnout Paradise Install\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\Hry\Burnout Paradise Install\BurnoutConfigTool.exe"="D:\Hry\Burnout Paradise Install\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\Hry\Burnout Paradise Install\BurnoutParadise.exe"="D:\Hry\Burnout Paradise Install\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"D:\Programy\uTorrent\uTorrent.exe"="D:\Programy\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"F:\Hry\GTA 4\Grand Theft Auto IV\LaunchGTAIV.exe"="F:\Hry\GTA 4\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"F:\Hry\GTA 4\Grand Theft Auto IV\GTAIV.exe"="F:\Hry\GTA 4\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"F:\Hry\Assassin's creed 2\AssassinsCreedIIGame.exe"="F:\Hry\Assassin's creed 2\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"F:\Hry\Assassin's creed 2\AssassinsCreedII.exe"="F:\Hry\Assassin's creed 2\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"F:\Hry\Assassin's creed 2\UPlayBrowser.exe"="F:\Hry\Assassin's creed 2\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"
"F:\Hry\Split Second\SplitSecond.exe"="F:\Hry\Split Second\SplitSecond.exe:*:Enabled:Split/Second"
"D:\Hry\Call Of Duty 2\CoD2MP_s.exe"="D:\Hry\Call Of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"F:\Hry\Blur\Blur.exe"="F:\Hry\Blur\Blur.exe:*:Enabled:Blur"
"F:\Hry\Tom Clancys Splinter Cell Conviction\src\system\conviction_game.exe"="F:\Hry\Tom Clancys Splinter Cell Conviction\src\system\conviction_game.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction"
"F:\Hry\Tom Clancys Splinter Cell Conviction\src\system\gu.exe"="F:\Hry\Tom Clancys Splinter Cell Conviction\src\system\gu.exe:*:Enabled:Tom Clancy's Splinter Cell Conviction Update"
"F:\Programy\TrackMania Nations ESWC\TmNationsESWC.exe"="F:\Programy\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"F:\Hry\TmNationsForever\TmForever.exe"="F:\Hry\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"F:\Hry\TrackMania United\TmUnited.exe"="F:\Hry\TrackMania United\TmUnited.exe:*:Enabled:TmUnited"
"D:\Hry\TmUnitedForever\TmForever.exe"="D:\Hry\TmUnitedForever\TmForever.exe:*:Enabled:TmForever"
"F:\Hry\Test Drive Unlimited Install\[PC] Test Drive Unlimited [PROPER] [RIP] [dopeman]\TDU\TestDriveUnlimited.exe"="F:\Hry\Test Drive Unlimited Install\[PC] Test Drive Unlimited [PROPER] [RIP] [dopeman]\TDU\TestDriveUnlimited.exe:*:Enabled:Test Drive Unlimited"
"C:\Documents and Settings\Administrator\Plocha\GTA LIBERTY CIYT\gta iv episodes from liberty city\EFLC\EFLC.exe"="C:\Documents and Settings\Administrator\Plocha\GTA LIBERTY CIYT\gta iv episodes from liberty city\EFLC\EFLC.exe:*:Enabled:Grand Theft Auto : Episodes from Liberty City"
"F:\Hry\Prince Of Persia The Forgotten Sands\Prince of Persia Zapomenuté písky\Prince of Persia.exe"="F:\Hry\Prince Of Persia The Forgotten Sands\Prince of Persia Zapomenuté písky\Prince of Persia.exe:*:Enabled:Prince of Persia Zapomenuté písky"
"F:\Hry\Prince Of Persia The Forgotten Sands\Prince of Persia Zapomenuté písky\GameSettings.exe"="F:\Hry\Prince Of Persia The Forgotten Sands\Prince of Persia Zapomenuté písky\GameSettings.exe:*:Enabled:Prince of Persia Zapomenuté písky Settings"
"F:\Hry\Prince Of Persia The Forgotten Sands\Prince of Persia Zapomenuté písky\gu.exe"="F:\Hry\Prince Of Persia The Forgotten Sands\Prince of Persia Zapomenuté písky\gu.exe:*:Enabled:Prince of Persia Zapomenuté písky Update"
"F:\Hry\Prince Of Persia The Forgotten Sands\Prince of Persia Zapomenuté písky\UPlayBrowser.exe"="F:\Hry\Prince Of Persia The Forgotten Sands\Prince of Persia Zapomenuté písky\UPlayBrowser.exe:*:Enabled:Prince of Persia Zapomenuté písky UPlay"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-07-27 15:27:06 ----D---- C:\rsit
2010-07-27 15:27:06 ----D---- C:\Program Files\trend micro
2010-07-27 15:16:23 ----D---- C:\_OTM
2010-07-25 17:01:16 ----A---- C:\WINDOWS\Xfywaa.exe
2010-07-25 17:01:10 ----A---- C:\WINDOWS\system32\sshnas21.dll
2010-07-25 16:05:16 ----D---- C:\NVIDIA
2010-07-25 15:42:26 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{7108AEAC-32CF-444E-B0C6-55E51DD8B67A}
2010-07-25 15:42:25 ----D---- C:\Program Files\SmartTweak Software
2010-07-25 15:36:45 ----SHD---- C:\Documents and Settings\All Users\Data aplikací\SecuROM
2010-07-25 15:28:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-07-25 15:28:15 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-07-25 15:28:11 ----HDC---- C:\WINDOWS\$NtUninstallKB938759$
2010-07-24 17:27:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\Test Drive Unlimited
2010-07-23 11:24:21 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2010-07-04 21:06:09 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-07-02 19:50:11 ----D---- C:\WINDOWS\system32\appmgmt
2010-07-02 17:37:44 ----RHD---- C:\Documents and Settings\Administrator\Data aplikací\SecuROM
2010-07-01 19:44:13 ----A---- C:\WINDOWS\system32\ptpusd.dll
2010-07-01 19:44:13 ----A---- C:\WINDOWS\system32\ptpusb.dll
2010-07-01 19:44:12 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys

======List of files/folders modified in the last 1 months======

2010-07-27 15:27:18 ----D---- C:\WINDOWS\Prefetch
2010-07-27 15:27:06 ----RD---- C:\Program Files
2010-07-27 15:24:32 ----D---- C:\WINDOWS\system32
2010-07-27 15:24:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-27 15:23:30 ----D---- C:\WINDOWS\Temp
2010-07-27 15:18:06 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-27 15:17:59 ----D---- C:\WINDOWS
2010-07-27 15:17:24 ----SD---- C:\WINDOWS\Tasks
2010-07-27 13:32:24 ----D---- C:\WINDOWS\system32\drivers\Avg
2010-07-25 22:46:15 ----D---- C:\WINDOWS\system32\DirectX
2010-07-25 22:46:13 ----HD---- C:\WINDOWS\inf
2010-07-25 22:45:47 ----RSD---- C:\WINDOWS\assembly
2010-07-25 22:42:50 ----D---- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2010-07-25 22:41:24 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-25 16:08:09 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-25 15:42:26 ----SHD---- C:\WINDOWS\Installer
2010-07-25 15:38:47 ----D---- C:\Program Files\Mozilla Firefox
2010-07-25 15:28:35 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-25 15:28:35 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-25 15:21:16 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2010-07-25 11:53:22 ----D---- C:\Program Files\NVIDIA Corporation
2010-07-25 11:53:22 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-07-25 11:51:40 ----D---- C:\WINDOWS\WinSxS
2010-07-23 11:24:35 ----D---- C:\WINDOWS\system32\drivers
2010-07-05 11:47:58 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ICQ
2010-07-05 11:29:42 ----D---- C:\WINDOWS\SxsCaPendDel
2010-07-04 22:03:07 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-07-04 21:06:45 ----D---- C:\Program Files\Adobe
2010-07-04 21:06:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-07-04 21:06:09 ----D---- C:\Program Files\Common Files
2010-07-02 13:16:49 ----D---- C:\WINDOWS\system32\Restore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-11-03 63488]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-27 691696]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2010-07-18 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2010-07-23 29584]
R1 AvgTdiX;AVG Free Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2010-07-18 243024]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-06-13 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-06-13 25888]
R3 AtcL002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l251x86.sys [2007-07-03 29696]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-10-28 5937152]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-28 7655872]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 avjidvli;avjidvli; C:\WINDOWS\system32\drivers\avjidvli.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avg9emc;AVG Free E-mail Scanner; C:\Program Files\AVG\AVG9\avgemc.exe [2010-07-23 921952]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-23 308136]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-04-12 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-20 153376]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-05-27 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-07-04 214520]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-10-30 1021256]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-05-21 435016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#2 Příspěvek od Rudy »

Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Bubenak
Návštěvník
Návštěvník
Příspěvky: 69
Registrován: 27 črc 2010 14:30

Re: Prosím o kontrolu logu

#3 Příspěvek od Bubenak »

Zde je váš požadovaný log z ComboFix

ComboFix 10-07-26.04 - Administrator 27.07.2010 17:02:47.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1620 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\1029\dwintl.dll
c:\windows\system32\sshnas21.dll
c:\windows\Xfywaa.exe
F:\install.exe
c:\windows\system32\1029 . . . . nemohl být smazán

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-27 do 2010-07-27 )))))))))))))))))))))))))))))))
.

2010-07-27 13:27 . 2010-07-27 13:32 -------- d-----w- C:\rsit
2010-07-27 13:27 . 2010-07-27 13:32 -------- d-----w- c:\program files\trend micro
2010-07-27 13:16 . 2010-07-27 13:16 -------- d-----w- C:\_OTM
2010-07-25 14:05 . 2010-07-25 14:05 -------- d-----w- C:\NVIDIA
2010-07-25 13:42 . 2010-07-25 13:42 -------- d-----w- c:\program files\SmartTweak Software
2010-07-25 13:27 . 2008-11-13 14:20 602624 -c----w- c:\windows\system32\dllcache\crypt32.dll
2010-07-23 09:24 . 2010-07-23 09:24 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-04 19:06 . 2010-07-04 19:06 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-07-01 17:44 . 2008-04-14 06:51 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-07-01 17:44 . 2001-10-24 10:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-07-01 17:44 . 2008-04-13 22:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-07-01 17:44 . 2008-04-13 22:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-27 15:07 . 2001-10-25 12:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-07-27 15:07 . 2001-10-25 12:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-07-25 20:41 . 2010-05-20 13:24 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-25 13:21 . 2010-05-21 22:52 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-07-25 09:53 . 2010-05-20 13:29 -------- d-----w- c:\program files\NVIDIA Corporation
2010-07-25 09:53 . 2010-05-20 13:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-07-23 09:24 . 2010-05-20 13:35 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-07-18 18:44 . 2010-05-20 13:35 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-18 18:44 . 2010-05-20 13:35 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-04 20:03 . 2010-05-27 20:32 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-07-04 20:03 . 2010-05-27 20:31 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-13 14:06 . 2010-06-13 14:06 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-06-13 14:06 . 2010-06-13 14:06 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2010-06-11 20:10 . 2010-06-11 20:10 -------- d-----w- c:\program files\Pythagoras s.r.o
2010-06-10 14:06 . 2010-06-10 14:06 -------- d-----w- c:\program files\ICQ6Toolbar
2010-06-10 14:05 . 2010-05-20 13:47 -------- d-----w- c:\program files\ICQ7.1
2010-05-27 20:31 . 2010-05-27 20:31 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-05-27 10:17 . 2010-05-27 10:00 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-05-22 19:15 . 2010-05-22 19:15 1196 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-05-21 23:10 . 2010-05-20 12:57 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-05-21 23:10 . 2010-05-20 12:57 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-05-21 23:09 . 2010-05-20 12:57 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-05-21 22:55 . 2010-05-21 22:55 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-05-21 13:08 . 2010-05-21 13:08 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2010-05-20 13:44 . 2010-05-20 13:44 0 ----a-w- c:\windows\nsreg.dat
2010-05-20 13:40 . 2010-05-20 13:40 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-20 12:54 . 2010-05-20 12:54 21812 ----a-w- c:\windows\system32\emptyregdb.dat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RGSC"="d:\hry\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
"ICQ"="c:\program files\ICQ7.1\ICQ.exe" [2010-06-08 133368]
"UpdateMyDrivers"="c:\program files\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe" [2010-07-22 4376968]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"="MSIEXEC" [X]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-10-16 18782720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-23 2065760]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"PWRISOVM.EXE"="d:\programy\PowerISO\PWRISOVM.EXE" [2009-03-15 180224]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-23 09:24 12536 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"ICQ"="c:\program files\ICQ7.1\ICQ.exe" silent loginmode=4
"DAEMON Tools Lite"="f:\programy\Daemon Tools\DAEMON Tools Lite\DTLite.exe" -autorun
"RGSC"=d:\hry\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent
"Steam"="f:\programy\Steam\Steam.exe" -silent

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PWRISOVM.EXE"=d:\programy\PowerISO\PWRISOVM.EXE
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Hry\\GTA 4\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Hry\\Burnout Paradise Install\\BurnoutLauncher.exe"=
"d:\\Hry\\Burnout Paradise Install\\BurnoutConfigTool.exe"=
"d:\\Hry\\Burnout Paradise Install\\BurnoutParadise.exe"=
"d:\\Programy\\uTorrent\\uTorrent.exe"=
"f:\\Hry\\GTA 4\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"f:\\Hry\\GTA 4\\Grand Theft Auto IV\\GTAIV.exe"=
"f:\\Hry\\Assassin's creed 2\\AssassinsCreedIIGame.exe"=
"f:\\Hry\\Assassin's creed 2\\AssassinsCreedII.exe"=
"f:\\Hry\\Assassin's creed 2\\UPlayBrowser.exe"=
"f:\\Hry\\Split Second\\SplitSecond.exe"=
"d:\\Hry\\Call Of Duty 2\\CoD2MP_s.exe"=
"f:\\Hry\\Blur\\Blur.exe"=
"f:\\Hry\\Tom Clancys Splinter Cell Conviction\\src\\system\\conviction_game.exe"=
"f:\\Hry\\Tom Clancys Splinter Cell Conviction\\src\\system\\gu.exe"=
"f:\\Programy\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"f:\\Hry\\TmNationsForever\\TmForever.exe"=
"f:\\Hry\\TrackMania United\\TmUnited.exe"=
"d:\\Hry\\TmUnitedForever\\TmForever.exe"=
"f:\\Hry\\Test Drive Unlimited Install\\[PC] Test Drive Unlimited [PROPER] [RIP] [dopeman]\\TDU\\TestDriveUnlimited.exe"=
"f:\\Hry\\Prince Of Persia The Forgotten Sands\\Prince of Persia Zapomenuté písky\\Prince of Persia.exe"=
"f:\\Hry\\Prince Of Persia The Forgotten Sands\\Prince of Persia Zapomenuté písky\\GameSettings.exe"=
"f:\\Hry\\Prince Of Persia The Forgotten Sands\\Prince of Persia Zapomenuté písky\\gu.exe"=
"f:\\Hry\\Prince Of Persia The Forgotten Sands\\Prince of Persia Zapomenuté písky\\UPlayBrowser.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [20.5.2010 15:35 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [20.5.2010 15:35 243024]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [23.7.2010 11:23 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [23.7.2010 11:24 308136]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [10.6.2010 16:06 246520]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 15:05 1021256]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [20.5.2010 15:25 1684736]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.5.2010 12:00 691696]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-07-27 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2009-10-30 13:12]

2010-07-27 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-05-22 20:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/skins7/
uInternet Connection Wizard,ShellNext = hxxp://go.arbo.bbelements.com/please/redirect/8741/4/2/6/!uwi=1280;uhe=720;uce=1;param=111905/80358_11_?
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\qmvmtwma.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=skins7&tb_ver=2.0.0.2&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-27 17:06
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-789336058-839522115-725345543-500\Software\SecuROM\License information*]
"datasecu"=hex:36,0f,48,85,36,81,4c,ed,b7,19,1c,9b,89,ab,f7,33,65,2b,10,1c,b6,
5c,9d,fd,01,fb,23,3c,da,d4,2b,a3,8c,a0,30,b8,c5,f6,10,0d,2e,f1,7c,e8,aa,59,\
"rkeysecu"=hex:3d,00,1c,cb,29,84,03,05,ef,09,23,cd,58,ce,19,66
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(3776)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\RTHDCPL.EXE
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\AVG\AVG9\avgupd.exe
.
**************************************************************************
.
Celkový čas: 2010-07-27 17:08:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-27 15:08

Před spuštěním: Volných bajtů: 22 647 119 872
Po spuštění: Volných bajtů: 22 607 921 152

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /TUTag=17IB6Z noguiboot
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional (TuneUp Backup)" /noexecute=optin /fastdetect /TUTag=17IB6Z-BAK

- - End Of File - - 371800F15CC7FC123471D5CE6A90C032
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119418
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#4 Příspěvek od Rudy »

4 položky byly smazány, zbytek logu vypadá čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“