Dobry den prosim o kontrolou logu, pocitac je celkove zpomaleny asi o polovinu a priblizne po peti minutach zamrzne, lze hybat jen mysi.
Jeste bych zapomnel, poustel jsem na to antivirak Avast a ten mi vyjel nejaky viry v c:/user/asus/appdata/local
Logfile of random's system information tool 1.08 (written by random/random)
Run by Asus at 2010-12-06 18:34:54
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 142 GB (60%) free of 238 GB
Total RAM: 3582 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:35:08, on 6.12.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\taskeng.exe
C:\Program files\P4G\BatteryLife.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\FaceSmooch Toolbar\update_checker.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Users\Asus\AppData\Roaming\Microsoft\joomaquoo.exe
C:\Users\Asus\wuaucldt.exe
C:\Program Files\ICQ7.2\ICQ.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Users\Public\nvsvc32.exe
C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe
C:\Users\Asus\AppData\Local\Temp\BN11EB.tmp
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\Asus\Downloads\RSIT (2).exe
C:\Program Files\trend micro\Asus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/sm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/facesmooch/{D ... B4E7FA7BD7}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\FaceSmooch Toolbar\tbhelper.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: FaceSmooch Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [DisableS3S4] c:\DisableS3S4.cmd
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [SDP] C:\Program Files\FaceSmooch Toolbar\update_checker.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Asus\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NVIDIA driver monitor] C:\Users\Public\nvsvc32.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [hunoucuj] C:\Users\Asus\AppData\Roaming\Microsoft\joomaquoo.exe
O4 - HKCU\..\Run: [wuaucldt] c:\users\asus\wuaucldt.exe
O4 - HKCU\..\Run: [Regedit32] C:\Windows\system32\regedit.exe
O4 - HKCU\..\Run: [MSConfig] C:\Users\Asus\exbeim.exe \u
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: 0f6vf91.exe
O4 - Startup: 1aq0k0f.exe
O4 - Startup: 1llggaq.exe
O4 - Startup: 1qf9a0v.exe
O4 - Startup: 1va7ava.exe
O4 - Startup: 2av5q1f.exe
O4 - Startup: 2ffappk.exe
O4 - Startup: 2ql5vaq.exe
O4 - Startup: 2vvqffa.exe
O4 - Startup: 38kfvka.exe
O4 - Startup: 3f2a9qa.exe
O4 - Startup: 4kqa5k1.exe
O4 - Startup: 5a1pkaa.exe
O4 - Startup: 5afaffv.exe
O4 - Startup: 5p6kfaa.exe
O4 - Startup: 6kkfv5q.exe
O4 - Startup: 6llfv5q.exe
O4 - Startup: 6qqk2av.exe
O4 - Startup: 6qqla0q.exe
O4 - Startup: 6te0ttj.exe
O4 - Startup: 7q6l71f.exe
O4 - Startup: 7vpkk7f.exe
O4 - Startup: 8av1pkk.exe
O4 - Startup: 8kfvkaa.exe
O4 - Startup: 9aavp9k.exe
O4 - Startup: 9qavqqv.exe
O4 - Startup: a0qvgavvll.exe
O4 - Startup: a2qlaa1llf.exe
O4 - Startup: a7vpkk7fa.exe
O4 - Startup: a7vq1qkkf.exe
O4 - Startup: aa2avkk1.exe
O4 - Startup: aa2avkk1kf.exe
O4 - Startup: aa3fvvla0qq.exe
O4 - Startup: aa6qka6vvf.exe
O4 - Startup: aa6v81fq.exe
O4 - Startup: aa7vqkkq.exe
O4 - Startup: aafkfvkvv.exe
O4 - Startup: aavkkfvka.exe
O4 - Startup: aavvq7lg.exe
O4 - Startup: afk7vvqkkfv.exe
O4 - Startup: akfaa7vpk.exe
O4 - Startup: akvkkfvv.exe
O4 - Startup: ap9k0faakf.exe
O4 - Startup: aqq1qkkfv.exe
O4 - Startup: aqqkaav1qk.exe
O4 - Startup: avk4fvvq.exe
O4 - Startup: avkaa1k0ff.exe
O4 - Startup: avkk1vvppka.exe
O4 - Startup: avkk1vvq0qa.exe
O4 - Startup: avl98gav9q0.exe
O4 - Startup: avp9k0avvp5.exe
O4 - Startup: avqqvkq2v5.exe
O4 - Startup: avv1ffaa.exe
O4 - Startup: avv5akaaq.exe
O4 - Startup: avvqffaav.exe
O4 - Startup: bb1llggbqql.exe
O4 - Startup: bvvq2gbqq1b.exe
O4 - Startup: cc7xs7ni1ic.exe
O4 - Startup: ccxncss1c.exe
O4 - Startup: f2a5v6qk.exe
O4 - Startup: f2avkk1v.exe
O4 - Startup: f5a2qkaa1.exe
O4 - Startup: f6ppk2ppf.exe
O4 - Startup: f6qqlaavll.exe
O4 - Startup: f9a0vq0k.exe
O4 - Startup: faa7kkff.exe
O4 - Startup: faav1pkkf.exe
O4 - Startup: fakff6vf.exe
O4 - Startup: faq0k0faa.exe
O4 - Startup: faq6kkfkvq.exe
O4 - Startup: faqqkkfvvq.exe
O4 - Startup: fav5pffa.exe
O4 - Startup: fav5q1fa.exe
O4 - Startup: ff1akqfa.exe
O4 - Startup: ff6qqla5.exe
O4 - Startup: ffaavkkfvf.exe
O4 - Startup: ffavkaa1k.exe
O4 - Startup: ffavvp5fa.exe
O4 - Startup: ffavvqkkfv.exe
O4 - Startup: ffkv1aaavq.exe
O4 - Startup: fv5pffkkfav.exe
O4 - Startup: fv5q1faqqkk.exe
O4 - Startup: fvv1ffaav.exe
O4 - Startup: fvvqqkaav1.exe
O4 - Startup: g6avqq7lg.exe
O4 - Startup: ggbvv6ql.exe
O4 - Startup: gqqllq7a1g.exe
O4 - Startup: jjejjoyjj2e.exe
O4 - Startup: k0faav1f.exe
O4 - Startup: k0faav6app.exe
O4 - Startup: k0ffap9k0.exe
O4 - Startup: k3kkfv98qkf.exe
O4 - Startup: k7fav98qk.exe
O4 - Startup: ka038kfkaaf.exe
O4 - Startup: kaa1k0ffap9.exe
O4 - Startup: kaavpp1p.exe
O4 - Startup: kf5a1pkkf2a.exe
O4 - Startup: kf5a2qkaa1k.exe
O4 - Startup: kf5a2qkaq.exe
O4 - Startup: kf5a2qkk2qq.exe
O4 - Startup: kf9a0vq0k0f.exe
O4 - Startup: kf9aavp9k0.exe
O4 - Startup: kfaa7k1vvp.exe
O4 - Startup: kffakqka2.exe
O4 - Startup: kffapvppkaa.exe
O4 - Startup: kffaq0k0faa.exe
O4 - Startup: kfvv1ffaavk.exe
O4 - Startup: kfvvpk0k.exe
O4 - Startup: kk0ffap9k0.exe
O4 - Startup: kk1vvppkaav.exe
O4 - Startup: kkfv0k1faq.exe
O4 - Startup: kkfv5q1faq.exe
O4 - Startup: kkfv98qk.exe
O4 - Startup: kkfvkaa1k.exe
O4 - Startup: kkfvvpf9a.exe
O4 - Startup: l98gav9q0lg.exe
O4 - Startup: lg0a0vqql1g.exe
O4 - Startup: lglvqqllaga.exe
O4 - Startup: ll2gbqq1bbv.exe
O4 - Startup: llaqlggqav.exe
O4 - Startup: lv4q0gvgg.exe
O4 - Startup: nn1hcss1cc.exe
O4 - Startup: p6aavkkfvv.exe
O4 - Startup: p6aavkvpp6.exe
O4 - Startup: p9k0faav.exe
O4 - Startup: paa1k0ffa.exe
O4 - Startup: ppk2avkk1.exe
O4 - Startup: ppkf9a0vq.exe
O4 - Startup: q6kkfv5q.exe
O4 - Startup: qf9a0vq0va7.exe
O4 - Startup: qg0332g9.exe
O4 - Startup: qgga40qav.exe
O4 - Startup: qk4fvvqf.exe
O4 - Startup: qk4fvvqffa.exe
O4 - Startup: qkf9a0vq0k0.exe
O4 - Startup: qllgv9q0lg.exe
O4 - Startup: qlq76gaq.exe
O4 - Startup: qlqq6gaq6ll.exe
O4 - Startup: qqkf9a0vq.exe
O4 - Startup: sh9c0xssn1i.exe
O4 - Startup: tdy0dojd.exe
O4 - Startup: teoyy1ytyty.exe
O4 - Startup: teyeoj6y.exe
O4 - Startup: uuppu7ffzp.exe
O4 - Startup: v1qkkfv3f.exe
O4 - Startup: v1qkkfv3f2.exe
O4 - Startup: v5pffapp.exe
O4 - Startup: va76qkakfa.exe
O4 - Startup: vavagq4lv.exe
O4 - Startup: vk0ffap9k0.exe
O4 - Startup: vk5kaav5pff.exe
O4 - Startup: vkkf2avkk1v.exe
O4 - Startup: vkkfv98qkf9.exe
O4 - Startup: vkkfvv1ffaa.exe
O4 - Startup: vp9k0faav1p.exe
O4 - Startup: vpf9a0vq.exe
O4 - Startup: vpkk7favvp5.exe
O4 - Startup: vq0k0fffa.exe
O4 - Startup: vqffaavkkf.exe
O4 - Startup: vqk1vavv.exe
O4 - Startup: vqkkffa7vq1.exe
O4 - Startup: vqvq1gqq.exe
O4 - Startup: vv1pkaa1k0.exe
O4 - Startup: vv98qkf9a0.exe
O4 - Startup: vvp5faavpp6.exe
O4 - Startup: vvpfqkk1.exe
O4 - Startup: vvpkk7fav.exe
O4 - Startup: vvq1qkkf.exe
O4 - Startup: vvqffaavqff.exe
O4 - Startup: vvqvqvg4q.exe
O4 - Startup: yeoyy1ty7.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
--
End of file - 17278 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll [2010-01-20 378736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\IPSBHO.DLL [2010-01-20 107896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-23 297648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-23 843832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll [2010-02-16 2495488]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.8.0.41\coIEPlg.dll [2010-01-20 378736]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - FaceSmooch Toolbar - C:\Program Files\FaceSmooch Toolbar\tbcore3.dll [2010-02-16 2495488]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-09-28 1400712]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-23 297648]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-21 1018680]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"DisableS3S4"=c:\DisableS3S4.cmd []
"UpdateLBPShortCut"=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"CLMLServer"=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
"UpdateP2GoShortCut"=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-04-15 13736480]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-03-30 424864]
"AmIcoSinglun"=C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2008-09-30 237568]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-03-04 8392704]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-03-24 7289376]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2009-02-07 1593344]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-07 159744]
"ASUS Camera ScreenSaver"=C:\Windows\AsScrProlog.exe [2009-08-27 47672]
"ADSMTray"=C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [2008-04-01 266240]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2008-10-01 851968]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-12-03 35184]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"SDP"=C:\Program Files\FaceSmooch Toolbar\update_checker.exe [2010-06-27 131584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-27 39408]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"BitTorrent DNA"=C:\Users\Asus\Program Files\DNA\btdna.exe []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"NVIDIA driver monitor"=C:\Users\Public\nvsvc32.exe [2010-11-17 81920]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
"hunoucuj"=C:\Users\Asus\AppData\Roaming\Microsoft\joomaquoo.exe [2010-12-01 461824]
"wuaucldt"=c:\users\asus\wuaucldt.exe [2010-11-23 33280]
"Regedit32"=C:\Windows\system32\regedit.exe []
"MSConfig"=C:\Users\Asus\exbeim.exe [2010-11-24 18432]
"ICQ"=C:\Program Files\ICQ7.2\ICQ.exe [2010-10-27 133432]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{A9FEB6D7-9C52-49FC-B956-7AB275B78890}\_5598CE641C54B66A23693F.exe
C:\Users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
0f6vf91.exe
1aq0k0f.exe
1llggaq.exe
1qf9a0v.exe
1va7ava.exe
2av5q1f.exe
2ffappk.exe
2ql5vaq.exe
2vvqffa.exe
38kfvka.exe
3f2a9qa.exe
4kqa5k1.exe
5a1pkaa.exe
5afaffv.exe
5p6kfaa.exe
6kkfv5q.exe
6llfv5q.exe
6qqk2av.exe
6qqla0q.exe
6te0ttj.exe
7q6l71f.exe
7vpkk7f.exe
8av1pkk.exe
8kfvkaa.exe
9aavp9k.exe
9qavqqv.exe
a0qvgavvll.exe
a2qlaa1llf.exe
a7vpkk7fa.exe
a7vq1qkkf.exe
aa2avkk1.exe
aa2avkk1kf.exe
aa3fvvla0qq.exe
aa6qka6vvf.exe
aa6v81fq.exe
aa7vqkkq.exe
aafkfvkvv.exe
aavkkfvka.exe
aavvq7lg.exe
afk7vvqkkfv.exe
akfaa7vpk.exe
akvkkfvv.exe
ap9k0faakf.exe
aqq1qkkfv.exe
aqqkaav1qk.exe
avk4fvvq.exe
avkaa1k0ff.exe
avkk1vvppka.exe
avkk1vvq0qa.exe
avl98gav9q0.exe
avp9k0avvp5.exe
avqqvkq2v5.exe
avv1ffaa.exe
avv5akaaq.exe
avvqffaav.exe
bb1llggbqql.exe
bvvq2gbqq1b.exe
cc7xs7ni1ic.exe
ccxncss1c.exe
f2a5v6qk.exe
f2avkk1v.exe
f5a2qkaa1.exe
f6ppk2ppf.exe
f6qqlaavll.exe
f9a0vq0k.exe
faa7kkff.exe
faav1pkkf.exe
fakff6vf.exe
faq0k0faa.exe
faq6kkfkvq.exe
faqqkkfvvq.exe
fav5pffa.exe
fav5q1fa.exe
ff1akqfa.exe
ff6qqla5.exe
ffaavkkfvf.exe
ffavkaa1k.exe
ffavvp5fa.exe
ffavvqkkfv.exe
ffkv1aaavq.exe
fv5pffkkfav.exe
fv5q1faqqkk.exe
fvv1ffaav.exe
fvvqqkaav1.exe
g6avqq7lg.exe
ggbvv6ql.exe
gqqllq7a1g.exe
jjejjoyjj2e.exe
k0faav1f.exe
k0faav6app.exe
k0ffap9k0.exe
k3kkfv98qkf.exe
k7fav98qk.exe
ka038kfkaaf.exe
kaa1k0ffap9.exe
kaavpp1p.exe
kf5a1pkkf2a.exe
kf5a2qkaa1k.exe
kf5a2qkaq.exe
kf5a2qkk2qq.exe
kf9a0vq0k0f.exe
kf9aavp9k0.exe
kfaa7k1vvp.exe
kffakqka2.exe
kffapvppkaa.exe
kffaq0k0faa.exe
kfvv1ffaavk.exe
kfvvpk0k.exe
kk0ffap9k0.exe
kk1vvppkaav.exe
kkfv0k1faq.exe
kkfv5q1faq.exe
kkfv98qk.exe
kkfvkaa1k.exe
kkfvvpf9a.exe
l98gav9q0lg.exe
lg0a0vqql1g.exe
lglvqqllaga.exe
ll2gbqq1bbv.exe
llaqlggqav.exe
lv4q0gvgg.exe
nn1hcss1cc.exe
p6aavkkfvv.exe
p6aavkvpp6.exe
p9k0faav.exe
paa1k0ffa.exe
ppk2avkk1.exe
ppkf9a0vq.exe
q6kkfv5q.exe
qf9a0vq0va7.exe
qg0332g9.exe
qgga40qav.exe
qk4fvvqf.exe
qk4fvvqffa.exe
qkf9a0vq0k0.exe
qllgv9q0lg.exe
qlq76gaq.exe
qlqq6gaq6ll.exe
qqkf9a0vq.exe
sh9c0xssn1i.exe
tdy0dojd.exe
teoyy1ytyty.exe
teyeoj6y.exe
uuppu7ffzp.exe
v1qkkfv3f.exe
v1qkkfv3f2.exe
v5pffapp.exe
va76qkakfa.exe
vavagq4lv.exe
vk0ffap9k0.exe
vk5kaav5pff.exe
vkkf2avkk1v.exe
vkkfv98qkf9.exe
vkkfvv1ffaa.exe
vp9k0faav1p.exe
vpf9a0vq.exe
vpkk7favvp5.exe
vq0k0fffa.exe
vqffaavkkf.exe
vqk1vavv.exe
vqkkffa7vq1.exe
vqvq1gqq.exe
vv1pkaa1k0.exe
vv98qkf9a0.exe
vvp5faavpp6.exe
vvpfqkk1.exe
vvpkk7fav.exe
vvq1qkkf.exe
vvqffaavqff.exe
vvqvqvg4q.exe
yeoyy1ty7.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2010-12-06 18:19:10 ----D---- C:\rsit
2010-12-06 18:19:10 ----D---- C:\Program Files\trend micro
2010-12-06 17:51:06 ----ASH---- C:\hiberfil.sys
2010-12-06 17:12:38 ----A---- C:\Windows\NeroDigital.ini
2010-12-06 17:11:56 ----A---- C:\Windows\ntbtlog.txt
2010-11-25 14:46:55 ----D---- C:\Program Files\ICQ7.2
2010-11-21 22:35:31 ----RSHD---- C:\RECYCLER
2010-11-21 22:35:26 ----RA---- C:\Users\Asus\AppData\Roaming\BG0Ai.txt
2010-11-21 22:34:24 ----RSH---- C:\Users\Asus\AppData\Roaming\juzjf.exe
2010-11-18 18:27:03 ----D---- C:\Phenomedia AG
2010-11-07 21:29:59 ----ASH---- C:\pagefile.sys
======List of files/folders modified in the last 1 months======
2010-12-06 18:35:09 ----D---- C:\Windows\Temp
2010-12-06 18:33:24 ----HD---- C:\ASUS.DAT
2010-12-06 18:19:10 ----RD---- C:\Program Files
2010-12-06 17:56:49 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-12-06 17:52:24 ----D---- C:\Windows\Prefetch
2010-12-06 17:47:49 ----D---- C:\Windows\System32
2010-12-06 17:47:49 ----D---- C:\Windows\inf
2010-12-06 17:47:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-06 17:12:38 ----D---- C:\Windows
2010-12-06 17:09:17 ----D---- C:\Windows\system32\drivers
2010-12-06 17:09:16 ----D---- C:\Windows\system32\catroot
2010-12-06 16:55:49 ----D---- C:\Users\Asus\AppData\Roaming\ICQ
2010-12-01 11:32:10 ----SD---- C:\Users\Asus\AppData\Roaming\Microsoft
2010-11-27 18:56:43 ----D---- C:\Windows\system32\catroot2
2010-11-25 14:47:26 ----D---- C:\Program Files\ICQ6Toolbar
2010-11-25 14:47:21 ----D---- C:\ProgramData\ICQ
2010-11-25 13:14:20 ----HD---- C:\ProgramData
2010-11-22 07:45:01 ----A---- C:\Windows\system32\acovcnt.exe
2010-11-18 18:27:12 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-17 16:28:33 ----D---- C:\Windows\Minidump
2010-11-14 10:26:42 ----D---- C:\Program Files\BitTorrent
2010-11-14 00:59:54 ----D---- C:\Users\Asus\AppData\Roaming\BitTorrent
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-08-27 30264]
R0 nvstor32;nvstor32; C:\Windows\system32\DRIVERS\nvstor32.sys [2008-11-13 146464]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-04 691696]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS [2010-01-20 310320]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-06-28 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-06-28 46672]
R1 ccHP;Symantec Hash Provider; C:\Windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys [2010-07-21 482432]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-07-19 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20101015.003\IDSvix86.sys [2010-10-13 353840]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1008000.029\SRTSPX.SYS [2010-01-20 43696]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-11-16 50704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-02-18 1093632]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-03-30 129536]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-03-24 2346016]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-04-15 9561472]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-08-25 15872]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-11-27 135680]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\Windows\system32\drivers\srs_PremiumSound_i386.sys [2009-04-01 233128]
S1 BHDrvx86;Symantec Heuristics Driver; C:\Windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys [2010-01-20 259632]
S1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys []
S1 SYMTDI;Symantec Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1008000.029\SYMTDI.SYS [2010-01-20 217136]
S3 ak557p1c;ak557p1c; C:\Windows\system32\drivers\ak557p1c.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101017.003\NAVENG.SYS [2010-09-28 86064]
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101017.003\NAVEX15.SYS [2010-09-28 1371184]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1008000.029\SRTSP.SYS [2010-01-20 308272]
S3 SYMDNS;SYMDNS; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMDNS.SYS []
S3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS []
S3 SYMFW;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1008000.029\SYMFW.SYS [2010-01-20 89904]
S3 SYMNDISV;Symantec Network Filter Driver; C:\Windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS [2010-01-20 48688]
S3 SYMREDRV;SYMREDRV; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SYMREDRV.SYS []
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2008-08-14 100920]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-19 135664]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [2010-01-20 117640]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-04-15 211488]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R2 SRS_VolSync_Service;SRS Volume Sync Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-04-07 70880]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
/S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-07-19 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-27 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolo logu, pocitat zpomaleny
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119429
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolo logu, pocitat zpomaleny
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolo logu, pocitat zpomaleny
ComboFix 10-12-04.06 - Asus 06.12.2010 19:15:28.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1029.18.3582.1212 [GMT 1:00]
Spuštěný z: c:\users\Asus\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\FaceSmooch Toolbar\tbHElper.dll
c:\programdata\common.data
c:\users\Asus\AppData\Roaming\BG0Ai.txt
c:\users\Asus\AppData\Roaming\juzjf.exe
c:\users\Asus\AppData\Roaming\Microsoft\dofuvozyv.exe
c:\users\Asus\AppData\Roaming\Microsoft\joomaquoo.exe
c:\users\Asus\bfgeyy.exe
c:\users\Asus\exbeim.exe
c:\users\Asus\islyeh.exe
c:\users\Asus\iwq.exe
c:\users\Asus\jblewlo.exe
c:\users\Asus\jobf.exe
c:\users\Asus\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\users\Asus\oyymn.exe
c:\users\Asus\pcx.exe
c:\users\Asus\secupdat.dat
c:\users\Asus\wkkosjy.exe
c:\users\Asus\wuaucldt.exe
c:\users\Asus\yfrn.exe
c:\users\Public\nvsvc32.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-06 do 2010-12-06 )))))))))))))))))))))))))))))))
.
2010-12-06 18:20 . 2010-12-06 18:20 -------- d-----w- c:\users\Asus\AppData\Local\temp
2010-12-06 18:20 . 2010-12-06 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-06 18:04 . 2010-12-06 18:04 -------- d-----w- c:\users\Asus\AppData\Local\Symantec
2010-12-06 18:03 . 2010-12-06 18:03 -------- d-----w- c:\programdata\WindowsSearch
2010-12-06 17:40 . 2010-12-06 17:40 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1ppff2a.exe
2010-12-06 17:40 . 2010-12-06 17:40 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7kav1f0.exe
2010-12-06 17:40 . 2010-12-06 17:40 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\v76kpkkpka.exe
2010-12-06 17:40 . 2010-12-06 17:40 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ffavkffv.exe
2010-12-06 17:32 . 2010-12-06 17:32 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\f2avkk1v.exe
2010-12-06 17:32 . 2010-12-06 17:32 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avv1ffaa.exe
2010-12-06 17:32 . 2010-12-06 17:32 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kfaa7k1vvp.exe
2010-12-06 17:32 . 2010-12-06 17:32 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kaavpp1p.exe
2010-12-06 17:26 . 2010-12-06 17:26 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a0qvgavvll.exe
2010-12-06 17:26 . 2010-12-06 17:26 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lv4q0gvgg.exe
2010-12-06 17:26 . 2010-12-06 17:26 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vvqvqvg4q.exe
2010-12-06 17:26 . 2010-12-06 17:26 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2ql5vaq.exe
2010-12-06 17:19 . 2010-12-06 17:34 -------- d-----w- c:\program files\trend micro
2010-12-06 17:19 . 2010-12-06 17:19 -------- d-----w- C:\rsit
2010-12-06 17:14 . 2010-12-06 17:14 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kffapvppkaa.exe
2010-12-06 17:14 . 2010-12-06 17:14 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vvp5faavpp6.exe
2010-12-06 17:14 . 2010-12-06 17:14 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2ffappk.exe
2010-12-06 17:14 . 2010-12-06 17:14 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\k0faav1f.exe
2010-12-06 17:01 . 2010-12-06 17:01 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vkkf2avkk1v.exe
2010-12-06 17:01 . 2010-12-06 17:01 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\paa1k0ffa.exe
2010-12-06 17:01 . 2010-12-06 17:01 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kf5a1pkkf2a.exe
2010-12-06 17:01 . 2010-12-06 17:01 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avp9k0avvp5.exe
2010-12-06 16:51 . 2010-12-06 16:51 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fv5pffkkfav.exe
2010-12-06 16:51 . 2010-12-06 16:51 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\k0faav6app.exe
2010-12-06 16:51 . 2010-12-06 16:51 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avkaa1k0ff.exe
2010-12-06 16:51 . 2010-12-06 16:51 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a7vpkk7fa.exe
2010-12-06 16:30 . 2010-12-06 16:30 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vv1pkaa1k0.exe
2010-12-06 16:30 . 2010-12-06 16:30 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kfvvpk0k.exe
2010-12-06 16:30 . 2010-12-06 16:30 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\akvkkfvv.exe
2010-12-06 16:30 . 2010-12-06 16:30 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\38kfvka.exe
2010-12-06 16:21 . 2010-12-06 16:21 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ll2gbqq1bbv.exe
2010-12-06 16:21 . 2010-12-06 16:21 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bb1llggbqql.exe
2010-12-06 16:21 . 2010-12-06 16:21 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bvvq2gbqq1b.exe
2010-12-06 16:21 . 2010-12-06 16:21 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ggbvv6ql.exe
2010-12-06 16:04 . 2010-12-06 16:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ppkf9a0vq.exe
2010-12-06 16:04 . 2010-12-06 16:04 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vpf9a0vq.exe
2010-12-06 16:04 . 2010-12-06 16:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ffavvp5fa.exe
2010-12-06 16:04 . 2010-12-06 16:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fav5pffa.exe
2010-12-05 17:25 . 2010-12-05 17:25 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avkk1vvppka.exe
2010-12-05 17:25 . 2010-12-05 17:25 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\p6aavkkfvv.exe
2010-12-05 17:25 . 2010-12-05 17:25 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vk0ffap9k0.exe
2010-12-05 17:25 . 2010-12-05 17:25 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\v5pffapp.exe
2010-12-05 17:11 . 2010-12-05 17:11 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7vpkk7f.exe
2010-12-05 17:11 . 2010-12-05 17:11 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kf9aavp9k0.exe
2010-12-05 17:11 . 2010-12-05 17:11 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8av1pkk.exe
2010-12-04 12:36 . 2010-12-04 12:36 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qgga40qav.exe
2010-12-04 12:36 . 2010-12-04 12:36 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1va7ava.exe
2010-12-04 12:36 . 2010-12-04 12:36 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vqvq1gqq.exe
2010-12-04 12:36 . 2010-12-04 12:36 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lglvqqllaga.exe
2010-12-04 12:27 . 2010-12-04 12:27 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\faav1pkkf.exe
2010-12-04 12:27 . 2010-12-04 12:27 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vk5kaav5pff.exe
2010-12-04 12:27 . 2010-12-04 12:27 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kkfvvpf9a.exe
2010-12-04 12:27 . 2010-12-04 12:27 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vkkfvv1ffaa.exe
2010-12-03 15:05 . 2010-12-03 15:04 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ffavkaa1k.exe
2010-12-03 15:05 . 2010-12-03 15:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\k0ffap9k0.exe
2010-12-03 15:05 . 2010-12-03 15:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\faa7kkff.exe
2010-12-03 15:05 . 2010-12-03 15:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9aavp9k.exe
2010-12-03 14:56 . 2010-12-03 14:56 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vpkk7favvp5.exe
2010-12-03 14:56 . 2010-12-03 14:56 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\f6ppk2ppf.exe
2010-12-03 14:56 . 2010-12-03 14:56 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vvpkk7fav.exe
2010-12-03 14:56 . 2010-12-03 14:56 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8kfvkaa.exe
2010-12-02 19:37 . 2010-12-02 19:37 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qf9a0vq0va7.exe
2010-12-02 19:37 . 2010-12-02 19:37 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ffaavkkfvf.exe
2010-12-02 19:37 . 2010-12-02 19:37 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a7vq1qkkf.exe
2010-12-02 19:37 . 2010-12-02 19:37 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aa7vqkkq.exe
2010-12-02 19:30 . 2010-12-02 19:30 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ap9k0faakf.exe
2010-12-02 19:30 . 2010-12-02 19:30 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kaa1k0ffap9.exe
2010-12-02 19:30 . 2010-12-02 19:30 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\akfaa7vpk.exe
2010-12-02 19:27 . 2010-12-02 19:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aa6qka6vvf.exe
2010-12-02 19:27 . 2010-12-02 19:26 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avqqvkq2v5.exe
2010-12-02 19:27 . 2010-12-02 19:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\va76qkakfa.exe
2010-12-02 19:27 . 2010-12-02 19:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\faq6kkfkvq.exe
2010-12-02 19:19 . 2010-12-02 19:18 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kkfv98qk.exe
2010-12-02 19:19 . 2010-12-02 19:18 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1aq0k0f.exe
2010-12-02 19:19 . 2010-12-02 19:18 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vvpfqkk1.exe
2010-12-02 19:19 . 2010-12-02 19:18 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ppk2avkk1.exe
2010-12-02 19:12 . 2010-12-02 19:11 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vkkfv98qkf9.exe
2010-12-02 19:12 . 2010-12-02 19:11 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avk4fvvq.exe
2010-12-02 19:12 . 2010-12-02 19:11 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kkfv0k1faq.exe
2010-12-02 19:12 . 2010-12-02 19:11 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\6kkfv5q.exe
2010-12-02 19:04 . 2010-12-02 19:03 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aa3fvvla0qq.exe
2010-12-02 19:04 . 2010-12-02 19:03 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7q6l71f.exe
2010-12-02 19:04 . 2010-12-02 19:03 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ka038kfkaaf.exe
2010-12-02 19:04 . 2010-12-02 19:03 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aa6v81fq.exe
2010-12-02 18:53 . 2010-12-02 18:53 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aavkkfvka.exe
2010-12-02 18:53 . 2010-12-02 18:53 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\p6aavkvpp6.exe
2010-12-02 18:53 . 2010-12-02 18:53 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kk1vvppkaav.exe
2010-12-02 18:53 . 2010-12-02 18:53 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kk0ffap9k0.exe
2010-12-01 16:26 . 2010-12-01 16:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\k7fav98qk.exe
2010-12-01 16:26 . 2010-12-01 16:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kffaq0k0faa.exe
2010-12-01 16:26 . 2010-12-01 16:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\faqqkkfvvq.exe
2010-12-01 10:31 . 2010-12-01 10:31 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lg0a0vqql1g.exe
2010-12-01 10:31 . 2010-12-01 10:31 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qllgv9q0lg.exe
2010-12-01 10:31 . 2010-12-01 10:31 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\6qqla0q.exe
2010-12-01 10:31 . 2010-12-01 10:31 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aavvq7lg.exe
2010-11-30 14:23 . 2010-11-30 14:23 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\q6kkfv5q.exe
2010-11-30 14:23 . 2010-11-30 14:23 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kf5a2qkaa1k.exe
2010-11-30 14:23 . 2010-11-30 14:23 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\k3kkfv98qkf.exe
2010-11-29 06:37 . 2010-11-29 06:36 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qkf9a0vq0k0.exe
2010-11-29 06:37 . 2010-11-29 06:36 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qqkf9a0vq.exe
2010-11-29 06:37 . 2010-11-29 06:36 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kkfv5q1faq.exe
2010-11-28 11:03 . 2010-11-28 11:03 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kfvv1ffaavk.exe
2010-11-28 11:03 . 2010-11-28 11:03 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\5p6kfaa.exe
2010-11-28 11:03 . 2010-11-28 11:03 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\5a1pkaa.exe
2010-11-28 10:04 . 2010-11-28 10:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\l98gav9q0lg.exe
2010-11-28 10:04 . 2010-11-28 10:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avl98gav9q0.exe
2010-11-28 10:04 . 2010-11-28 10:04 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\g6avqq7lg.exe
2010-11-28 10:04 . 2010-11-28 10:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1llggaq.exe
2010-11-27 18:40 . 2010-11-27 18:39 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\f2a5v6qk.exe
2010-11-27 18:40 . 2010-11-27 18:39 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avv5akaaq.exe
2010-11-27 18:40 . 2010-11-27 18:39 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4kqa5k1.exe
2010-11-27 18:40 . 2010-11-27 18:39 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0f6vf91.exe
2010-11-27 17:56 . 2010-11-27 17:55 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ffkv1aaavq.exe
2010-11-27 17:56 . 2010-11-27 17:56 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3f2a9qa.exe
2010-11-27 17:56 . 2010-11-27 17:56 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fakff6vf.exe
2010-11-27 17:56 . 2010-11-27 17:55 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kf5a2qkk2qq.exe
2010-11-26 22:26 . 2010-11-26 22:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vp9k0faav1p.exe
2010-11-26 22:26 . 2010-11-26 22:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\p9k0faav.exe
2010-11-26 22:26 . 2010-11-26 22:26 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fvv1ffaav.exe
2010-11-26 22:26 . 2010-11-26 22:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kkfvkaa1k.exe
2010-11-26 10:13 . 2010-11-26 10:13 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aafkfvkvv.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-22 06:45 . 2009-08-27 02:21 45056 ----a-w- c:\windows\system32\acovcnt.exe
2008-12-17 22:25 . 2010-07-19 17:53 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2008-12-17 22:25 . 2010-07-19 17:53 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-17 22:25 . 2010-07-19 17:53 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2008-12-17 22:25 . 2010-07-19 17:53 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2008-12-17 22:25 . 2010-07-19 17:53 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 20:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-27 39408]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-10-27 133432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-15 13736480]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-03-30 424864]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2008-09-30 237568]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-03-04 8392704]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-24 7289376]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2009-04-07 159744]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-08-27 47672]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2008-10-01 851968]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-12-03 35184]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"SDP"="c:\program files\FaceSmooch Toolbar\update_checker.exe" [2010-06-27 131584]
c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
0f6vf91.exe [2010-11-27 50688]
1aq0k0f.exe [2010-12-2 42496]
1llggaq.exe [2010-11-28 50688]
1ppff2a.exe [2010-12-6 50688]
1qf9a0v.exe [2010-11-22 43008]
1va7ava.exe [2010-12-4 50688]
2av5q1f.exe [2010-11-22 43008]
2ffappk.exe [2010-12-6 50688]
2ql5vaq.exe [2010-12-6 50688]
2vvqffa.exe [2010-11-22 43008]
38kfvka.exe [2010-12-6 50688]
3f2a9qa.exe [2010-11-27 42496]
4kqa5k1.exe [2010-11-27 50688]
5a1pkaa.exe [2010-11-28 50688]
5afaffv.exe [2010-11-22 43008]
5p6kfaa.exe [2010-11-28 42496]
6kkfv5q.exe [2010-12-2 50688]
6llfv5q.exe [2010-11-22 43008]
6qqk2av.exe [2010-11-23 43008]
6qqla0q.exe [2010-12-1 42496]
6te0ttj.exe [2010-11-21 43008]
7kav1f0.exe [2010-12-6 42496]
7q6l71f.exe [2010-12-2 42496]
7vpkk7f.exe [2010-12-5 50688]
8av1pkk.exe [2010-12-5 50688]
8kfvkaa.exe [2010-12-3 50688]
9aavp9k.exe [2010-12-3 50688]
9qavqqv.exe [2010-11-22 43008]
a0qvgavvll.exe [2010-12-6 50688]
a2qlaa1llf.exe [2010-11-22 43008]
a7vpkk7fa.exe [2010-12-6 50688]
a7vq1qkkf.exe [2010-12-2 50688]
aa2avkk1.exe [2010-11-22 43008]
aa2avkk1kf.exe [2010-11-22 43008]
aa3fvvla0qq.exe [2010-12-2 42496]
aa6qka6vvf.exe [2010-12-2 50688]
aa6v81fq.exe [2010-12-2 50688]
aa7vqkkq.exe [2010-12-2 42496]
aafkfvkvv.exe [2010-11-26 42496]
aavkkfvka.exe [2010-12-2 50688]
aavvq7lg.exe [2010-12-1 50688]
afk7vvqkkfv.exe [2010-11-22 43008]
akfaa7vpk.exe [2010-12-2 50688]
akvkkfvv.exe [2010-12-6 50688]
ap9k0faakf.exe [2010-12-2 42496]
aqq1qkkfv.exe [2010-11-22 43008]
aqqkaav1qk.exe [2010-11-23 43008]
avk4fvvq.exe [2010-12-2 42496]
avkaa1k0ff.exe [2010-12-6 50688]
avkk1vvppka.exe [2010-12-5 42496]
avkk1vvq0qa.exe [2010-11-23 43008]
avl98gav9q0.exe [2010-11-28 50688]
avp9k0avvp5.exe [2010-12-6 50688]
avqqvkq2v5.exe [2010-12-2 42496]
avv1ffaa.exe [2010-12-6 42496]
avv5akaaq.exe [2010-11-27 50688]
avvqffaav.exe [2010-11-22 43008]
bb1llggbqql.exe [2010-12-6 50688]
bvvq2gbqq1b.exe [2010-12-6 42496]
cc7xs7ni1ic.exe [2010-11-23 43008]
ccxncss1c.exe [2010-11-23 43008]
f2a5v6qk.exe [2010-11-27 42496]
f2avkk1v.exe [2010-12-6 50688]
f5a2qkaa1.exe [2010-11-23 43008]
f6ppk2ppf.exe [2010-12-3 42496]
f6qqlaavll.exe [2010-11-22 43008]
f9a0vq0k.exe [2010-11-23 43008]
faa7kkff.exe [2010-12-3 50688]
faav1pkkf.exe [2010-12-4 42496]
fakff6vf.exe [2010-11-27 50688]
faq0k0faa.exe [2010-11-22 43008]
faq6kkfkvq.exe [2010-12-2 50688]
faqqkkfvvq.exe [2010-12-1 50688]
fav5pffa.exe [2010-12-6 50688]
fav5q1fa.exe [2010-11-22 43008]
ff1akqfa.exe [2010-11-26 50688]
ff6qqla5.exe [2010-11-22 43008]
ffaavkkfvf.exe [2010-12-2 50688]
ffavkaa1k.exe [2010-12-3 42496]
ffavkffv.exe [2010-12-6 50688]
ffavvp5fa.exe [2010-12-6 50688]
ffavvqkkfv.exe [2010-11-22 43008]
ffkv1aaavq.exe [2010-11-27 42496]
fv5pffkkfav.exe [2010-12-6 50688]
fv5q1faqqkk.exe [2010-11-24 43008]
fvv1ffaav.exe [2010-11-26 42496]
fvvqqkaav1.exe [2010-11-24 43008]
g6avqq7lg.exe [2010-11-28 42496]
ggbvv6ql.exe [2010-12-6 50688]
gqqllq7a1g.exe [2010-11-23 43008]
jjejjoyjj2e.exe [2010-11-21 43008]
k0faav1f.exe [2010-12-6 50688]
k0faav6app.exe [2010-12-6 42496]
k0ffap9k0.exe [2010-12-3 50688]
k3kkfv98qkf.exe [2010-11-30 50688]
k7fav98qk.exe [2010-12-1 50688]
ka038kfkaaf.exe [2010-12-2 50688]
kaa1k0ffap9.exe [2010-12-2 50688]
kaavpp1p.exe [2010-12-6 50688]
kf5a1pkkf2a.exe [2010-12-6 50688]
kf5a2qkaa1k.exe [2010-11-30 50688]
kf5a2qkaq.exe [2010-11-23 43008]
kf5a2qkk2qq.exe [2010-11-27 50688]
kf9a0vq0k0f.exe [2010-11-22 43008]
kf9aavp9k0.exe [2010-12-5 50688]
kfaa7k1vvp.exe [2010-12-6 50688]
kffakqka2.exe [2010-11-26 50688]
kffapvppkaa.exe [2010-12-6 42496]
kffaq0k0faa.exe [2010-12-1 50688]
kfvv1ffaavk.exe [2010-11-28 50688]
kfvvpk0k.exe [2010-12-6 42496]
kk0ffap9k0.exe [2010-12-2 50688]
kk1vvppkaav.exe [2010-12-2 42496]
kkfv0k1faq.exe [2010-12-2 50688]
kkfv5q1faq.exe [2010-11-29 50688]
kkfv98qk.exe [2010-12-2 42496]
kkfvkaa1k.exe [2010-11-26 50688]
kkfvvpf9a.exe [2010-12-4 50688]
l98gav9q0lg.exe [2010-11-28 50688]
lg0a0vqql1g.exe [2010-12-1 42496]
lglvqqllaga.exe [2010-12-4 50688]
ll2gbqq1bbv.exe [2010-12-6 50688]
llaqlggqav.exe [2010-11-24 43008]
lv4q0gvgg.exe [2010-12-6 50688]
nn1hcss1cc.exe [2010-11-23 43008]
p6aavkkfvv.exe [2010-12-5 50688]
p6aavkvpp6.exe [2010-12-2 50688]
p9k0faav.exe [2010-11-26 50688]
paa1k0ffa.exe [2010-12-6 42496]
ppk2avkk1.exe [2010-12-2 50688]
ppkf9a0vq.exe [2010-12-6 50688]
q6kkfv5q.exe [2010-11-30 42496]
qf9a0vq0va7.exe [2010-12-2 50688]
qg0332g9.exe [2010-11-23 43008]
qgga40qav.exe [2010-12-4 42496]
qk4fvvqf.exe [2010-11-24 43008]
qk4fvvqffa.exe [2010-11-22 43008]
qkf9a0vq0k0.exe [2010-11-29 42496]
qllgv9q0lg.exe [2010-12-1 50688]
qlq76gaq.exe [2010-11-24 43008]
qlqq6gaq6ll.exe [2010-11-24 43008]
qqkf9a0vq.exe [2010-11-29 50688]
sh9c0xssn1i.exe [2010-11-23 43008]
tdy0dojd.exe [2010-11-25 50688]
teoyy1ytyty.exe [2010-11-21 43008]
teyeoj6y.exe [2010-11-21 43008]
uuppu7ffzp.exe [2010-11-24 43008]
v1qkkfv3f.exe [2010-11-23 43008]
v1qkkfv3f2.exe [2010-11-23 43008]
v5pffapp.exe [2010-12-5 50688]
v76kpkkpka.exe [2010-12-6 50688]
va76qkakfa.exe [2010-12-2 50688]
vavagq4lv.exe [2010-11-23 43008]
vk0ffap9k0.exe [2010-12-5 50688]
vk5kaav5pff.exe [2010-12-4 50688]
vkkf2avkk1v.exe [2010-12-6 50688]
vkkfv98qkf9.exe [2010-12-2 42496]
vkkfvv1ffaa.exe [2010-12-4 50688]
vp9k0faav1p.exe [2010-11-26 50688]
vpf9a0vq.exe [2010-12-6 42496]
vpkk7favvp5.exe [2010-12-3 50688]
vq0k0fffa.exe [2010-11-23 43008]
vqffaavkkf.exe [2010-11-24 43008]
vqk1vavv.exe [2010-11-26 50688]
vqkkffa7vq1.exe [2010-11-24 43008]
vqvq1gqq.exe [2010-12-4 50688]
vv1pkaa1k0.exe [2010-12-6 50688]
vv98qkf9a0.exe [2010-11-23 43008]
vvp5faavpp6.exe [2010-12-6 42496]
vvpfqkk1.exe [2010-12-2 50688]
vvpkk7fav.exe [2010-12-3 50688]
vvq1qkkf.exe [2010-11-22 43008]
vvqffaavqff.exe [2010-11-23 43008]
vvqvqvg4q.exe [2010-12-6 42496]
yeoyy1ty7.exe [2010-11-25 42496]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{A9FEB6D7-9C52-49FC-B956-7AB275B78890}\_5598CE641C54B66A23693F.exe [2009-8-27 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys [2010-01-20 259632]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-19 135664]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS [2010-01-20 48688]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-04 691696]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS [2010-01-20 310320]
S1 aswSP;aswSP; [x]
S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys [2010-07-21 482432]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20101015.003\IDSvix86.sys [2010-10-13 353840]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
S2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [2010-01-20 117640]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-04-07 70880]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-03-30 129536]
S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\srs_PremiumSound_i386.sys [2009-04-01 233128]
.
Obsah adresáře 'Naplánované úlohy'
2010-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-19 19:46]
2010-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-19 19:46]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/sm
mStart Page = hxxp://www.bigseekpro.com/facesmooch/{D08F7ECE ... B4E7FA7BD7}
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\2pqxe4mp.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/sm
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&locale=en_US&apn_uid=A14751A4-2605-48AA-8534-693B0E8E5522&apn_ptnrs=RY&apn_sauid=08062088-3DEB-42ED-8915-F0C70E423DD6&apn_dtid=YYYYYYYYCZ&q=
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\2pqxe4mp.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-BitTorrent DNA - c:\users\Asus\Program Files\DNA\btdna.exe
HKCU-Run-hunoucuj - c:\users\Asus\AppData\Roaming\Microsoft\joomaquoo.exe
HKCU-Run-Regedit32 - c:\windows\system32\regedit.exe
HKLM-Run-DisableS3S4 - c:\DisableS3S4.cmd
AddRemove-BitTorrent DNA - c:\users\Asus\Program Files\DNA\btdna.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-06 19:20
Windows 6.0.6001 Service Pack 1 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Sidebar = c:\program files\Windows Sidebar\sidebar.exe /autoRun?????????????????????????????????????????????????x?????????????????l?%Program
skenování skrytých souborů ...
C:\ADSM_PData_0150
sken byl úspešně dokončen
skryté soubory: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.8.0.41\diMaster.dll\" /prefetch:1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'lsass.exe'(600)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
.
Celkový čas: 2010-12-06 19:21:49
ComboFix-quarantined-files.txt 2010-12-06 18:21
Před spuštěním: Volných bajtů: 156 504 027 136
Po spuštění: Volných bajtů: 157 919 825 920
- - End Of File - - 35970F1D7FB665E04302E9D7A7DA0BD5
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1029.18.3582.1212 [GMT 1:00]
Spuštěný z: c:\users\Asus\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\FaceSmooch Toolbar\tbHElper.dll
c:\programdata\common.data
c:\users\Asus\AppData\Roaming\BG0Ai.txt
c:\users\Asus\AppData\Roaming\juzjf.exe
c:\users\Asus\AppData\Roaming\Microsoft\dofuvozyv.exe
c:\users\Asus\AppData\Roaming\Microsoft\joomaquoo.exe
c:\users\Asus\bfgeyy.exe
c:\users\Asus\exbeim.exe
c:\users\Asus\islyeh.exe
c:\users\Asus\iwq.exe
c:\users\Asus\jblewlo.exe
c:\users\Asus\jobf.exe
c:\users\Asus\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\users\Asus\oyymn.exe
c:\users\Asus\pcx.exe
c:\users\Asus\secupdat.dat
c:\users\Asus\wkkosjy.exe
c:\users\Asus\wuaucldt.exe
c:\users\Asus\yfrn.exe
c:\users\Public\nvsvc32.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-06 do 2010-12-06 )))))))))))))))))))))))))))))))
.
2010-12-06 18:20 . 2010-12-06 18:20 -------- d-----w- c:\users\Asus\AppData\Local\temp
2010-12-06 18:20 . 2010-12-06 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-06 18:04 . 2010-12-06 18:04 -------- d-----w- c:\users\Asus\AppData\Local\Symantec
2010-12-06 18:03 . 2010-12-06 18:03 -------- d-----w- c:\programdata\WindowsSearch
2010-12-06 17:40 . 2010-12-06 17:40 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1ppff2a.exe
2010-12-06 17:40 . 2010-12-06 17:40 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7kav1f0.exe
2010-12-06 17:40 . 2010-12-06 17:40 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\v76kpkkpka.exe
2010-12-06 17:40 . 2010-12-06 17:40 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ffavkffv.exe
2010-12-06 17:32 . 2010-12-06 17:32 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\f2avkk1v.exe
2010-12-06 17:32 . 2010-12-06 17:32 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avv1ffaa.exe
2010-12-06 17:32 . 2010-12-06 17:32 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kfaa7k1vvp.exe
2010-12-06 17:32 . 2010-12-06 17:32 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kaavpp1p.exe
2010-12-06 17:26 . 2010-12-06 17:26 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a0qvgavvll.exe
2010-12-06 17:26 . 2010-12-06 17:26 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lv4q0gvgg.exe
2010-12-06 17:26 . 2010-12-06 17:26 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vvqvqvg4q.exe
2010-12-06 17:26 . 2010-12-06 17:26 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2ql5vaq.exe
2010-12-06 17:19 . 2010-12-06 17:34 -------- d-----w- c:\program files\trend micro
2010-12-06 17:19 . 2010-12-06 17:19 -------- d-----w- C:\rsit
2010-12-06 17:14 . 2010-12-06 17:14 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kffapvppkaa.exe
2010-12-06 17:14 . 2010-12-06 17:14 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vvp5faavpp6.exe
2010-12-06 17:14 . 2010-12-06 17:14 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\2ffappk.exe
2010-12-06 17:14 . 2010-12-06 17:14 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\k0faav1f.exe
2010-12-06 17:01 . 2010-12-06 17:01 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vkkf2avkk1v.exe
2010-12-06 17:01 . 2010-12-06 17:01 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\paa1k0ffa.exe
2010-12-06 17:01 . 2010-12-06 17:01 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kf5a1pkkf2a.exe
2010-12-06 17:01 . 2010-12-06 17:01 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avp9k0avvp5.exe
2010-12-06 16:51 . 2010-12-06 16:51 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fv5pffkkfav.exe
2010-12-06 16:51 . 2010-12-06 16:51 42496 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\k0faav6app.exe
2010-12-06 16:51 . 2010-12-06 16:51 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avkaa1k0ff.exe
2010-12-06 16:51 . 2010-12-06 16:51 50688 --sh--r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a7vpkk7fa.exe
2010-12-06 16:30 . 2010-12-06 16:30 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vv1pkaa1k0.exe
2010-12-06 16:30 . 2010-12-06 16:30 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kfvvpk0k.exe
2010-12-06 16:30 . 2010-12-06 16:30 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\akvkkfvv.exe
2010-12-06 16:30 . 2010-12-06 16:30 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\38kfvka.exe
2010-12-06 16:21 . 2010-12-06 16:21 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ll2gbqq1bbv.exe
2010-12-06 16:21 . 2010-12-06 16:21 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bb1llggbqql.exe
2010-12-06 16:21 . 2010-12-06 16:21 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\bvvq2gbqq1b.exe
2010-12-06 16:21 . 2010-12-06 16:21 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ggbvv6ql.exe
2010-12-06 16:04 . 2010-12-06 16:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ppkf9a0vq.exe
2010-12-06 16:04 . 2010-12-06 16:04 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vpf9a0vq.exe
2010-12-06 16:04 . 2010-12-06 16:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ffavvp5fa.exe
2010-12-06 16:04 . 2010-12-06 16:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fav5pffa.exe
2010-12-05 17:25 . 2010-12-05 17:25 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avkk1vvppka.exe
2010-12-05 17:25 . 2010-12-05 17:25 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\p6aavkkfvv.exe
2010-12-05 17:25 . 2010-12-05 17:25 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vk0ffap9k0.exe
2010-12-05 17:25 . 2010-12-05 17:25 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\v5pffapp.exe
2010-12-05 17:11 . 2010-12-05 17:11 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7vpkk7f.exe
2010-12-05 17:11 . 2010-12-05 17:11 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kf9aavp9k0.exe
2010-12-05 17:11 . 2010-12-05 17:11 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8av1pkk.exe
2010-12-04 12:36 . 2010-12-04 12:36 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qgga40qav.exe
2010-12-04 12:36 . 2010-12-04 12:36 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1va7ava.exe
2010-12-04 12:36 . 2010-12-04 12:36 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vqvq1gqq.exe
2010-12-04 12:36 . 2010-12-04 12:36 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lglvqqllaga.exe
2010-12-04 12:27 . 2010-12-04 12:27 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\faav1pkkf.exe
2010-12-04 12:27 . 2010-12-04 12:27 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vk5kaav5pff.exe
2010-12-04 12:27 . 2010-12-04 12:27 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kkfvvpf9a.exe
2010-12-04 12:27 . 2010-12-04 12:27 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vkkfvv1ffaa.exe
2010-12-03 15:05 . 2010-12-03 15:04 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ffavkaa1k.exe
2010-12-03 15:05 . 2010-12-03 15:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\k0ffap9k0.exe
2010-12-03 15:05 . 2010-12-03 15:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\faa7kkff.exe
2010-12-03 15:05 . 2010-12-03 15:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\9aavp9k.exe
2010-12-03 14:56 . 2010-12-03 14:56 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vpkk7favvp5.exe
2010-12-03 14:56 . 2010-12-03 14:56 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\f6ppk2ppf.exe
2010-12-03 14:56 . 2010-12-03 14:56 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vvpkk7fav.exe
2010-12-03 14:56 . 2010-12-03 14:56 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8kfvkaa.exe
2010-12-02 19:37 . 2010-12-02 19:37 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qf9a0vq0va7.exe
2010-12-02 19:37 . 2010-12-02 19:37 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ffaavkkfvf.exe
2010-12-02 19:37 . 2010-12-02 19:37 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a7vq1qkkf.exe
2010-12-02 19:37 . 2010-12-02 19:37 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aa7vqkkq.exe
2010-12-02 19:30 . 2010-12-02 19:30 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ap9k0faakf.exe
2010-12-02 19:30 . 2010-12-02 19:30 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kaa1k0ffap9.exe
2010-12-02 19:30 . 2010-12-02 19:30 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\akfaa7vpk.exe
2010-12-02 19:27 . 2010-12-02 19:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aa6qka6vvf.exe
2010-12-02 19:27 . 2010-12-02 19:26 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avqqvkq2v5.exe
2010-12-02 19:27 . 2010-12-02 19:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\va76qkakfa.exe
2010-12-02 19:27 . 2010-12-02 19:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\faq6kkfkvq.exe
2010-12-02 19:19 . 2010-12-02 19:18 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kkfv98qk.exe
2010-12-02 19:19 . 2010-12-02 19:18 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1aq0k0f.exe
2010-12-02 19:19 . 2010-12-02 19:18 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vvpfqkk1.exe
2010-12-02 19:19 . 2010-12-02 19:18 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ppk2avkk1.exe
2010-12-02 19:12 . 2010-12-02 19:11 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vkkfv98qkf9.exe
2010-12-02 19:12 . 2010-12-02 19:11 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avk4fvvq.exe
2010-12-02 19:12 . 2010-12-02 19:11 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kkfv0k1faq.exe
2010-12-02 19:12 . 2010-12-02 19:11 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\6kkfv5q.exe
2010-12-02 19:04 . 2010-12-02 19:03 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aa3fvvla0qq.exe
2010-12-02 19:04 . 2010-12-02 19:03 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7q6l71f.exe
2010-12-02 19:04 . 2010-12-02 19:03 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ka038kfkaaf.exe
2010-12-02 19:04 . 2010-12-02 19:03 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aa6v81fq.exe
2010-12-02 18:53 . 2010-12-02 18:53 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aavkkfvka.exe
2010-12-02 18:53 . 2010-12-02 18:53 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\p6aavkvpp6.exe
2010-12-02 18:53 . 2010-12-02 18:53 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kk1vvppkaav.exe
2010-12-02 18:53 . 2010-12-02 18:53 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kk0ffap9k0.exe
2010-12-01 16:26 . 2010-12-01 16:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\k7fav98qk.exe
2010-12-01 16:26 . 2010-12-01 16:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kffaq0k0faa.exe
2010-12-01 16:26 . 2010-12-01 16:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\faqqkkfvvq.exe
2010-12-01 10:31 . 2010-12-01 10:31 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lg0a0vqql1g.exe
2010-12-01 10:31 . 2010-12-01 10:31 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qllgv9q0lg.exe
2010-12-01 10:31 . 2010-12-01 10:31 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\6qqla0q.exe
2010-12-01 10:31 . 2010-12-01 10:31 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aavvq7lg.exe
2010-11-30 14:23 . 2010-11-30 14:23 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\q6kkfv5q.exe
2010-11-30 14:23 . 2010-11-30 14:23 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kf5a2qkaa1k.exe
2010-11-30 14:23 . 2010-11-30 14:23 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\k3kkfv98qkf.exe
2010-11-29 06:37 . 2010-11-29 06:36 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qkf9a0vq0k0.exe
2010-11-29 06:37 . 2010-11-29 06:36 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\qqkf9a0vq.exe
2010-11-29 06:37 . 2010-11-29 06:36 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kkfv5q1faq.exe
2010-11-28 11:03 . 2010-11-28 11:03 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kfvv1ffaavk.exe
2010-11-28 11:03 . 2010-11-28 11:03 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\5p6kfaa.exe
2010-11-28 11:03 . 2010-11-28 11:03 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\5a1pkaa.exe
2010-11-28 10:04 . 2010-11-28 10:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\l98gav9q0lg.exe
2010-11-28 10:04 . 2010-11-28 10:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avl98gav9q0.exe
2010-11-28 10:04 . 2010-11-28 10:04 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\g6avqq7lg.exe
2010-11-28 10:04 . 2010-11-28 10:04 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1llggaq.exe
2010-11-27 18:40 . 2010-11-27 18:39 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\f2a5v6qk.exe
2010-11-27 18:40 . 2010-11-27 18:39 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\avv5akaaq.exe
2010-11-27 18:40 . 2010-11-27 18:39 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\4kqa5k1.exe
2010-11-27 18:40 . 2010-11-27 18:39 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\0f6vf91.exe
2010-11-27 17:56 . 2010-11-27 17:55 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ffkv1aaavq.exe
2010-11-27 17:56 . 2010-11-27 17:56 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\3f2a9qa.exe
2010-11-27 17:56 . 2010-11-27 17:56 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fakff6vf.exe
2010-11-27 17:56 . 2010-11-27 17:55 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kf5a2qkk2qq.exe
2010-11-26 22:26 . 2010-11-26 22:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vp9k0faav1p.exe
2010-11-26 22:26 . 2010-11-26 22:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\p9k0faav.exe
2010-11-26 22:26 . 2010-11-26 22:26 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fvv1ffaav.exe
2010-11-26 22:26 . 2010-11-26 22:26 50688 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\kkfvkaa1k.exe
2010-11-26 10:13 . 2010-11-26 10:13 42496 --sha-r- c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\aafkfvkvv.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-22 06:45 . 2009-08-27 02:21 45056 ----a-w- c:\windows\system32\acovcnt.exe
2008-12-17 22:25 . 2010-07-19 17:53 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2008-12-17 22:25 . 2010-07-19 17:53 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-17 22:25 . 2010-07-19 17:53 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2008-12-17 22:25 . 2010-07-19 17:53 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2008-12-17 22:25 . 2010-07-19 17:53 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 20:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-27 39408]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-10-27 133432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2008-07-19 104936]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-15 13736480]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-03-30 424864]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2008-09-30 237568]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-03-04 8392704]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-03-24 7289376]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2009-04-07 159744]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-08-27 47672]
"ADSMTray"="c:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-04-01 266240]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2008-10-01 851968]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-12-03 35184]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"SDP"="c:\program files\FaceSmooch Toolbar\update_checker.exe" [2010-06-27 131584]
c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
0f6vf91.exe [2010-11-27 50688]
1aq0k0f.exe [2010-12-2 42496]
1llggaq.exe [2010-11-28 50688]
1ppff2a.exe [2010-12-6 50688]
1qf9a0v.exe [2010-11-22 43008]
1va7ava.exe [2010-12-4 50688]
2av5q1f.exe [2010-11-22 43008]
2ffappk.exe [2010-12-6 50688]
2ql5vaq.exe [2010-12-6 50688]
2vvqffa.exe [2010-11-22 43008]
38kfvka.exe [2010-12-6 50688]
3f2a9qa.exe [2010-11-27 42496]
4kqa5k1.exe [2010-11-27 50688]
5a1pkaa.exe [2010-11-28 50688]
5afaffv.exe [2010-11-22 43008]
5p6kfaa.exe [2010-11-28 42496]
6kkfv5q.exe [2010-12-2 50688]
6llfv5q.exe [2010-11-22 43008]
6qqk2av.exe [2010-11-23 43008]
6qqla0q.exe [2010-12-1 42496]
6te0ttj.exe [2010-11-21 43008]
7kav1f0.exe [2010-12-6 42496]
7q6l71f.exe [2010-12-2 42496]
7vpkk7f.exe [2010-12-5 50688]
8av1pkk.exe [2010-12-5 50688]
8kfvkaa.exe [2010-12-3 50688]
9aavp9k.exe [2010-12-3 50688]
9qavqqv.exe [2010-11-22 43008]
a0qvgavvll.exe [2010-12-6 50688]
a2qlaa1llf.exe [2010-11-22 43008]
a7vpkk7fa.exe [2010-12-6 50688]
a7vq1qkkf.exe [2010-12-2 50688]
aa2avkk1.exe [2010-11-22 43008]
aa2avkk1kf.exe [2010-11-22 43008]
aa3fvvla0qq.exe [2010-12-2 42496]
aa6qka6vvf.exe [2010-12-2 50688]
aa6v81fq.exe [2010-12-2 50688]
aa7vqkkq.exe [2010-12-2 42496]
aafkfvkvv.exe [2010-11-26 42496]
aavkkfvka.exe [2010-12-2 50688]
aavvq7lg.exe [2010-12-1 50688]
afk7vvqkkfv.exe [2010-11-22 43008]
akfaa7vpk.exe [2010-12-2 50688]
akvkkfvv.exe [2010-12-6 50688]
ap9k0faakf.exe [2010-12-2 42496]
aqq1qkkfv.exe [2010-11-22 43008]
aqqkaav1qk.exe [2010-11-23 43008]
avk4fvvq.exe [2010-12-2 42496]
avkaa1k0ff.exe [2010-12-6 50688]
avkk1vvppka.exe [2010-12-5 42496]
avkk1vvq0qa.exe [2010-11-23 43008]
avl98gav9q0.exe [2010-11-28 50688]
avp9k0avvp5.exe [2010-12-6 50688]
avqqvkq2v5.exe [2010-12-2 42496]
avv1ffaa.exe [2010-12-6 42496]
avv5akaaq.exe [2010-11-27 50688]
avvqffaav.exe [2010-11-22 43008]
bb1llggbqql.exe [2010-12-6 50688]
bvvq2gbqq1b.exe [2010-12-6 42496]
cc7xs7ni1ic.exe [2010-11-23 43008]
ccxncss1c.exe [2010-11-23 43008]
f2a5v6qk.exe [2010-11-27 42496]
f2avkk1v.exe [2010-12-6 50688]
f5a2qkaa1.exe [2010-11-23 43008]
f6ppk2ppf.exe [2010-12-3 42496]
f6qqlaavll.exe [2010-11-22 43008]
f9a0vq0k.exe [2010-11-23 43008]
faa7kkff.exe [2010-12-3 50688]
faav1pkkf.exe [2010-12-4 42496]
fakff6vf.exe [2010-11-27 50688]
faq0k0faa.exe [2010-11-22 43008]
faq6kkfkvq.exe [2010-12-2 50688]
faqqkkfvvq.exe [2010-12-1 50688]
fav5pffa.exe [2010-12-6 50688]
fav5q1fa.exe [2010-11-22 43008]
ff1akqfa.exe [2010-11-26 50688]
ff6qqla5.exe [2010-11-22 43008]
ffaavkkfvf.exe [2010-12-2 50688]
ffavkaa1k.exe [2010-12-3 42496]
ffavkffv.exe [2010-12-6 50688]
ffavvp5fa.exe [2010-12-6 50688]
ffavvqkkfv.exe [2010-11-22 43008]
ffkv1aaavq.exe [2010-11-27 42496]
fv5pffkkfav.exe [2010-12-6 50688]
fv5q1faqqkk.exe [2010-11-24 43008]
fvv1ffaav.exe [2010-11-26 42496]
fvvqqkaav1.exe [2010-11-24 43008]
g6avqq7lg.exe [2010-11-28 42496]
ggbvv6ql.exe [2010-12-6 50688]
gqqllq7a1g.exe [2010-11-23 43008]
jjejjoyjj2e.exe [2010-11-21 43008]
k0faav1f.exe [2010-12-6 50688]
k0faav6app.exe [2010-12-6 42496]
k0ffap9k0.exe [2010-12-3 50688]
k3kkfv98qkf.exe [2010-11-30 50688]
k7fav98qk.exe [2010-12-1 50688]
ka038kfkaaf.exe [2010-12-2 50688]
kaa1k0ffap9.exe [2010-12-2 50688]
kaavpp1p.exe [2010-12-6 50688]
kf5a1pkkf2a.exe [2010-12-6 50688]
kf5a2qkaa1k.exe [2010-11-30 50688]
kf5a2qkaq.exe [2010-11-23 43008]
kf5a2qkk2qq.exe [2010-11-27 50688]
kf9a0vq0k0f.exe [2010-11-22 43008]
kf9aavp9k0.exe [2010-12-5 50688]
kfaa7k1vvp.exe [2010-12-6 50688]
kffakqka2.exe [2010-11-26 50688]
kffapvppkaa.exe [2010-12-6 42496]
kffaq0k0faa.exe [2010-12-1 50688]
kfvv1ffaavk.exe [2010-11-28 50688]
kfvvpk0k.exe [2010-12-6 42496]
kk0ffap9k0.exe [2010-12-2 50688]
kk1vvppkaav.exe [2010-12-2 42496]
kkfv0k1faq.exe [2010-12-2 50688]
kkfv5q1faq.exe [2010-11-29 50688]
kkfv98qk.exe [2010-12-2 42496]
kkfvkaa1k.exe [2010-11-26 50688]
kkfvvpf9a.exe [2010-12-4 50688]
l98gav9q0lg.exe [2010-11-28 50688]
lg0a0vqql1g.exe [2010-12-1 42496]
lglvqqllaga.exe [2010-12-4 50688]
ll2gbqq1bbv.exe [2010-12-6 50688]
llaqlggqav.exe [2010-11-24 43008]
lv4q0gvgg.exe [2010-12-6 50688]
nn1hcss1cc.exe [2010-11-23 43008]
p6aavkkfvv.exe [2010-12-5 50688]
p6aavkvpp6.exe [2010-12-2 50688]
p9k0faav.exe [2010-11-26 50688]
paa1k0ffa.exe [2010-12-6 42496]
ppk2avkk1.exe [2010-12-2 50688]
ppkf9a0vq.exe [2010-12-6 50688]
q6kkfv5q.exe [2010-11-30 42496]
qf9a0vq0va7.exe [2010-12-2 50688]
qg0332g9.exe [2010-11-23 43008]
qgga40qav.exe [2010-12-4 42496]
qk4fvvqf.exe [2010-11-24 43008]
qk4fvvqffa.exe [2010-11-22 43008]
qkf9a0vq0k0.exe [2010-11-29 42496]
qllgv9q0lg.exe [2010-12-1 50688]
qlq76gaq.exe [2010-11-24 43008]
qlqq6gaq6ll.exe [2010-11-24 43008]
qqkf9a0vq.exe [2010-11-29 50688]
sh9c0xssn1i.exe [2010-11-23 43008]
tdy0dojd.exe [2010-11-25 50688]
teoyy1ytyty.exe [2010-11-21 43008]
teyeoj6y.exe [2010-11-21 43008]
uuppu7ffzp.exe [2010-11-24 43008]
v1qkkfv3f.exe [2010-11-23 43008]
v1qkkfv3f2.exe [2010-11-23 43008]
v5pffapp.exe [2010-12-5 50688]
v76kpkkpka.exe [2010-12-6 50688]
va76qkakfa.exe [2010-12-2 50688]
vavagq4lv.exe [2010-11-23 43008]
vk0ffap9k0.exe [2010-12-5 50688]
vk5kaav5pff.exe [2010-12-4 50688]
vkkf2avkk1v.exe [2010-12-6 50688]
vkkfv98qkf9.exe [2010-12-2 42496]
vkkfvv1ffaa.exe [2010-12-4 50688]
vp9k0faav1p.exe [2010-11-26 50688]
vpf9a0vq.exe [2010-12-6 42496]
vpkk7favvp5.exe [2010-12-3 50688]
vq0k0fffa.exe [2010-11-23 43008]
vqffaavkkf.exe [2010-11-24 43008]
vqk1vavv.exe [2010-11-26 50688]
vqkkffa7vq1.exe [2010-11-24 43008]
vqvq1gqq.exe [2010-12-4 50688]
vv1pkaa1k0.exe [2010-12-6 50688]
vv98qkf9a0.exe [2010-11-23 43008]
vvp5faavpp6.exe [2010-12-6 42496]
vvpfqkk1.exe [2010-12-2 50688]
vvpkk7fav.exe [2010-12-3 50688]
vvq1qkkf.exe [2010-11-22 43008]
vvqffaavqff.exe [2010-11-23 43008]
vvqvqvg4q.exe [2010-12-6 42496]
yeoyy1ty7.exe [2010-11-25 42496]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{A9FEB6D7-9C52-49FC-B956-7AB275B78890}\_5598CE641C54B66A23693F.exe [2009-8-27 12862]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\Drivers\NIS\1008000.029\BHDrvx86.sys [2010-01-20 259632]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-19 135664]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NIS\1008000.029\SYMNDISV.SYS [2010-01-20 48688]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-04 691696]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1008000.029\SYMEFA.SYS [2010-01-20 310320]
S1 aswSP;aswSP; [x]
S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\NIS\1008000.029\ccHPx86.sys [2010-07-21 482432]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20101015.003\IDSvix86.sys [2010-10-13 353840]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-06-21 246584]
S2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [2010-01-20 117640]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-04-07 70880]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-03-30 129536]
S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\srs_PremiumSound_i386.sys [2009-04-01 233128]
.
Obsah adresáře 'Naplánované úlohy'
2010-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-19 19:46]
2010-12-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-19 19:46]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/sm
mStart Page = hxxp://www.bigseekpro.com/facesmooch/{D08F7ECE ... B4E7FA7BD7}
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
FF - ProfilePath - c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\2pqxe4mp.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/sm
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=PTV&o=15184&locale=en_US&apn_uid=A14751A4-2605-48AA-8534-693B0E8E5522&apn_ptnrs=RY&apn_sauid=08062088-3DEB-42ED-8915-F0C70E423DD6&apn_dtid=YYYYYYYYCZ&q=
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\2pqxe4mp.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-Run-BitTorrent DNA - c:\users\Asus\Program Files\DNA\btdna.exe
HKCU-Run-hunoucuj - c:\users\Asus\AppData\Roaming\Microsoft\joomaquoo.exe
HKCU-Run-Regedit32 - c:\windows\system32\regedit.exe
HKLM-Run-DisableS3S4 - c:\DisableS3S4.cmd
AddRemove-BitTorrent DNA - c:\users\Asus\Program Files\DNA\btdna.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-06 19:20
Windows 6.0.6001 Service Pack 1 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Sidebar = c:\program files\Windows Sidebar\sidebar.exe /autoRun?????????????????????????????????????????????????x?????????????????l?%Program
skenování skrytých souborů ...
C:\ADSM_PData_0150
sken byl úspešně dokončen
skryté soubory: 1
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.8.0.41\diMaster.dll\" /prefetch:1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'lsass.exe'(600)
c:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
.
Celkový čas: 2010-12-06 19:21:49
ComboFix-quarantined-files.txt 2010-12-06 18:21
Před spuštěním: Volných bajtů: 156 504 027 136
Po spuštění: Volných bajtů: 157 919 825 920
- - End Of File - - 35970F1D7FB665E04302E9D7A7DA0BD5
-
Rudy
- Site Admin
- Příspěvky: 119429
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolo logu, pocitat zpomaleny
Ještě dočistíme:
1. Otevřte poznámkový blok a zkopírujte do něj:
2. Otevřte adresář c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ a smažte veškerý jeho obsah.
1. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.Collect::
c:\windows\system32\acovcnt.exe
2. Otevřte adresář c:\users\Asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ a smažte veškerý jeho obsah.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?