
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pls kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
- Návštěvník
- Příspěvky: 51
- Registrován: 08 úno 2005 13:11
- Bydliště: Zlín
- Kontaktovat uživatele:
Pls kontrola logu
Dobrý den, stalo se mi něco podobného již na 2.počítači. Asi vir ze zahraničí z flash disku.
Snažil jsem se to zde řešit stejně, jako v 1. případě. Spustil jsem ComboFix, jenže ten hlásil AVG přítomné. Tak jsem jej ODINSTALOVAL. Pak se Combo Fix rozjel, ale píše NIRCMDC a MTEE že není názvem vnitř. ani vnějš. příkazu... a Combo Fix dál nepracuje.
Logfile of random's system information tool 1.08 (written by random/random)
Run by zbr at 2011-01-18 09:04:46
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 42 GB (52%) free of 82 GB
Total RAM: 3291 MB (56% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\One-Click Tweak.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-01-12 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-01-12 178712]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-01-12 154136]
"picon"=C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-02-19 796184]
"ChangeTPMAuth"=C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe [2009-02-26 184320]
"WavXMgr"=C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2008-12-22 134144]
"SecureUpgrade"=C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [2009-04-22 656696]
"EmbassySecurityCheck"=C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe [2009-04-22 95544]
"DellControlPoint"=C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [2009-03-19 667648]
"USCService"=C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [2009-04-22 15360]
"DellConnectionManager"=C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe [2009-04-10 1810432]
"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2009-02-04 128232]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2007-03-14 520192]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2009-05-27 90112]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-09-01 1310720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2010-11-24 2155832]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2009-03-11 2912256]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Správce systému Dell ControlPoint System Manager.lnk - C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-01-12 221184]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-01-18 09:04:47 ----D---- C:\Program Files\trend micro
2011-01-18 09:04:46 ----D---- C:\rsit
2011-01-18 08:57:03 ----SD---- C:\ComboFix
2011-01-18 08:56:47 ----A---- C:\Windows\SWXCACLS.exe
2011-01-18 08:40:40 ----D---- C:\Program Files\Advanced PC Tweaker
2011-01-17 17:03:30 ----A---- C:\Windows\PEV.exe
2011-01-17 17:03:30 ----A---- C:\Windows\MBR.exe
2011-01-17 16:16:23 ----D---- C:\Windows\temp
2011-01-17 16:15:38 ----A---- C:\Windows\zip.exe
2011-01-17 16:15:38 ----A---- C:\Windows\SWSC.exe
2011-01-17 16:15:38 ----A---- C:\Windows\SWREG.exe
2011-01-17 16:15:38 ----A---- C:\Windows\sed.exe
2011-01-17 16:15:38 ----A---- C:\Windows\NIRCMD.exe
2011-01-17 16:15:38 ----A---- C:\Windows\grep.exe
2011-01-17 16:15:10 ----A---- C:\Windows\system32\CF6133.exe
2011-01-17 16:14:52 ----A---- C:\Windows\system32\swsc.exe
2011-01-17 16:03:47 ----A---- C:\Windows\system32\sdclt.exe
2011-01-17 15:59:01 ----A---- C:\Windows\system32\lsdelete.exe
2011-01-17 14:51:46 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2011-01-17 14:17:38 ----A---- C:\Windows\system32\drivers\Lbd.sys
2011-01-17 14:15:44 ----HDC---- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2011-01-17 14:15:27 ----D---- C:\ProgramData\Lavasoft
2011-01-17 14:15:27 ----D---- C:\Program Files\Lavasoft
2011-01-12 17:30:48 ----A---- C:\Windows\system32\odbc32.dll
2010-12-29 15:44:53 ----A---- C:\Windows\system32\msxml6.dll
2010-12-29 09:26:25 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-12-29 09:26:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-12-22 09:35:02 ----D---- C:\Windows\ERDNT
2010-12-22 09:34:47 ----D---- C:\Qoobox
2010-12-20 08:24:30 ----A---- C:\Windows\system32\win32k.sys
2010-12-20 08:23:55 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-20 08:23:55 ----A---- C:\Windows\system32\taskschd.dll
2010-12-20 08:23:55 ----A---- C:\Windows\system32\taskeng.exe
2010-12-20 08:23:55 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-20 08:23:55 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-20 08:23:35 ----A---- C:\Windows\system32\consent.exe
2010-12-20 08:23:19 ----A---- C:\Windows\system32\fontsub.dll
2010-12-20 08:23:19 ----A---- C:\Windows\system32\atmlib.dll
2010-12-20 08:23:19 ----A---- C:\Windows\system32\atmfd.dll
2010-12-20 08:22:43 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-20 08:22:42 ----A---- C:\Windows\system32\occache.dll
2010-12-20 08:22:42 ----A---- C:\Windows\system32\mstime.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\ieui.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\iesetup.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\iepeers.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\wininet.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-20 08:22:40 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iertutil.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iernonce.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-20 08:22:39 ----A---- C:\Windows\system32\urlmon.dll
2010-12-20 08:22:39 ----A---- C:\Windows\system32\mshtml.dll
2010-12-20 08:22:39 ----A---- C:\Windows\system32\ieframe.dll
2010-12-20 08:21:06 ----A---- C:\Windows\system32\msshsq.dll
======List of files/folders modified in the last 1 months======
2011-01-18 09:04:47 ----RD---- C:\Program Files
2011-01-18 09:03:29 ----D---- C:\Windows\System32
2011-01-18 09:03:29 ----D---- C:\Windows\inf
2011-01-18 09:03:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-18 08:41:01 ----D---- C:\Windows\Tasks
2011-01-18 08:41:01 ----D---- C:\Windows\system32\Tasks
2011-01-18 08:37:43 ----D---- C:\Windows\system32\drivers
2011-01-18 08:35:18 ----D---- C:\Windows
2011-01-18 08:28:46 ----D---- C:\Windows\system32\catroot2
2011-01-18 08:16:25 ----A---- C:\Windows\system32\log.txt
2011-01-17 16:57:21 ----SHD---- C:\System Volume Information
2011-01-17 16:57:17 ----SD---- C:\Users\zbr\AppData\Roaming\Microsoft
2011-01-17 16:57:15 ----HD---- C:\ProgramData
2011-01-17 16:57:15 ----D---- C:\ProgramData\avg9
2011-01-17 16:37:43 ----D---- C:\Windows\system32\WDI
2011-01-17 16:15:10 ----D---- C:\Windows\system32\cs-CZ
2011-01-17 16:09:33 ----D---- C:\Windows\Prefetch
2011-01-17 16:04:03 ----D---- C:\Windows\winsxs
2011-01-17 16:03:54 ----D---- C:\Windows\system32\catroot
2011-01-17 14:17:38 ----DC---- C:\Windows\system32\DRVSTORE
2011-01-17 14:15:44 ----SHD---- C:\Windows\Installer
2011-01-13 14:35:22 ----D---- C:\Program Files\ICQ7.2
2011-01-12 17:30:46 ----D---- C:\ProgramData\Microsoft Help
2011-01-12 09:15:09 ----D---- C:\ProgramData\ArcSoft
2010-12-20 09:15:46 ----HD---- C:\Windows\system32\dwrcssft
2010-12-20 09:06:49 ----D---- C:\Windows\system32\migration
2010-12-20 09:06:49 ----D---- C:\Program Files\Windows Mail
2010-12-20 09:06:49 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2009-01-20 328728]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-12-03 64288]
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys [2008-06-04 26608]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-07-26 43872]
R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver; C:\Windows\system32\DRIVERS\dwvkbd.sys [2007-02-15 26624]
R2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2007-03-14 41984]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-03-14 5120]
R2 WavxDMgr;WavxDMgr; C:\Windows\system32\DRIVERS\WavxDMgr.sys [2009-04-22 205624]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2008-09-01 382976]
R3 DwMirror;DwMirror; C:\Windows\system32\DRIVERS\DamewareMini.sys [2007-02-07 3712]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k6032.sys [2008-12-30 165984]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-05-05 40832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-01-12 2476544]
R3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-10 15872]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 mod7700;WinFast based TV tuner device; C:\Windows\system32\DRIVERS\mod7700.sys [2007-10-03 553344]
S3 MODRC;WinFast TV Dongle With Infrared Receiver; C:\Windows\system32\DRIVERS\modrc.sys [2007-07-11 13824]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw32.sys [2008-05-23 30816]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 NvtSp50;NvtSp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\NvtSp50.sys []
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 RkHit;RkHit; \??\C:\Windows\system32\drivers\RKHit.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2008-05-02 8064]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-10 27648]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-29 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 ASFAgent;ASF Agent; C:\Program Files\Intel\ASF Agent\ASFAgent.exe [2007-04-19 133968]
R2 avgagent;AVG Remote Support Service (AvgAgent); avgagent.exe /srvfsys []
R2 DWMRCS;DameWare Mini Remote Control; C:\Windows\system32\DWRCS.EXE [2010-08-06 242200]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2009-02-19 174616]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SMManager;Smith Micro Connection Manager Service; C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [2009-04-10 77824]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2009-04-22 1703936]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-02-19 2066968]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-01-17 1402272]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.29 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2008-11-12 1273856]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-10-24 145248]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2008-12-12 638976]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
-----------------EOF-----------------
Snažil jsem se to zde řešit stejně, jako v 1. případě. Spustil jsem ComboFix, jenže ten hlásil AVG přítomné. Tak jsem jej ODINSTALOVAL. Pak se Combo Fix rozjel, ale píše NIRCMDC a MTEE že není názvem vnitř. ani vnějš. příkazu... a Combo Fix dál nepracuje.
Logfile of random's system information tool 1.08 (written by random/random)
Run by zbr at 2011-01-18 09:04:46
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 42 GB (52%) free of 82 GB
Total RAM: 3291 MB (56% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\One-Click Tweak.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-01-12 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-01-12 178712]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-01-12 154136]
"picon"=C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-02-19 796184]
"ChangeTPMAuth"=C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe [2009-02-26 184320]
"WavXMgr"=C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2008-12-22 134144]
"SecureUpgrade"=C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [2009-04-22 656696]
"EmbassySecurityCheck"=C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe [2009-04-22 95544]
"DellControlPoint"=C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [2009-03-19 667648]
"USCService"=C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [2009-04-22 15360]
"DellConnectionManager"=C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe [2009-04-10 1810432]
"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2009-02-04 128232]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2007-03-14 520192]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2009-05-27 90112]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-09-01 1310720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2010-11-24 2155832]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2009-03-11 2912256]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Správce systému Dell ControlPoint System Manager.lnk - C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-01-12 221184]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2011-01-18 09:04:47 ----D---- C:\Program Files\trend micro
2011-01-18 09:04:46 ----D---- C:\rsit
2011-01-18 08:57:03 ----SD---- C:\ComboFix
2011-01-18 08:56:47 ----A---- C:\Windows\SWXCACLS.exe
2011-01-18 08:40:40 ----D---- C:\Program Files\Advanced PC Tweaker
2011-01-17 17:03:30 ----A---- C:\Windows\PEV.exe
2011-01-17 17:03:30 ----A---- C:\Windows\MBR.exe
2011-01-17 16:16:23 ----D---- C:\Windows\temp
2011-01-17 16:15:38 ----A---- C:\Windows\zip.exe
2011-01-17 16:15:38 ----A---- C:\Windows\SWSC.exe
2011-01-17 16:15:38 ----A---- C:\Windows\SWREG.exe
2011-01-17 16:15:38 ----A---- C:\Windows\sed.exe
2011-01-17 16:15:38 ----A---- C:\Windows\NIRCMD.exe
2011-01-17 16:15:38 ----A---- C:\Windows\grep.exe
2011-01-17 16:15:10 ----A---- C:\Windows\system32\CF6133.exe
2011-01-17 16:14:52 ----A---- C:\Windows\system32\swsc.exe
2011-01-17 16:03:47 ----A---- C:\Windows\system32\sdclt.exe
2011-01-17 15:59:01 ----A---- C:\Windows\system32\lsdelete.exe
2011-01-17 14:51:46 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2011-01-17 14:17:38 ----A---- C:\Windows\system32\drivers\Lbd.sys
2011-01-17 14:15:44 ----HDC---- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2011-01-17 14:15:27 ----D---- C:\ProgramData\Lavasoft
2011-01-17 14:15:27 ----D---- C:\Program Files\Lavasoft
2011-01-12 17:30:48 ----A---- C:\Windows\system32\odbc32.dll
2010-12-29 15:44:53 ----A---- C:\Windows\system32\msxml6.dll
2010-12-29 09:26:25 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-12-29 09:26:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-12-22 09:35:02 ----D---- C:\Windows\ERDNT
2010-12-22 09:34:47 ----D---- C:\Qoobox
2010-12-20 08:24:30 ----A---- C:\Windows\system32\win32k.sys
2010-12-20 08:23:55 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-20 08:23:55 ----A---- C:\Windows\system32\taskschd.dll
2010-12-20 08:23:55 ----A---- C:\Windows\system32\taskeng.exe
2010-12-20 08:23:55 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-20 08:23:55 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-20 08:23:35 ----A---- C:\Windows\system32\consent.exe
2010-12-20 08:23:19 ----A---- C:\Windows\system32\fontsub.dll
2010-12-20 08:23:19 ----A---- C:\Windows\system32\atmlib.dll
2010-12-20 08:23:19 ----A---- C:\Windows\system32\atmfd.dll
2010-12-20 08:22:43 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-20 08:22:42 ----A---- C:\Windows\system32\occache.dll
2010-12-20 08:22:42 ----A---- C:\Windows\system32\mstime.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\ieui.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\iesetup.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\iepeers.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\wininet.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-20 08:22:40 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iertutil.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iernonce.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-20 08:22:39 ----A---- C:\Windows\system32\urlmon.dll
2010-12-20 08:22:39 ----A---- C:\Windows\system32\mshtml.dll
2010-12-20 08:22:39 ----A---- C:\Windows\system32\ieframe.dll
2010-12-20 08:21:06 ----A---- C:\Windows\system32\msshsq.dll
======List of files/folders modified in the last 1 months======
2011-01-18 09:04:47 ----RD---- C:\Program Files
2011-01-18 09:03:29 ----D---- C:\Windows\System32
2011-01-18 09:03:29 ----D---- C:\Windows\inf
2011-01-18 09:03:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-18 08:41:01 ----D---- C:\Windows\Tasks
2011-01-18 08:41:01 ----D---- C:\Windows\system32\Tasks
2011-01-18 08:37:43 ----D---- C:\Windows\system32\drivers
2011-01-18 08:35:18 ----D---- C:\Windows
2011-01-18 08:28:46 ----D---- C:\Windows\system32\catroot2
2011-01-18 08:16:25 ----A---- C:\Windows\system32\log.txt
2011-01-17 16:57:21 ----SHD---- C:\System Volume Information
2011-01-17 16:57:17 ----SD---- C:\Users\zbr\AppData\Roaming\Microsoft
2011-01-17 16:57:15 ----HD---- C:\ProgramData
2011-01-17 16:57:15 ----D---- C:\ProgramData\avg9
2011-01-17 16:37:43 ----D---- C:\Windows\system32\WDI
2011-01-17 16:15:10 ----D---- C:\Windows\system32\cs-CZ
2011-01-17 16:09:33 ----D---- C:\Windows\Prefetch
2011-01-17 16:04:03 ----D---- C:\Windows\winsxs
2011-01-17 16:03:54 ----D---- C:\Windows\system32\catroot
2011-01-17 14:17:38 ----DC---- C:\Windows\system32\DRVSTORE
2011-01-17 14:15:44 ----SHD---- C:\Windows\Installer
2011-01-13 14:35:22 ----D---- C:\Program Files\ICQ7.2
2011-01-12 17:30:46 ----D---- C:\ProgramData\Microsoft Help
2011-01-12 09:15:09 ----D---- C:\ProgramData\ArcSoft
2010-12-20 09:15:46 ----HD---- C:\Windows\system32\dwrcssft
2010-12-20 09:06:49 ----D---- C:\Windows\system32\migration
2010-12-20 09:06:49 ----D---- C:\Program Files\Windows Mail
2010-12-20 09:06:49 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2009-01-20 328728]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-12-03 64288]
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys [2008-06-04 26608]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-07-26 43872]
R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver; C:\Windows\system32\DRIVERS\dwvkbd.sys [2007-02-15 26624]
R2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2007-03-14 41984]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-03-14 5120]
R2 WavxDMgr;WavxDMgr; C:\Windows\system32\DRIVERS\WavxDMgr.sys [2009-04-22 205624]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2008-09-01 382976]
R3 DwMirror;DwMirror; C:\Windows\system32\DRIVERS\DamewareMini.sys [2007-02-07 3712]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k6032.sys [2008-12-30 165984]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-05-05 40832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-01-12 2476544]
R3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-10 15872]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 mod7700;WinFast based TV tuner device; C:\Windows\system32\DRIVERS\mod7700.sys [2007-10-03 553344]
S3 MODRC;WinFast TV Dongle With Infrared Receiver; C:\Windows\system32\DRIVERS\modrc.sys [2007-07-11 13824]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw32.sys [2008-05-23 30816]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 NvtSp50;NvtSp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\NvtSp50.sys []
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 RkHit;RkHit; \??\C:\Windows\system32\drivers\RKHit.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2008-05-02 8064]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-10 27648]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-29 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 ASFAgent;ASF Agent; C:\Program Files\Intel\ASF Agent\ASFAgent.exe [2007-04-19 133968]
R2 avgagent;AVG Remote Support Service (AvgAgent); avgagent.exe /srvfsys []
R2 DWMRCS;DameWare Mini Remote Control; C:\Windows\system32\DWRCS.EXE [2010-08-06 242200]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2009-02-19 174616]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SMManager;Smith Micro Connection Manager Service; C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [2009-04-10 77824]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2009-04-22 1703936]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-02-19 2066968]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-01-17 1402272]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.29 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2008-11-12 1273856]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-10-24 145248]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2008-12-12 638976]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
-----------------EOF-----------------
-
- Návštěvník
- Příspěvky: 51
- Registrován: 08 úno 2005 13:11
- Bydliště: Zlín
- Kontaktovat uživatele:
Re: Pls kontrola logu
Ještě dodám, že jsem na webu našel na opravu toho NIRCMDC program Advanced PC Tweaker, spoušztím jej opakovaně, zpočátku to našlo cca 600 empty reg keys a pár invalid file associations, nyní už tam zůsávají 4-5 reg. keys a 2x invalid file association a to už program neumí opravit
Re: Pls kontrola logu
Hezké dopoledne
Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken
NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.


-Nainstalujte,dejte úplný sken
NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data

Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
- Návštěvník
- Příspěvky: 51
- Registrován: 08 úno 2005 13:11
- Bydliště: Zlín
- Kontaktovat uživatele:
Re: Pls kontrola logu
Tak k velkému úžasu log čistý!!!
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 5544
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999
2011-01-18 10:18:36
mbam-log-2011-01-18 (10-18-36).txt
Typ kontroly: Úplný test (C:\|D:\|G:\|)
Testované objekty: 279497
Uplynulý čas: 24 minut, 30 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Verze databáze: 5544
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18999
2011-01-18 10:18:36
mbam-log-2011-01-18 (10-18-36).txt
Typ kontroly: Úplný test (C:\|D:\|G:\|)
Testované objekty: 279497
Uplynulý čas: 24 minut, 30 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
-
- Návštěvník
- Příspěvky: 51
- Registrován: 08 úno 2005 13:11
- Bydliště: Zlín
- Kontaktovat uživatele:
Re: Pls kontrola logu
Takže vůbec nevím co dál 

Re: Pls kontrola logu

http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech


Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill COM:
http://download.bleepingcomputer.com/grinler/rkill.com
Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif
-spusťte ho a nechejte pracovat. Sám se ukončí.
-



http://www.bleepingcomputer.com/combofi ... t-combofix
-přejmenujte combofix na kočka.com
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data

Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
- Návštěvník
- Příspěvky: 51
- Registrován: 08 úno 2005 13:11
- Bydliště: Zlín
- Kontaktovat uživatele:
Re: Pls kontrola logu
Tak všechny problémy co byly jsou pryč
Jen ten Advanced PC Tweaker po každém scannu najde cca 40-80 chyb (empty register keys) a stále nachází přesně 2 invalid file association. Jinak ale vše gunguje ok.
Logfile of random's system information tool 1.08 (written by random/random)
Run by zbr at 2011-01-18 12:27:55
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 41 GB (50%) free of 82 GB
Total RAM: 3291 MB (52% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\One-Click Tweak.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2010-11-22 2732896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-01-12 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-01-12 178712]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-01-12 154136]
"picon"=C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-02-19 796184]
"ChangeTPMAuth"=C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe [2009-02-26 184320]
"WavXMgr"=C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2008-12-22 134144]
"SecureUpgrade"=C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [2009-04-22 656696]
"EmbassySecurityCheck"=C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe [2009-04-22 95544]
"DellControlPoint"=C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [2009-03-19 667648]
"USCService"=C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [2009-04-22 15360]
"DellConnectionManager"=C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe [2009-04-10 1810432]
"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2009-02-04 128232]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2007-03-14 520192]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2009-05-27 90112]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-09-01 1310720]
"combofix"=C:\kočka.com20464k\CF12.cfxxe [2011-01-18 318976]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2010-10-22 2745696]
"DameWare MRC Agent"=C:\Windows\system32\DWRCST.exe [2010-08-06 85528]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"combofix"=C:\kočka.com20464k\CF12.cfxxe [2011-01-18 318976]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2010-11-24 2155832]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2009-03-11 2912256]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Správce systému Dell ControlPoint System Manager.lnk - C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-01-12 221184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2011-01-18 12:27:55 ----D---- C:\rsit
2011-01-18 12:04:14 ----HD---- C:\ProgramData\Common Files
2011-01-18 12:03:25 ----D---- C:\Windows\system32\drivers\AVG
2011-01-18 12:03:25 ----D---- C:\ProgramData\AVG10
2011-01-18 11:20:02 ----D---- C:\Windows\temp
2011-01-18 11:14:46 ----SD---- C:\kočka.com20464k
2011-01-18 11:14:02 ----A---- C:\Windows\SWXCACLS.exe
2011-01-18 11:11:12 ----ASH---- C:\hiberfil.sys
2011-01-18 11:04:37 ----A---- C:\Windows\zip.exe
2011-01-18 11:04:37 ----A---- C:\Windows\SWSC.exe
2011-01-18 11:04:37 ----A---- C:\Windows\SWREG.exe
2011-01-18 11:04:37 ----A---- C:\Windows\sed.exe
2011-01-18 11:04:37 ----A---- C:\Windows\PEV.exe
2011-01-18 11:04:37 ----A---- C:\Windows\NIRCMD.exe
2011-01-18 11:04:37 ----A---- C:\Windows\MBR.exe
2011-01-18 11:04:37 ----A---- C:\Windows\grep.exe
2011-01-18 11:04:30 ----SD---- C:\kočka.com
2011-01-18 11:04:10 ----D---- C:\Qoobox
2011-01-18 10:44:35 ----A---- C:\Windows\ntbtlog.txt
2011-01-18 09:50:27 ----D---- C:\Users\zbr\AppData\Roaming\Malwarebytes
2011-01-18 09:50:10 ----D---- C:\ProgramData\Malwarebytes
2011-01-18 09:50:10 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-01-18 09:50:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-18 09:50:08 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-01-18 09:04:47 ----D---- C:\Program Files\trend micro
2011-01-18 08:40:40 ----D---- C:\Program Files\Advanced PC Tweaker
2011-01-17 16:15:10 ----A---- C:\Windows\system32\CF6133.exe
2011-01-17 16:03:47 ----A---- C:\Windows\system32\sdclt.exe
2011-01-17 15:59:01 ----A---- C:\Windows\system32\lsdelete.exe
2011-01-17 14:51:46 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2011-01-17 14:17:38 ----A---- C:\Windows\system32\drivers\Lbd.sys
2011-01-17 14:15:44 ----HDC---- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2011-01-17 14:15:27 ----D---- C:\ProgramData\Lavasoft
2011-01-17 14:15:27 ----D---- C:\Program Files\Lavasoft
2011-01-12 17:30:48 ----A---- C:\Windows\system32\odbc32.dll
2010-12-29 15:44:53 ----A---- C:\Windows\system32\msxml6.dll
2010-12-29 09:26:25 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-12-29 09:26:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-12-22 09:35:02 ----D---- C:\Windows\ERDNT
2010-12-20 08:24:30 ----A---- C:\Windows\system32\win32k.sys
2010-12-20 08:23:55 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-20 08:23:55 ----A---- C:\Windows\system32\taskschd.dll
2010-12-20 08:23:55 ----A---- C:\Windows\system32\taskeng.exe
2010-12-20 08:23:55 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-20 08:23:55 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-20 08:23:35 ----A---- C:\Windows\system32\consent.exe
2010-12-20 08:23:19 ----A---- C:\Windows\system32\fontsub.dll
2010-12-20 08:23:19 ----A---- C:\Windows\system32\atmlib.dll
2010-12-20 08:23:19 ----A---- C:\Windows\system32\atmfd.dll
2010-12-20 08:22:43 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-20 08:22:42 ----A---- C:\Windows\system32\occache.dll
2010-12-20 08:22:42 ----A---- C:\Windows\system32\mstime.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\ieui.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\iesetup.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\iepeers.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\wininet.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-20 08:22:40 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iertutil.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iernonce.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-20 08:22:39 ----A---- C:\Windows\system32\urlmon.dll
2010-12-20 08:22:39 ----A---- C:\Windows\system32\mshtml.dll
2010-12-20 08:22:39 ----A---- C:\Windows\system32\ieframe.dll
2010-12-20 08:21:06 ----A---- C:\Windows\system32\msshsq.dll
======List of files/folders modified in the last 1 months======
2011-01-18 12:28:16 ----D---- C:\Windows\System32
2011-01-18 12:28:16 ----D---- C:\Windows\inf
2011-01-18 12:28:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-18 12:18:46 ----D---- C:\Windows\Tasks
2011-01-18 12:16:26 ----A---- C:\Windows\system32\log.txt
2011-01-18 12:05:33 ----HD---- C:\Windows\system32\dwrcssft
2011-01-18 12:04:32 ----SHD---- C:\Windows\Installer
2011-01-18 12:04:14 ----HD---- C:\ProgramData
2011-01-18 12:04:04 ----D---- C:\Windows\system32\drivers
2011-01-18 12:03:02 ----SHD---- C:\System Volume Information
2011-01-18 12:02:56 ----D---- C:\ProgramData\MFAData
2011-01-18 12:02:23 ----D---- C:\Program Files\AVG
2011-01-18 12:02:09 ----D---- C:\Windows\winsxs
2011-01-18 11:34:42 ----A---- C:\Windows\system32\DWRCCMDError.ini
2011-01-18 11:20:16 ----D---- C:\Windows\system32\config
2011-01-18 11:20:02 ----D---- C:\Windows
2011-01-18 11:18:31 ----D---- C:\Windows\AppPatch
2011-01-18 11:18:30 ----D---- C:\Program Files\Common Files
2011-01-18 11:13:20 ----D---- C:\Windows\system32\Tasks
2011-01-18 11:10:16 ----D---- C:\Windows\system32\drivers\etc
2011-01-18 09:50:08 ----RD---- C:\Program Files
2011-01-18 08:28:46 ----D---- C:\Windows\system32\catroot2
2011-01-17 16:57:17 ----SD---- C:\Users\zbr\AppData\Roaming\Microsoft
2011-01-17 16:57:15 ----D---- C:\ProgramData\avg9
2011-01-17 16:37:43 ----D---- C:\Windows\system32\WDI
2011-01-17 16:15:10 ----D---- C:\Windows\system32\cs-CZ
2011-01-17 16:09:33 ----D---- C:\Windows\Prefetch
2011-01-17 16:03:54 ----D---- C:\Windows\system32\catroot
2011-01-17 14:17:38 ----DC---- C:\Windows\system32\DRVSTORE
2011-01-13 14:35:22 ----D---- C:\Program Files\ICQ7.2
2011-01-12 17:30:46 ----D---- C:\ProgramData\Microsoft Help
2011-01-12 09:15:09 ----D---- C:\ProgramData\ArcSoft
2010-12-20 09:06:49 ----D---- C:\Windows\system32\migration
2010-12-20 09:06:49 ----D---- C:\Program Files\Windows Mail
2010-12-20 09:06:49 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2009-01-20 328728]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-12-03 64288]
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys [2008-06-04 26608]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-07-26 43872]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2010-12-08 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2010-09-07 34384]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2010-11-12 299984]
R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver; C:\Windows\system32\DRIVERS\dwvkbd.sys [2007-02-15 26624]
R2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2007-03-14 41984]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-03-14 5120]
R2 WavxDMgr;WavxDMgr; C:\Windows\system32\DRIVERS\WavxDMgr.sys [2009-04-22 205624]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2008-09-01 382976]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 27216]
R3 DwMirror;DwMirror; C:\Windows\system32\DRIVERS\DamewareMini.sys [2007-02-07 3712]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k6032.sys [2008-12-30 165984]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-05-05 40832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-01-12 2476544]
S3 catchme;catchme; \??\C:\Users\zbr\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2010-12-03 15264]
S3 mod7700;WinFast based TV tuner device; C:\Windows\system32\DRIVERS\mod7700.sys [2007-10-03 553344]
S3 MODRC;WinFast TV Dongle With Infrared Receiver; C:\Windows\system32\DRIVERS\modrc.sys [2007-07-11 13824]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw32.sys [2008-05-23 30816]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 NvtSp50;NvtSp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\NvtSp50.sys []
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2008-05-02 8064]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-10 15872]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-10 27648]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-29 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 ASFAgent;ASF Agent; C:\Program Files\Intel\ASF Agent\ASFAgent.exe [2007-04-19 133968]
R2 avgagent;AVG Remote Support Service (AvgAgent); avgagent.exe /srvfsys []
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-23 6128208]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 DWMRCS;DameWare Mini Remote Control; C:\Windows\system32\DWRCS.EXE [2010-08-06 242200]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-01-17 1402272]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2009-02-19 174616]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SMManager;Smith Micro Connection Manager Service; C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [2009-04-10 77824]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2009-04-22 1703936]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-02-19 2066968]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.29 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2008-11-12 1273856]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-10-24 145248]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2008-12-12 638976]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
-----------------EOF-----------------

Logfile of random's system information tool 1.08 (written by random/random)
Run by zbr at 2011-01-18 12:27:55
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 41 GB (50%) free of 82 GB
Total RAM: 3291 MB (52% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\One-Click Tweak.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG10\avgssie.dll [2010-11-22 2732896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-06-02 1018616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-01-12 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-01-12 178712]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-01-12 154136]
"picon"=C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe [2009-02-19 796184]
"ChangeTPMAuth"=C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe [2009-02-26 184320]
"WavXMgr"=C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2008-12-22 134144]
"SecureUpgrade"=C:\Program Files\Wave Systems Corp\SecureUpgrade.exe [2009-04-22 656696]
"EmbassySecurityCheck"=C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe [2009-04-22 95544]
"DellControlPoint"=C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [2009-03-19 667648]
"USCService"=C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [2009-04-22 15360]
"DellConnectionManager"=C:\Program Files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe [2009-04-10 1810432]
"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2009-02-04 128232]
"Samsung PanelMgr"=C:\Windows\Samsung\PanelMgr\SSMMgr.exe [2007-03-14 520192]
"WinFastDTV"=C:\Program Files\WinFast\WFDTV\DTVSchdl.exe [2009-05-27 90112]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2008-09-01 1310720]
"combofix"=C:\kočka.com20464k\CF12.cfxxe [2011-01-18 318976]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2010-10-22 2745696]
"DameWare MRC Agent"=C:\Windows\system32\DWRCST.exe [2010-08-06 85528]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"combofix"=C:\kočka.com20464k\CF12.cfxxe [2011-01-18 318976]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2010-11-24 2155832]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe [2011-01-05 133432]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule]
C:\Program Files\WinFast\WFDTV\WFWIZ.exe [2009-03-11 2912256]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Správce systému Dell ControlPoint System Manager.lnk - C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-01-12 221184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2011-01-18 12:27:55 ----D---- C:\rsit
2011-01-18 12:04:14 ----HD---- C:\ProgramData\Common Files
2011-01-18 12:03:25 ----D---- C:\Windows\system32\drivers\AVG
2011-01-18 12:03:25 ----D---- C:\ProgramData\AVG10
2011-01-18 11:20:02 ----D---- C:\Windows\temp
2011-01-18 11:14:46 ----SD---- C:\kočka.com20464k
2011-01-18 11:14:02 ----A---- C:\Windows\SWXCACLS.exe
2011-01-18 11:11:12 ----ASH---- C:\hiberfil.sys
2011-01-18 11:04:37 ----A---- C:\Windows\zip.exe
2011-01-18 11:04:37 ----A---- C:\Windows\SWSC.exe
2011-01-18 11:04:37 ----A---- C:\Windows\SWREG.exe
2011-01-18 11:04:37 ----A---- C:\Windows\sed.exe
2011-01-18 11:04:37 ----A---- C:\Windows\PEV.exe
2011-01-18 11:04:37 ----A---- C:\Windows\NIRCMD.exe
2011-01-18 11:04:37 ----A---- C:\Windows\MBR.exe
2011-01-18 11:04:37 ----A---- C:\Windows\grep.exe
2011-01-18 11:04:30 ----SD---- C:\kočka.com
2011-01-18 11:04:10 ----D---- C:\Qoobox
2011-01-18 10:44:35 ----A---- C:\Windows\ntbtlog.txt
2011-01-18 09:50:27 ----D---- C:\Users\zbr\AppData\Roaming\Malwarebytes
2011-01-18 09:50:10 ----D---- C:\ProgramData\Malwarebytes
2011-01-18 09:50:10 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-01-18 09:50:08 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-18 09:50:08 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-01-18 09:04:47 ----D---- C:\Program Files\trend micro
2011-01-18 08:40:40 ----D---- C:\Program Files\Advanced PC Tweaker
2011-01-17 16:15:10 ----A---- C:\Windows\system32\CF6133.exe
2011-01-17 16:03:47 ----A---- C:\Windows\system32\sdclt.exe
2011-01-17 15:59:01 ----A---- C:\Windows\system32\lsdelete.exe
2011-01-17 14:51:46 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2011-01-17 14:17:38 ----A---- C:\Windows\system32\drivers\Lbd.sys
2011-01-17 14:15:44 ----HDC---- C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}
2011-01-17 14:15:27 ----D---- C:\ProgramData\Lavasoft
2011-01-17 14:15:27 ----D---- C:\Program Files\Lavasoft
2011-01-12 17:30:48 ----A---- C:\Windows\system32\odbc32.dll
2010-12-29 15:44:53 ----A---- C:\Windows\system32\msxml6.dll
2010-12-29 09:26:25 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-12-29 09:26:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-12-22 09:35:02 ----D---- C:\Windows\ERDNT
2010-12-20 08:24:30 ----A---- C:\Windows\system32\win32k.sys
2010-12-20 08:23:55 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-20 08:23:55 ----A---- C:\Windows\system32\taskschd.dll
2010-12-20 08:23:55 ----A---- C:\Windows\system32\taskeng.exe
2010-12-20 08:23:55 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-20 08:23:55 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-20 08:23:35 ----A---- C:\Windows\system32\consent.exe
2010-12-20 08:23:19 ----A---- C:\Windows\system32\fontsub.dll
2010-12-20 08:23:19 ----A---- C:\Windows\system32\atmlib.dll
2010-12-20 08:23:19 ----A---- C:\Windows\system32\atmfd.dll
2010-12-20 08:22:43 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-20 08:22:42 ----A---- C:\Windows\system32\occache.dll
2010-12-20 08:22:42 ----A---- C:\Windows\system32\mstime.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\ieui.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\iesetup.dll
2010-12-20 08:22:41 ----A---- C:\Windows\system32\iepeers.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\wininet.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-20 08:22:40 ----A---- C:\Windows\system32\ieUnatt.exe
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iesysprep.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iertutil.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iernonce.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-20 08:22:40 ----A---- C:\Windows\system32\ie4uinit.exe
2010-12-20 08:22:39 ----A---- C:\Windows\system32\urlmon.dll
2010-12-20 08:22:39 ----A---- C:\Windows\system32\mshtml.dll
2010-12-20 08:22:39 ----A---- C:\Windows\system32\ieframe.dll
2010-12-20 08:21:06 ----A---- C:\Windows\system32\msshsq.dll
======List of files/folders modified in the last 1 months======
2011-01-18 12:28:16 ----D---- C:\Windows\System32
2011-01-18 12:28:16 ----D---- C:\Windows\inf
2011-01-18 12:28:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-18 12:18:46 ----D---- C:\Windows\Tasks
2011-01-18 12:16:26 ----A---- C:\Windows\system32\log.txt
2011-01-18 12:05:33 ----HD---- C:\Windows\system32\dwrcssft
2011-01-18 12:04:32 ----SHD---- C:\Windows\Installer
2011-01-18 12:04:14 ----HD---- C:\ProgramData
2011-01-18 12:04:04 ----D---- C:\Windows\system32\drivers
2011-01-18 12:03:02 ----SHD---- C:\System Volume Information
2011-01-18 12:02:56 ----D---- C:\ProgramData\MFAData
2011-01-18 12:02:23 ----D---- C:\Program Files\AVG
2011-01-18 12:02:09 ----D---- C:\Windows\winsxs
2011-01-18 11:34:42 ----A---- C:\Windows\system32\DWRCCMDError.ini
2011-01-18 11:20:16 ----D---- C:\Windows\system32\config
2011-01-18 11:20:02 ----D---- C:\Windows
2011-01-18 11:18:31 ----D---- C:\Windows\AppPatch
2011-01-18 11:18:30 ----D---- C:\Program Files\Common Files
2011-01-18 11:13:20 ----D---- C:\Windows\system32\Tasks
2011-01-18 11:10:16 ----D---- C:\Windows\system32\drivers\etc
2011-01-18 09:50:08 ----RD---- C:\Program Files
2011-01-18 08:28:46 ----D---- C:\Windows\system32\catroot2
2011-01-17 16:57:17 ----SD---- C:\Users\zbr\AppData\Roaming\Microsoft
2011-01-17 16:57:15 ----D---- C:\ProgramData\avg9
2011-01-17 16:37:43 ----D---- C:\Windows\system32\WDI
2011-01-17 16:15:10 ----D---- C:\Windows\system32\cs-CZ
2011-01-17 16:09:33 ----D---- C:\Windows\Prefetch
2011-01-17 16:03:54 ----D---- C:\Windows\system32\catroot
2011-01-17 14:17:38 ----DC---- C:\Windows\system32\DRVSTORE
2011-01-13 14:35:22 ----D---- C:\Program Files\ICQ7.2
2011-01-12 17:30:46 ----D---- C:\ProgramData\Microsoft Help
2011-01-12 09:15:09 ----D---- C:\ProgramData\ArcSoft
2010-12-20 09:06:49 ----D---- C:\Windows\system32\migration
2010-12-20 09:06:49 ----D---- C:\Program Files\Windows Mail
2010-12-20 09:06:49 ----D---- C:\Program Files\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2009-01-20 328728]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-12-03 64288]
R0 PBADRV;PBADRV; C:\Windows\system32\DRIVERS\PBADRV.sys [2008-06-04 26608]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-07-26 43872]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2010-12-08 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2010-09-07 34384]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2010-11-12 299984]
R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver; C:\Windows\system32\DRIVERS\dwvkbd.sys [2007-02-15 26624]
R2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2007-03-14 41984]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-03-14 5120]
R2 WavxDMgr;WavxDMgr; C:\Windows\system32\DRIVERS\WavxDMgr.sys [2009-04-22 205624]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2008-09-01 382976]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-19 123472]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-19 30288]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-19 27216]
R3 DwMirror;DwMirror; C:\Windows\system32\DRIVERS\DamewareMini.sys [2007-02-07 3712]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k6032.sys [2008-12-30 165984]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-05-05 40832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-01-12 2476544]
S3 catchme;catchme; \??\C:\Users\zbr\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2010-12-03 15264]
S3 mod7700;WinFast based TV tuner device; C:\Windows\system32\DRIVERS\mod7700.sys [2007-10-03 553344]
S3 MODRC;WinFast TV Dongle With Infrared Receiver; C:\Windows\system32\DRIVERS\modrc.sys [2007-07-11 13824]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw32.sys [2008-05-23 30816]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 NvtSp50;NvtSp50 NDIS Protocol Driver; C:\Windows\System32\Drivers\NvtSp50.sys []
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2008-05-02 8064]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-10 15872]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-10 27648]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-29 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 ASFAgent;ASF Agent; C:\Program Files\Intel\ASF Agent\ASFAgent.exe [2007-04-19 133968]
R2 avgagent;AVG Remote Support Service (AvgAgent); avgagent.exe /srvfsys []
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-23 6128208]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 DWMRCS;DameWare Mini Remote Control; C:\Windows\system32\DWRCS.EXE [2010-08-06 242200]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-06-02 246520]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-01-17 1402272]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\AMT\LMS.exe [2009-02-19 174616]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SMManager;Smith Micro Connection Manager Service; C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [2009-04-10 77824]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2009-04-22 1703936]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-12-13 49152]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2009-02-19 2066968]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 tcsd_win32.exe;NTRU TSS v1.2.1.29 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2008-11-12 1273856]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 getPlusHelper;@C:\Program Files\NOS\bin\getPlus_Helper.dll,-101; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-10-24 145248]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2008-12-12 638976]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
-----------------EOF-----------------
Re: Pls kontrola logu
Zkuste ten combofix spustit znovu, jak jsem psala
.
Ten program neznám, máte možnost dělat si u něj zálohu registrů, které mažete?

Ten program neznám, máte možnost dělat si u něj zálohu registrů, které mažete?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data

Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
-
- Návštěvník
- Příspěvky: 51
- Registrován: 08 úno 2005 13:11
- Bydliště: Zlín
- Kontaktovat uživatele:
Re: Pls kontrola logu
Tak už je to v pořádku 
děkuji moc!

děkuji moc!
Re: Pls kontrola logu
A ten combofix jste spouštěl? Potřebuju vidět log 

Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data

Chcete podpořit naše forum? Informace zde

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.