Dobrý den, při pokusu jít na stránky např. facebook.com, google.com,... se mi zhruba desetkrát do hodiny ukončí připojení a na stránku se nedostanu. Přikládám screenshot. Chodím přes Operu ale zkoušel jsem i jiné prohlížeče a problém přetrvává. Myslím si že je to vinou nějakého spywaru proto přikládám log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Petuleee at 2011-10-01 20:32:55
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 35 GB (46%) free of 76 GB
Total RAM: 510 MB (49% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-19 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-04-19 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA837F48-5AD1-443E-AE34-FFE03CBF3099}]
Ukazatel S-Rank - D:\Program Files\Seznam.cz\core.3.dll [2010-10-07 1164568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=D:\WINDOWS\system32\igfxtray.exe [2006-05-25 155648]
"HotKeysCmds"=D:\WINDOWS\system32\hkcmd.exe [2006-05-25 126976]
"egui"=D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-11-18 2219184]
"BootSkin Startup Jobs"=D:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe [2004-04-26 270336]
"LogonStudio"=D:\Program Files\WinCustomize\LogonStudio\logonstudio.exe [2002-09-03 987187]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"Adobe ARM"=D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 40448]
"MSMSGS"=D:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Seznam Postak"=D:\Program Files\Seznam.cz\postak.exe [2010-10-07 488728]
"MediaGet2"=D:\Documents and Settings\Petuleee\Local Settings\Data aplikací\MediaGet2\mediaget.exe [2011-09-26 8202752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\facemoods]
D:\Program Files\facemoods.com\facemoods\1.4.17.1\facemoodssrv.exe /md I []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGet2]
D:\Documents and Settings\Petuleee\Local Settings\Data aplikací\MediaGet2\mediaget.exe [2011-09-26 8202752]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDP]
D:\Program Files\FaceSmooch Toolbar\update_checker.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp325]
D:\WINDOWS\vsnp325.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp325]
D:\WINDOWS\tsnp325.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Aktualizovat ESET licenci.lnk]
D:\PROGRA~1\ESET\MINODL~1\MINODL~1.EXE [2011-07-18 125952]
D:\Documents and Settings\Petuleee\Nabídka Start\Programy\Po spuštění
OpenOffice.org 3.2.lnk - D:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
D:\WINDOWS\system32\igfxsrvc.dll [2006-05-25 348160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
D:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Documents and Settings\Petuleee\Local Settings\Data aplikací\Xenocode\Sandbox\LdR_Alcohol_r.exe\2.0.1.1820\2010.07.02T23.16\Virtual\STUBEXE\8.0.1135\@PROGRAMFILES@\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe"="D:\Documents and Settings\Petuleee\Local Settings\Data aplikací\Xenocode\Sandbox\LdR_Alcohol_r.exe\2.0.1.1820\2010.07.02T23.16\Virtual\STUBEXE\8.0.1135\@PROGRAMFILES@\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe:*:Enabled:StarWindServiceAE"
"D:\Documents and Settings\Petuleee\Dokumenty\Downloads\Facemoods.exe"="D:\Documents and Settings\Petuleee\Dokumenty\Downloads\Facemoods.exe:*:Enabled:Facemoods Installer"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Opera\opera.exe"="D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Documents and Settings\Petuleee\Local Settings\Data aplikací\MediaGet2\mediaget.exe"="D:\Documents and Settings\Petuleee\Local Settings\Data aplikací\MediaGet2\mediaget.exe:*:Disabled:MediaGet torrent client"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======List of files/folders created in the last 1 month======
2011-10-01 20:32:34 ----DC---- D:\Program Files\trend micro
2011-10-01 20:32:31 ----DC---- D:\rsit
2011-09-27 21:10:01 ----DC---- D:\WINDOWS\pss
2011-09-17 15:52:27 ----HDC---- D:\WINDOWS\$NtUninstallKB2616676$
2011-09-17 15:44:39 ----HDC---- D:\WINDOWS\$NtUninstallKB2570947$
2011-09-07 21:53:45 ----HDC---- D:\WINDOWS\$NtUninstallKB2607712$
======List of files/folders modified in the last 1 month======
2011-10-01 20:32:34 ----RDC---- D:\Program Files
2011-10-01 20:25:09 ----DC---- D:\WINDOWS\Temp
2011-10-01 19:54:47 ----AC---- D:\WINDOWS\LogonStudio.ini
2011-09-30 20:21:36 ----AC---- D:\WINDOWS\SchedLgU.Txt
2011-09-29 19:56:29 ----DC---- D:\WINDOWS
2011-09-29 19:55:33 ----DC---- D:\Program Files\Windows Desktop Search
2011-09-28 13:14:29 ----DC---- D:\Documents and Settings\Petuleee\Data aplikací\Opera
2011-09-28 13:14:04 ----DC---- D:\Program Files\Opera
2011-09-28 12:18:34 ----DC---- D:\Documents and Settings\Petuleee\Data aplikací\Skype
2011-09-28 12:16:53 ----DC---- D:\WINDOWS\Minidump
2011-09-28 12:16:53 ----DC---- D:\WINDOWS\Debug
2011-09-28 12:12:08 ----HDC---- D:\WINDOWS\inf
2011-09-28 12:12:08 ----HDC---- D:\Program Files\InstallShield Installation Information
2011-09-28 12:12:08 ----AC---- D:\WINDOWS\win.ini
2011-09-28 12:12:06 ----DC---- D:\WINDOWS\system32\drivers
2011-09-28 12:12:06 ----DC---- D:\WINDOWS\system32
2011-09-28 12:12:06 ----DC---- D:\Program Files\Common Files
2011-09-28 12:11:44 ----SHDC---- D:\WINDOWS\Installer
2011-09-28 12:11:43 ----SDC---- D:\WINDOWS\Tasks
2011-09-28 12:11:06 ----DC---- D:\Documents and Settings\Petuleee\Data aplikací\Toolbar4
2011-09-28 12:09:41 ----DC---- D:\Program Files\PromoToMobile
2011-09-28 12:09:24 ----SDC---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-09-28 12:09:07 ----DC---- D:\WINDOWS\system32\CatRoot2
2011-09-28 12:08:58 ----DC---- D:\WINDOWS\system32\wbem
2011-09-28 12:08:58 ----DC---- D:\WINDOWS\system32\cs-cz
2011-09-28 11:48:57 ----DC---- D:\WINDOWS\Prefetch
2011-09-27 21:16:57 ----AC---- D:\WINDOWS\system32\MRT.exe
2011-09-17 15:52:32 ----DC---- D:\WINDOWS\system32\dllcache
2011-09-17 15:42:26 ----HDC---- D:\WINDOWS\$hf_mig$
2011-09-09 11:12:04 ----AC---- D:\WINDOWS\system32\crypt32.dll
2011-09-05 21:02:16 ----DC---- D:\WINDOWS\system32\drivers\UMDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 PxHelp20;PxHelp20; D:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-17 44944]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; D:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-08-05 232512]
R1 ehdrv;ehdrv; D:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdir;epfwtdir; D:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-08-03 95896]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 eamon;eamon; D:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R3 aeaudio;aeaudio; D:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 E1000;Intel(R) PRO/1000 Adapter Driver; D:\WINDOWS\system32\DRIVERS\e1000325.sys [2003-07-11 121856]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; D:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-05-25 807804]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 smwdm;smwdm; D:\WINDOWS\system32\drivers\smwdm.sys [2003-02-28 545024]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 BootScreen;BootScreen; D:\WINDOWS\System32\drivers\vidstub.sys [2011-03-16 163712]
S0 cercsr6;cercsr6; D:\WINDOWS\system32\drivers\cercsr6.sys [2004-12-13 39904]
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; D:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; D:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; D:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP325;USB PC Camera (SNPSTD325); D:\WINDOWS\system32\DRIVERS\snp325.sys []
S3 streamip;BDA IPSink; D:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; D:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 Wdf01000;Wdf01000; D:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; D:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; D:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;ESET Service; D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-11-18 810144]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2011-04-19 153376]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; d:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-11-18 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; d:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; d:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Internetové připojení bylo ukončeno
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Cheaterboy
- Návštěvník
- Příspěvky: 51
- Registrován: 09 dub 2008 20:47
Internetové připojení bylo ukončeno
- Přílohy
-
- ...
- Bez názvu.PNG (36.75 KiB) Zobrazeno 1146 x
-
Rudy
- Site Admin
- Příspěvky: 119508
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Internetové připojení bylo ukončeno
Zdravím!
Poprosím o log z ComboFix.
Poprosím o log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Cheaterboy
- Návštěvník
- Příspěvky: 51
- Registrován: 09 dub 2008 20:47
Re: Internetové připojení bylo ukončeno
ComboFix 11-10-01.03 - Petuleee 02.10.2011 10:03:15.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.510.66 [GMT 2:00]
Spuštěný z: d:\documents and settings\Petuleee\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\documents and settings\Petuleee\WINDOWS
d:\program files\ESET\MiNODLogin
d:\program files\ESET\MiNODLogin\MiNODLogin.exe
d:\program files\ESET\MiNODLogin\MiNODLogin.jar
d:\program files\ESET\MiNODLogin\MiNODLoginLib.dll
d:\program files\ESET\MiNODLogin\MiNODLoginUninst.exe
d:\program files\ESET\MiNODLogin\servidores.xml
d:\windows\ehome\medctrro.exe
d:\windows\XSxS
.
Nakažená kopie d:\windows\system32\midimap.dll byla nalezena a vyléčena.
Obnovena kopie z - d:\windows\NiwradSoft Shell Pack\Backup\midimap.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-02 do 2011-10-02 )))))))))))))))))))))))))))))))
.
.
2011-10-01 18:32 . 2011-10-01 18:32 -------- dc----w- d:\program files\trend micro
2011-10-01 18:32 . 2011-10-01 18:32 -------- dc----w- D:\rsit
2011-09-27 20:04 . 2011-09-27 20:04 -------- dcsh--w- d:\documents and settings\Petuleee\IECompatCache
2011-09-05 17:04 . 2011-09-05 17:04 183696 -c--a-w- d:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2011-09-03 10:17 . 2011-09-09 09:12 602112 -c----w- d:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-29 17:58 . 2011-08-22 09:54 404640 -c--a-w- d:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:12 . 2004-08-18 10:00 602112 -c--a-w- d:\windows\system32\crypt32.dll
2011-08-05 13:24 . 2011-08-05 13:24 232512 -c--a-w- d:\windows\system32\drivers\dtsoftbus01.sys
2011-07-15 13:29 . 2004-08-18 10:00 456320 -c--a-w- d:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 10:00 10496 -c--a-w- d:\windows\system32\drivers\ndistapi.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 03:21 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . d:\windows\NiwradSoft Shell Pack\Backup\comres.dll
[-] 2008-04-14 03:21 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . d:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 03:21 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . d:\windows\system32\comres.dll
[7] 2004-08-18 10:00 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . d:\windows\$NtServicePackUninstall$\comres.dll
.
[7] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . d:\windows\system32\winlogon.exe
[7] 2004-08-18 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\winlogon.exe
.
[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . d:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . d:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . d:\windows\system32\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . d:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . d:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2004-08-18 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . d:\windows\$NtServicePackUninstall$\comctl32.dll
[7] 2004-08-18 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2004-08-18 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[7] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . d:\windows\system32\user32.dll
[7] 2004-08-18 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . d:\windows\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . d:\windows\ServicePackFiles\i386\explorer.exe
[7] 2004-08-18 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . d:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . d:\windows\regedit.exe
[7] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\regedit.exe
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\regedit.exe
[7] 2004-08-18 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\regedit.exe
.
[7] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . d:\windows\NiwradSoft Shell Pack\Backup\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . d:\windows\ServicePackFiles\i386\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . d:\windows\system32\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . d:\windows\system32\dllcache\ole32.dll
[7] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . d:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . 21F836AAB269FF644E0E708B794B0DF7 . 1287168 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB979687$\ole32.dll
[7] 2004-08-18 . 7FE54C063DDA8EF226846510852E6B1B . 1281024 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\ole32.dll
.
[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . d:\windows\system32\ctfmon.exe
[7] 2004-08-18 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[7] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\hnetcfg.dll
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . d:\windows\system32\hnetcfg.dll
[7] 2004-08-18 . FAABA83BE47C5B15F620FAA53267A9B8 . 345088 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[7] 2010-12-09 . 40D176442F70573DBA0E05A7E40D3EBB . 2071552 . . [5.1.2600.6055] . . d:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . d:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . d:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . d:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . d:\windows\system32\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . d:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2010-04-28 . 2FA1EF498F026847CF276DF9099ABE79 . 2069120 . . [5.1.2600.5973] . . d:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[7] 2010-04-28 . E4D3DB21C20749B8776B3E2C4B880404 . 2068992 . . [5.1.2600.5973] . . d:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[7] 2010-02-17 . 7F87EDF3C7C626D336533D2580940A00 . 2065920 . . [5.1.2600.3670] . . d:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2010-02-17 . 7F87EDF3C7C626D336533D2580940A00 . 2065920 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntkrnlpa.exe
[7] 2010-02-16 . 27DE458FE1E1A618836ADB61873BC9E8 . 2060544 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . d:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntkrnlpa.exe
[7] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . d:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntkrnlpa.exe
[7] 2009-02-09 . 73A13AA10E146A3E2B4AC6D007953A74 . 2059904 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntkrnlpa.exe
[7] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . d:\windows\$NtUninstallKB979683_0$\ntkrnlpa.exe
[7] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntkrnlpa.exe
[7] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntkrnlpa.exe
[7] 2008-04-14 . 4DEE41C45E803DB91A72FD1BA69C05EE . 2067968 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2005-03-30 . C0F0AA25CC9AD2BD083656682012DD1D . 2059008 . . [5.1.2600.2643] . . d:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
.
[7] 2010-10-18 . 72D1F43C4146D312B0DB6AB98C21340E . 634648 . . [7.00.6000.17093] . . d:\windows\SoftwareDistribution\Download\dd60fe5720881a53a69a138a26eaa4d9\sp3gdr\iexplore.exe
[7] 2010-10-18 . DA6E1F0F1932B62DD2F6ED05541C555C . 634648 . . [7.00.6000.21295] . . d:\windows\SoftwareDistribution\Download\dd60fe5720881a53a69a138a26eaa4d9\sp3qfe\iexplore.exe
[7] 2010-08-25 . E5412ED9E07C42C20C48D3FF71E6B1E8 . 634648 . . [7.00.6000.17091] . . d:\windows\ie8\iexplore.exe
[7] 2010-08-25 . F047BEB9771E45A05F425499A30F9BBA . 634648 . . [7.00.6000.21293] . . d:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
[7] 2010-04-16 . C4BA5E36FB57F547117305BF1E0FE454 . 634656 . . [7.00.6000.17055] . . d:\windows\ie7updates\KB2360131-IE7\iexplore.exe
[7] 2010-04-16 . C4BA5E36FB57F547117305BF1E0FE454 . 634656 . . [7.00.6000.17055] . . d:\windows\SoftwareDistribution\Download\d99e99d10cfba30ab13314ef40ddbe09\SP3GDR\iexplore.exe
[7] 2010-04-16 . B24A4E23A2FEDB6976EB04D334AD82B2 . 634648 . . [7.00.6000.21256] . . d:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
[7] 2010-04-16 . B24A4E23A2FEDB6976EB04D334AD82B2 . 634648 . . [7.00.6000.21256] . . d:\windows\SoftwareDistribution\Download\d99e99d10cfba30ab13314ef40ddbe09\SP3QFE\iexplore.exe
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . d:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . d:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . d:\windows\system32\dllcache\iexplore.exe
[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . d:\windows\ie7updates\KB982381-IE7\iexplore.exe
[7] 2004-08-18 . 63E527C26AC3059EAD766C6C11746D07 . 93184 . . [6.00.2900.2180] . . d:\windows\ie7\iexplore.exe
.
[7] 2010-12-09 . 8D222D8EF9B1951296F822583A044542 . 2194944 . . [5.1.2600.6055] . . d:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . d:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . d:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . d:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . d:\windows\system32\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . d:\windows\system32\dllcache\ntoskrnl.exe
[7] 2010-04-28 . EF1542C4875CAA34484A7BCB998B6BC4 . 2192128 . . [5.1.2600.5973] . . d:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[7] 2010-04-28 . 91FE668957FF51A2DBCEE0D8637BA77E . 2192256 . . [5.1.2600.5973] . . d:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . d:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntoskrnl.exe
[7] 2010-02-16 . F24D47F956B2527F8771E38AFE750743 . 2183552 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntoskrnl.exe
[7] 2010-02-16 . AEDD2FE6BEC6FB4E3B25DB1E15C97560 . 2189056 . . [5.1.2600.3670] . . d:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2010-02-16 . AEDD2FE6BEC6FB4E3B25DB1E15C97560 . 2189056 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntoskrnl.exe
[7] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[7] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntoskrnl.exe
[7] 2009-02-09 . DF530FCAD41349C92945DF52EBA9F3E4 . 2182656 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntoskrnl.exe
[7] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . d:\windows\$NtUninstallKB979683_0$\ntoskrnl.exe
[7] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . d:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntoskrnl.exe
[7] 2008-04-14 . C1536014AC1CB1D5397E31D9735E6571 . 2191104 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2005-03-30 . C749034F8482BDC1FB3AB567FE3E380F . 2181760 . . [5.1.2600.2643] . . d:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="d:\program files\Seznam.cz\postak.exe" [2010-10-07 488728]
"MediaGet2"="d:\documents and settings\Petuleee\Local Settings\Data aplikací\MediaGet2\mediaget.exe" [2011-09-26 8202752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2006-05-25 155648]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2006-05-25 126976]
"egui"="d:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-18 2219184]
"BootSkin Startup Jobs"="d:\program files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336]
"LogonStudio"="d:\program files\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 987187]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
.
d:\documents and settings\Petuleee\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.2.lnk - d:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="d:\windows\system32\logonuiX.exe"
.
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Aktualizovat ESET licenci.lnk]
path=d:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Aktualizovat ESET licenci.lnk
backup=d:\windows\pss\Aktualizovat ESET licenci.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 -c--a-w- d:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGet2]
2011-09-26 16:21 8202752 -c--a-w- d:\documents and settings\Petuleee\Local Settings\Data aplikací\MediaGet2\mediaget.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Documents and Settings\\Petuleee\\Local Settings\\Data aplikací\\Xenocode\\Sandbox\\LdR_Alcohol_r.exe\\2.0.1.1820\\2010.07.02T23.16\\Virtual\\STUBEXE\\8.0.1135\\@PROGRAMFILES@\\Alcohol Soft\\Alcohol 120\\StarWind\\StarWindServiceAE.exe"=
"d:\\Documents and Settings\\Petuleee\\Dokumenty\\Downloads\\Facemoods.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
"d:\\Documents and Settings\\Petuleee\\Local Settings\\Data aplikací\\MediaGet2\\mediaget.exe"=
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;d:\windows\system32\drivers\dtsoftbus01.sys [5.8.2011 15:24 232512]
R1 ehdrv;ehdrv;d:\windows\system32\drivers\ehdrv.sys [29.7.2010 13:31 115008]
R1 epfwtdir;epfwtdir;d:\windows\system32\drivers\epfwtdir.sys [3.8.2010 13:28 95896]
R2 ekrn;ESET Service;d:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [18.11.2010 15:11 810144]
S3 SNP325;USB PC Camera (SNPSTD325);d:\windows\system32\DRIVERS\snp325.sys --> d:\windows\system32\DRIVERS\snp325.sys [?]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com?o=15510&l=dis
uInternet Connection Wizard,ShellNext = iexplore
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-facemoods - d:\program files\facemoods.com\facemoods\1.4.17.1\facemoodssrv.exe
MSConfigStartUp-SDP - d:\program files\FaceSmooch Toolbar\update_checker.exe
MSConfigStartUp-snp325 - d:\windows\vsnp325.exe
MSConfigStartUp-tsnp325 - d:\windows\tsnp325.exe
AddRemove-MiNODLogin - d:\program files\ESET\MiNODLogin\MiNODLoginUninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-02 10:18
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(696)
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\sfc_os.dll
d:\windows\system32\COMRes.dll
d:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(752)
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\psbase.dll
.
- - - - - - - > 'explorer.exe'(3408)
d:\windows\system32\COMRes.dll
d:\windows\System32\cscui.dll
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\msi.dll
d:\windows\system32\NETSHELL.dll
d:\windows\system32\credui.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\program files\Java\jre6\bin\jqs.exe
d:\program files\OpenOffice.org 3\program\soffice.exe
d:\program files\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Celkový čas: 2011-10-02 10:27:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-02 08:27
.
Před spuštěním: Volných bajtů: 37 149 782 016
Po spuštění: Volných bajtů: 38 259 425 280
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 2B3D488D868C95FC51313489BB9B7E18
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.510.66 [GMT 2:00]
Spuštěný z: d:\documents and settings\Petuleee\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\documents and settings\Petuleee\WINDOWS
d:\program files\ESET\MiNODLogin
d:\program files\ESET\MiNODLogin\MiNODLogin.exe
d:\program files\ESET\MiNODLogin\MiNODLogin.jar
d:\program files\ESET\MiNODLogin\MiNODLoginLib.dll
d:\program files\ESET\MiNODLogin\MiNODLoginUninst.exe
d:\program files\ESET\MiNODLogin\servidores.xml
d:\windows\ehome\medctrro.exe
d:\windows\XSxS
.
Nakažená kopie d:\windows\system32\midimap.dll byla nalezena a vyléčena.
Obnovena kopie z - d:\windows\NiwradSoft Shell Pack\Backup\midimap.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-02 do 2011-10-02 )))))))))))))))))))))))))))))))
.
.
2011-10-01 18:32 . 2011-10-01 18:32 -------- dc----w- d:\program files\trend micro
2011-10-01 18:32 . 2011-10-01 18:32 -------- dc----w- D:\rsit
2011-09-27 20:04 . 2011-09-27 20:04 -------- dcsh--w- d:\documents and settings\Petuleee\IECompatCache
2011-09-05 17:04 . 2011-09-05 17:04 183696 -c--a-w- d:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2011-09-03 10:17 . 2011-09-09 09:12 602112 -c----w- d:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-29 17:58 . 2011-08-22 09:54 404640 -c--a-w- d:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:12 . 2004-08-18 10:00 602112 -c--a-w- d:\windows\system32\crypt32.dll
2011-08-05 13:24 . 2011-08-05 13:24 232512 -c--a-w- d:\windows\system32\drivers\dtsoftbus01.sys
2011-07-15 13:29 . 2004-08-18 10:00 456320 -c--a-w- d:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 10:00 10496 -c--a-w- d:\windows\system32\drivers\ndistapi.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 03:21 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . d:\windows\NiwradSoft Shell Pack\Backup\comres.dll
[-] 2008-04-14 03:21 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . d:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 03:21 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . d:\windows\system32\comres.dll
[7] 2004-08-18 10:00 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . d:\windows\$NtServicePackUninstall$\comres.dll
.
[7] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . d:\windows\system32\winlogon.exe
[7] 2004-08-18 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\winlogon.exe
.
[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . d:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . d:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . d:\windows\system32\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . d:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . d:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2004-08-18 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . d:\windows\$NtServicePackUninstall$\comctl32.dll
[7] 2004-08-18 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2004-08-18 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[7] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . d:\windows\system32\user32.dll
[7] 2004-08-18 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . d:\windows\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . d:\windows\ServicePackFiles\i386\explorer.exe
[7] 2004-08-18 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . d:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . d:\windows\regedit.exe
[7] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\regedit.exe
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\regedit.exe
[7] 2004-08-18 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\regedit.exe
.
[7] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . d:\windows\NiwradSoft Shell Pack\Backup\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . d:\windows\ServicePackFiles\i386\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . d:\windows\system32\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . d:\windows\system32\dllcache\ole32.dll
[7] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . d:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . 21F836AAB269FF644E0E708B794B0DF7 . 1287168 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB979687$\ole32.dll
[7] 2004-08-18 . 7FE54C063DDA8EF226846510852E6B1B . 1281024 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\ole32.dll
.
[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . d:\windows\system32\ctfmon.exe
[7] 2004-08-18 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[7] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\hnetcfg.dll
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . d:\windows\system32\hnetcfg.dll
[7] 2004-08-18 . FAABA83BE47C5B15F620FAA53267A9B8 . 345088 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[7] 2010-12-09 . 40D176442F70573DBA0E05A7E40D3EBB . 2071552 . . [5.1.2600.6055] . . d:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . d:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . d:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . d:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . d:\windows\system32\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . d:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2010-04-28 . 2FA1EF498F026847CF276DF9099ABE79 . 2069120 . . [5.1.2600.5973] . . d:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[7] 2010-04-28 . E4D3DB21C20749B8776B3E2C4B880404 . 2068992 . . [5.1.2600.5973] . . d:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[7] 2010-02-17 . 7F87EDF3C7C626D336533D2580940A00 . 2065920 . . [5.1.2600.3670] . . d:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2010-02-17 . 7F87EDF3C7C626D336533D2580940A00 . 2065920 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntkrnlpa.exe
[7] 2010-02-16 . 27DE458FE1E1A618836ADB61873BC9E8 . 2060544 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . d:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntkrnlpa.exe
[7] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . d:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntkrnlpa.exe
[7] 2009-02-09 . 73A13AA10E146A3E2B4AC6D007953A74 . 2059904 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntkrnlpa.exe
[7] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . d:\windows\$NtUninstallKB979683_0$\ntkrnlpa.exe
[7] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntkrnlpa.exe
[7] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntkrnlpa.exe
[7] 2008-04-14 . 4DEE41C45E803DB91A72FD1BA69C05EE . 2067968 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2005-03-30 . C0F0AA25CC9AD2BD083656682012DD1D . 2059008 . . [5.1.2600.2643] . . d:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
.
[7] 2010-10-18 . 72D1F43C4146D312B0DB6AB98C21340E . 634648 . . [7.00.6000.17093] . . d:\windows\SoftwareDistribution\Download\dd60fe5720881a53a69a138a26eaa4d9\sp3gdr\iexplore.exe
[7] 2010-10-18 . DA6E1F0F1932B62DD2F6ED05541C555C . 634648 . . [7.00.6000.21295] . . d:\windows\SoftwareDistribution\Download\dd60fe5720881a53a69a138a26eaa4d9\sp3qfe\iexplore.exe
[7] 2010-08-25 . E5412ED9E07C42C20C48D3FF71E6B1E8 . 634648 . . [7.00.6000.17091] . . d:\windows\ie8\iexplore.exe
[7] 2010-08-25 . F047BEB9771E45A05F425499A30F9BBA . 634648 . . [7.00.6000.21293] . . d:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
[7] 2010-04-16 . C4BA5E36FB57F547117305BF1E0FE454 . 634656 . . [7.00.6000.17055] . . d:\windows\ie7updates\KB2360131-IE7\iexplore.exe
[7] 2010-04-16 . C4BA5E36FB57F547117305BF1E0FE454 . 634656 . . [7.00.6000.17055] . . d:\windows\SoftwareDistribution\Download\d99e99d10cfba30ab13314ef40ddbe09\SP3GDR\iexplore.exe
[7] 2010-04-16 . B24A4E23A2FEDB6976EB04D334AD82B2 . 634648 . . [7.00.6000.21256] . . d:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
[7] 2010-04-16 . B24A4E23A2FEDB6976EB04D334AD82B2 . 634648 . . [7.00.6000.21256] . . d:\windows\SoftwareDistribution\Download\d99e99d10cfba30ab13314ef40ddbe09\SP3QFE\iexplore.exe
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . d:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . d:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . d:\windows\system32\dllcache\iexplore.exe
[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . d:\windows\ie7updates\KB982381-IE7\iexplore.exe
[7] 2004-08-18 . 63E527C26AC3059EAD766C6C11746D07 . 93184 . . [6.00.2900.2180] . . d:\windows\ie7\iexplore.exe
.
[7] 2010-12-09 . 8D222D8EF9B1951296F822583A044542 . 2194944 . . [5.1.2600.6055] . . d:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . d:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . d:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . d:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . d:\windows\system32\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . d:\windows\system32\dllcache\ntoskrnl.exe
[7] 2010-04-28 . EF1542C4875CAA34484A7BCB998B6BC4 . 2192128 . . [5.1.2600.5973] . . d:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[7] 2010-04-28 . 91FE668957FF51A2DBCEE0D8637BA77E . 2192256 . . [5.1.2600.5973] . . d:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . d:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntoskrnl.exe
[7] 2010-02-16 . F24D47F956B2527F8771E38AFE750743 . 2183552 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntoskrnl.exe
[7] 2010-02-16 . AEDD2FE6BEC6FB4E3B25DB1E15C97560 . 2189056 . . [5.1.2600.3670] . . d:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2010-02-16 . AEDD2FE6BEC6FB4E3B25DB1E15C97560 . 2189056 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntoskrnl.exe
[7] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[7] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntoskrnl.exe
[7] 2009-02-09 . DF530FCAD41349C92945DF52EBA9F3E4 . 2182656 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntoskrnl.exe
[7] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . d:\windows\$NtUninstallKB979683_0$\ntoskrnl.exe
[7] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . d:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntoskrnl.exe
[7] 2008-04-14 . C1536014AC1CB1D5397E31D9735E6571 . 2191104 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2005-03-30 . C749034F8482BDC1FB3AB567FE3E380F . 2181760 . . [5.1.2600.2643] . . d:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="d:\program files\Seznam.cz\postak.exe" [2010-10-07 488728]
"MediaGet2"="d:\documents and settings\Petuleee\Local Settings\Data aplikací\MediaGet2\mediaget.exe" [2011-09-26 8202752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2006-05-25 155648]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2006-05-25 126976]
"egui"="d:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-11-18 2219184]
"BootSkin Startup Jobs"="d:\program files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336]
"LogonStudio"="d:\program files\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 987187]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
.
d:\documents and settings\Petuleee\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.2.lnk - d:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="d:\windows\system32\logonuiX.exe"
.
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Aktualizovat ESET licenci.lnk]
path=d:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Aktualizovat ESET licenci.lnk
backup=d:\windows\pss\Aktualizovat ESET licenci.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 -c--a-w- d:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaGet2]
2011-09-26 16:21 8202752 -c--a-w- d:\documents and settings\Petuleee\Local Settings\Data aplikací\MediaGet2\mediaget.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Documents and Settings\\Petuleee\\Local Settings\\Data aplikací\\Xenocode\\Sandbox\\LdR_Alcohol_r.exe\\2.0.1.1820\\2010.07.02T23.16\\Virtual\\STUBEXE\\8.0.1135\\@PROGRAMFILES@\\Alcohol Soft\\Alcohol 120\\StarWind\\StarWindServiceAE.exe"=
"d:\\Documents and Settings\\Petuleee\\Dokumenty\\Downloads\\Facemoods.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
"d:\\Documents and Settings\\Petuleee\\Local Settings\\Data aplikací\\MediaGet2\\mediaget.exe"=
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;d:\windows\system32\drivers\dtsoftbus01.sys [5.8.2011 15:24 232512]
R1 ehdrv;ehdrv;d:\windows\system32\drivers\ehdrv.sys [29.7.2010 13:31 115008]
R1 epfwtdir;epfwtdir;d:\windows\system32\drivers\epfwtdir.sys [3.8.2010 13:28 95896]
R2 ekrn;ESET Service;d:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [18.11.2010 15:11 810144]
S3 SNP325;USB PC Camera (SNPSTD325);d:\windows\system32\DRIVERS\snp325.sys --> d:\windows\system32\DRIVERS\snp325.sys [?]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com?o=15510&l=dis
uInternet Connection Wizard,ShellNext = iexplore
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-facemoods - d:\program files\facemoods.com\facemoods\1.4.17.1\facemoodssrv.exe
MSConfigStartUp-SDP - d:\program files\FaceSmooch Toolbar\update_checker.exe
MSConfigStartUp-snp325 - d:\windows\vsnp325.exe
MSConfigStartUp-tsnp325 - d:\windows\tsnp325.exe
AddRemove-MiNODLogin - d:\program files\ESET\MiNODLogin\MiNODLoginUninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-02 10:18
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(696)
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\sfc_os.dll
d:\windows\system32\COMRes.dll
d:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(752)
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\psbase.dll
.
- - - - - - - > 'explorer.exe'(3408)
d:\windows\system32\COMRes.dll
d:\windows\System32\cscui.dll
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\msi.dll
d:\windows\system32\NETSHELL.dll
d:\windows\system32\credui.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\program files\Java\jre6\bin\jqs.exe
d:\program files\OpenOffice.org 3\program\soffice.exe
d:\program files\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Celkový čas: 2011-10-02 10:27:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-02 08:27
.
Před spuštěním: Volných bajtů: 37 149 782 016
Po spuštění: Volných bajtů: 38 259 425 280
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 2B3D488D868C95FC51313489BB9B7E18
Re: Internetové připojení bylo ukončeno
v prve rade se prizpusobte prosim pravidlu fora co se tyce nelegalniho SW - ESET do pryc a nahradit free resenim-
Rudy
- Site Admin
- Příspěvky: 119508
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Internetové připojení bylo ukončeno
Odinstalujte cracklý NOD a nahraďte jej některým free řešením: http://www.viry.cz/forum/viewforum.php?f=29 . Pak budeme pokračovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Cheaterboy
- Návštěvník
- Příspěvky: 51
- Registrován: 09 dub 2008 20:47
Re: Internetové připojení bylo ukončeno
Tak jsem ESETa nahradil Avirou.
-
Rudy
- Site Admin
- Příspěvky: 119508
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Internetové připojení bylo ukončeno
OK. Tento soubor: d:\documents and settings\Petuleee\Local Settings\Data aplikací\MediaGet2\mediaget.exe otestujte online na www.virustotal.com . Výsledek oznamte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Cheaterboy
- Návštěvník
- Příspěvky: 51
- Registrován: 09 dub 2008 20:47
Re: Internetové připojení bylo ukončeno
Program MediaGet jsem po vytvoření logu ihhned odstranil. Proto přikládám nový log:
ComboFix 11-10-02.01 - Petuleee 02.10.2011 16:41:52.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.510.309 [GMT 2:00]
Spuštěný z: d:\documents and settings\Petuleee\Plocha\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-02 do 2011-10-02 )))))))))))))))))))))))))))))))
.
.
2011-10-02 10:14 . 2011-10-02 10:14 -------- dc----w- d:\program files\Common Files\Java
2011-10-02 10:02 . 2011-10-02 10:02 -------- dc----w- d:\program files\Avira
2011-10-02 10:02 . 2011-10-02 10:02 -------- dc----w- d:\documents and settings\All Users\Data aplikací\Avira
2011-10-02 10:02 . 2011-07-20 09:30 61960 -c--a-w- d:\windows\system32\drivers\avgntflt.sys
2011-10-02 10:02 . 2011-07-20 09:30 137656 -c--a-w- d:\windows\system32\drivers\avipbb.sys
2011-10-02 10:02 . 2010-06-17 13:27 45416 -c--a-w- d:\windows\system32\drivers\avgntdd.sys
2011-10-02 10:02 . 2010-06-17 13:27 22360 -c--a-w- d:\windows\system32\drivers\avgntmgr.sys
2011-10-01 18:32 . 2011-10-01 18:32 -------- dc----w- d:\program files\trend micro
2011-10-01 18:32 . 2011-10-01 18:32 -------- dc----w- D:\rsit
2011-09-27 20:04 . 2011-09-27 20:04 -------- dcsh--w- d:\documents and settings\Petuleee\IECompatCache
2011-09-05 17:04 . 2011-09-05 17:04 183696 -c--a-w- d:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2011-09-03 10:17 . 2011-09-09 09:12 602112 -c----w- d:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-29 17:58 . 2011-08-22 09:54 404640 -c--a-w- d:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:12 . 2004-08-18 10:00 602112 -c--a-w- d:\windows\system32\crypt32.dll
2011-08-05 13:24 . 2011-08-05 13:24 232512 -c--a-w- d:\windows\system32\drivers\dtsoftbus01.sys
2011-07-15 13:29 . 2004-08-18 10:00 456320 -c--a-w- d:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 10:00 10496 -c--a-w- d:\windows\system32\drivers\ndistapi.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 03:21 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . d:\windows\NiwradSoft Shell Pack\Backup\comres.dll
[-] 2008-04-14 03:21 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . d:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 03:21 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . d:\windows\system32\comres.dll
[7] 2004-08-18 10:00 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . d:\windows\$NtServicePackUninstall$\comres.dll
.
[7] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . d:\windows\system32\winlogon.exe
[7] 2004-08-18 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\winlogon.exe
.
[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . d:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . d:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . d:\windows\system32\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . d:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . d:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2004-08-18 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . d:\windows\$NtServicePackUninstall$\comctl32.dll
[7] 2004-08-18 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2004-08-18 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[7] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . d:\windows\system32\user32.dll
[7] 2004-08-18 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . d:\windows\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . d:\windows\ServicePackFiles\i386\explorer.exe
[7] 2004-08-18 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . d:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . d:\windows\regedit.exe
[7] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\regedit.exe
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\regedit.exe
[7] 2004-08-18 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\regedit.exe
.
[7] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . d:\windows\NiwradSoft Shell Pack\Backup\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . d:\windows\ServicePackFiles\i386\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . d:\windows\system32\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . d:\windows\system32\dllcache\ole32.dll
[7] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . d:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . 21F836AAB269FF644E0E708B794B0DF7 . 1287168 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB979687$\ole32.dll
[7] 2004-08-18 . 7FE54C063DDA8EF226846510852E6B1B . 1281024 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\ole32.dll
.
[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . d:\windows\system32\ctfmon.exe
[7] 2004-08-18 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[7] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\hnetcfg.dll
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . d:\windows\system32\hnetcfg.dll
[7] 2004-08-18 . FAABA83BE47C5B15F620FAA53267A9B8 . 345088 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[7] 2010-12-09 . 40D176442F70573DBA0E05A7E40D3EBB . 2071552 . . [5.1.2600.6055] . . d:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . d:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . d:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . d:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . d:\windows\system32\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . d:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2010-04-28 . 2FA1EF498F026847CF276DF9099ABE79 . 2069120 . . [5.1.2600.5973] . . d:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[7] 2010-04-28 . E4D3DB21C20749B8776B3E2C4B880404 . 2068992 . . [5.1.2600.5973] . . d:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[7] 2010-02-17 . 7F87EDF3C7C626D336533D2580940A00 . 2065920 . . [5.1.2600.3670] . . d:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2010-02-17 . 7F87EDF3C7C626D336533D2580940A00 . 2065920 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntkrnlpa.exe
[7] 2010-02-16 . 27DE458FE1E1A618836ADB61873BC9E8 . 2060544 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . d:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntkrnlpa.exe
[7] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . d:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntkrnlpa.exe
[7] 2009-02-09 . 73A13AA10E146A3E2B4AC6D007953A74 . 2059904 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntkrnlpa.exe
[7] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . d:\windows\$NtUninstallKB979683_0$\ntkrnlpa.exe
[7] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntkrnlpa.exe
[7] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntkrnlpa.exe
[7] 2008-04-14 . 4DEE41C45E803DB91A72FD1BA69C05EE . 2067968 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2005-03-30 . C0F0AA25CC9AD2BD083656682012DD1D . 2059008 . . [5.1.2600.2643] . . d:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
.
[7] 2010-10-18 . 72D1F43C4146D312B0DB6AB98C21340E . 634648 . . [7.00.6000.17093] . . d:\windows\SoftwareDistribution\Download\dd60fe5720881a53a69a138a26eaa4d9\sp3gdr\iexplore.exe
[7] 2010-10-18 . DA6E1F0F1932B62DD2F6ED05541C555C . 634648 . . [7.00.6000.21295] . . d:\windows\SoftwareDistribution\Download\dd60fe5720881a53a69a138a26eaa4d9\sp3qfe\iexplore.exe
[7] 2010-08-25 . E5412ED9E07C42C20C48D3FF71E6B1E8 . 634648 . . [7.00.6000.17091] . . d:\windows\ie8\iexplore.exe
[7] 2010-08-25 . F047BEB9771E45A05F425499A30F9BBA . 634648 . . [7.00.6000.21293] . . d:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
[7] 2010-04-16 . C4BA5E36FB57F547117305BF1E0FE454 . 634656 . . [7.00.6000.17055] . . d:\windows\ie7updates\KB2360131-IE7\iexplore.exe
[7] 2010-04-16 . C4BA5E36FB57F547117305BF1E0FE454 . 634656 . . [7.00.6000.17055] . . d:\windows\SoftwareDistribution\Download\d99e99d10cfba30ab13314ef40ddbe09\SP3GDR\iexplore.exe
[7] 2010-04-16 . B24A4E23A2FEDB6976EB04D334AD82B2 . 634648 . . [7.00.6000.21256] . . d:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
[7] 2010-04-16 . B24A4E23A2FEDB6976EB04D334AD82B2 . 634648 . . [7.00.6000.21256] . . d:\windows\SoftwareDistribution\Download\d99e99d10cfba30ab13314ef40ddbe09\SP3QFE\iexplore.exe
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . d:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . d:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . d:\windows\system32\dllcache\iexplore.exe
[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . d:\windows\ie7updates\KB982381-IE7\iexplore.exe
[7] 2004-08-18 . 63E527C26AC3059EAD766C6C11746D07 . 93184 . . [6.00.2900.2180] . . d:\windows\ie7\iexplore.exe
.
[7] 2010-12-09 . 8D222D8EF9B1951296F822583A044542 . 2194944 . . [5.1.2600.6055] . . d:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . d:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . d:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . d:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . d:\windows\system32\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . d:\windows\system32\dllcache\ntoskrnl.exe
[7] 2010-04-28 . EF1542C4875CAA34484A7BCB998B6BC4 . 2192128 . . [5.1.2600.5973] . . d:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[7] 2010-04-28 . 91FE668957FF51A2DBCEE0D8637BA77E . 2192256 . . [5.1.2600.5973] . . d:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . d:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntoskrnl.exe
[7] 2010-02-16 . F24D47F956B2527F8771E38AFE750743 . 2183552 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntoskrnl.exe
[7] 2010-02-16 . AEDD2FE6BEC6FB4E3B25DB1E15C97560 . 2189056 . . [5.1.2600.3670] . . d:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2010-02-16 . AEDD2FE6BEC6FB4E3B25DB1E15C97560 . 2189056 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntoskrnl.exe
[7] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[7] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntoskrnl.exe
[7] 2009-02-09 . DF530FCAD41349C92945DF52EBA9F3E4 . 2182656 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntoskrnl.exe
[7] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . d:\windows\$NtUninstallKB979683_0$\ntoskrnl.exe
[7] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . d:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntoskrnl.exe
[7] 2008-04-14 . C1536014AC1CB1D5397E31D9735E6571 . 2191104 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2005-03-30 . C749034F8482BDC1FB3AB567FE3E380F . 2181760 . . [5.1.2600.2643] . . d:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-10-02_08.18.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-02 10:14 . 2011-10-02 10:14 16384 d:\windows\Temp\Perflib_Perfdata_ef8.dat
+ 2011-10-02 10:02 . 2010-06-17 13:27 28520 d:\windows\system32\drivers\ssmdrv.sys
+ 2011-10-02 10:14 . 2011-05-04 02:52 157472 d:\windows\system32\javaws.exe
- 2011-04-19 19:37 . 2011-04-19 19:37 157472 d:\windows\system32\javaws.exe
+ 2011-10-02 10:14 . 2011-05-04 02:52 145184 d:\windows\system32\javaw.exe
- 2011-04-19 19:37 . 2011-04-19 19:37 145184 d:\windows\system32\javaw.exe
- 2011-04-19 19:37 . 2011-04-19 19:37 145184 d:\windows\system32\java.exe
+ 2011-10-02 10:14 . 2011-05-04 02:52 145184 d:\windows\system32\java.exe
- 2011-04-19 19:37 . 2011-04-19 19:37 472808 d:\windows\system32\deployJava1.dll
+ 2011-04-19 19:37 . 2011-05-04 02:52 472808 d:\windows\system32\deployJava1.dll
+ 2011-10-02 10:14 . 2011-10-02 10:14 203776 d:\windows\Installer\14bbb6.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="d:\program files\Seznam.cz\postak.exe" [2010-10-07 488728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2006-05-25 155648]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2006-05-25 126976]
"BootSkin Startup Jobs"="d:\program files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336]
"LogonStudio"="d:\program files\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 987187]
"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"avgnt"="d:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
.
d:\documents and settings\Petuleee\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.2.lnk - d:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="d:\windows\system32\logonuiX.exe"
.
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Aktualizovat ESET licenci.lnk]
path=d:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Aktualizovat ESET licenci.lnk
backup=d:\windows\pss\Aktualizovat ESET licenci.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 -c--a-w- d:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Documents and Settings\\Petuleee\\Local Settings\\Data aplikací\\Xenocode\\Sandbox\\LdR_Alcohol_r.exe\\2.0.1.1820\\2010.07.02T23.16\\Virtual\\STUBEXE\\8.0.1135\\@PROGRAMFILES@\\Alcohol Soft\\Alcohol 120\\StarWind\\StarWindServiceAE.exe"=
"d:\\Documents and Settings\\Petuleee\\Dokumenty\\Downloads\\Facemoods.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;d:\windows\system32\drivers\dtsoftbus01.sys [5.8.2011 15:24 232512]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;d:\program files\Avira\AntiVir Desktop\sched.exe [2.10.2011 12:02 136360]
S3 SNP325;USB PC Camera (SNPSTD325);d:\windows\system32\DRIVERS\snp325.sys --> d:\windows\system32\DRIVERS\snp325.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ANTIVIRSCHEDULERSERVICE
*NewlyCreated* - ANTIVIRSERVICE
*NewlyCreated* - AVGIO
*NewlyCreated* - AVGNTFLT
*NewlyCreated* - AVIPBB
*NewlyCreated* - JAVAQUICKSTARTERSERVICE
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com?o=15510&l=dis
uInternet Connection Wizard,ShellNext = iexplore
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-MediaGet2 - d:\documents and settings\Petuleee\Local Settings\Data aplikací\MediaGet2\mediaget.exe
MSConfigStartUp-MediaGet2 - d:\documents and settings\Petuleee\Local Settings\Data aplikací\MediaGet2\mediaget.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-02 16:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(672)
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\sfc_os.dll
d:\windows\system32\COMRes.dll
d:\windows\system32\cscui.dll
d:\windows\system32\igfxsrvc.dll
d:\windows\system32\hccutils.DLL
.
- - - - - - - > 'lsass.exe'(728)
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\psbase.dll
.
- - - - - - - > 'explorer.exe'(3668)
d:\windows\system32\COMRes.dll
d:\windows\System32\cscui.dll
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\NETSHELL.dll
d:\windows\system32\credui.dll
d:\windows\system32\msi.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-10-02 16:54:08
ComboFix-quarantined-files.txt 2011-10-02 14:54
ComboFix2.txt 2011-10-02 08:27
.
Před spuštěním: Volných bajtů: 38 196 805 632
Po spuštění: Volných bajtů: 38 218 715 136
.
- - End Of File - - 924D64A9BBF86AB5652BE1757D0D81C6
ComboFix 11-10-02.01 - Petuleee 02.10.2011 16:41:52.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.510.309 [GMT 2:00]
Spuštěný z: d:\documents and settings\Petuleee\Plocha\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-02 do 2011-10-02 )))))))))))))))))))))))))))))))
.
.
2011-10-02 10:14 . 2011-10-02 10:14 -------- dc----w- d:\program files\Common Files\Java
2011-10-02 10:02 . 2011-10-02 10:02 -------- dc----w- d:\program files\Avira
2011-10-02 10:02 . 2011-10-02 10:02 -------- dc----w- d:\documents and settings\All Users\Data aplikací\Avira
2011-10-02 10:02 . 2011-07-20 09:30 61960 -c--a-w- d:\windows\system32\drivers\avgntflt.sys
2011-10-02 10:02 . 2011-07-20 09:30 137656 -c--a-w- d:\windows\system32\drivers\avipbb.sys
2011-10-02 10:02 . 2010-06-17 13:27 45416 -c--a-w- d:\windows\system32\drivers\avgntdd.sys
2011-10-02 10:02 . 2010-06-17 13:27 22360 -c--a-w- d:\windows\system32\drivers\avgntmgr.sys
2011-10-01 18:32 . 2011-10-01 18:32 -------- dc----w- d:\program files\trend micro
2011-10-01 18:32 . 2011-10-01 18:32 -------- dc----w- D:\rsit
2011-09-27 20:04 . 2011-09-27 20:04 -------- dcsh--w- d:\documents and settings\Petuleee\IECompatCache
2011-09-05 17:04 . 2011-09-05 17:04 183696 -c--a-w- d:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2011-09-03 10:17 . 2011-09-09 09:12 602112 -c----w- d:\windows\system32\dllcache\crypt32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-29 17:58 . 2011-08-22 09:54 404640 -c--a-w- d:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-09 09:12 . 2004-08-18 10:00 602112 -c--a-w- d:\windows\system32\crypt32.dll
2011-08-05 13:24 . 2011-08-05 13:24 232512 -c--a-w- d:\windows\system32\drivers\dtsoftbus01.sys
2011-07-15 13:29 . 2004-08-18 10:00 456320 -c--a-w- d:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02 . 2004-08-18 10:00 10496 -c--a-w- d:\windows\system32\drivers\ndistapi.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 03:21 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . d:\windows\NiwradSoft Shell Pack\Backup\comres.dll
[-] 2008-04-14 03:21 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . d:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 03:21 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . d:\windows\system32\comres.dll
[7] 2004-08-18 10:00 . B44F68274AB7B8A54E9AD74AFF0EFAAC . 806912 . . [2001.12.4414.258] . . d:\windows\$NtServicePackUninstall$\comres.dll
.
[7] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . d:\windows\system32\winlogon.exe
[7] 2004-08-18 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\winlogon.exe
.
[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . d:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . d:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . d:\windows\system32\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . d:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . d:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2004-08-18 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . d:\windows\$NtServicePackUninstall$\comctl32.dll
[7] 2004-08-18 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2004-08-18 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . d:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[7] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . d:\windows\system32\user32.dll
[7] 2004-08-18 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\user32.dll
.
[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . d:\windows\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . d:\windows\ServicePackFiles\i386\explorer.exe
[7] 2004-08-18 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . d:\windows\$NtServicePackUninstall$\explorer.exe
.
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . d:\windows\regedit.exe
[7] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\regedit.exe
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\regedit.exe
[7] 2004-08-18 . CB5A91928D94224E7E30EE277B45E8A3 . 147968 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\regedit.exe
.
[7] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . d:\windows\NiwradSoft Shell Pack\Backup\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . d:\windows\ServicePackFiles\i386\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . d:\windows\system32\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . d:\windows\system32\dllcache\ole32.dll
[7] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . d:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . 21F836AAB269FF644E0E708B794B0DF7 . 1287168 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB979687$\ole32.dll
[7] 2004-08-18 . 7FE54C063DDA8EF226846510852E6B1B . 1281024 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\ole32.dll
.
[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . d:\windows\system32\ctfmon.exe
[7] 2004-08-18 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\ctfmon.exe
.
[7] 2008-04-14 . ED18ADEE4AA21EB26977260152D7241A . 345088 . . [5.1.2600.5512] . . d:\windows\NiwradSoft Shell Pack\Backup\hnetcfg.dll
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . d:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . FDE84E2C6D0E1F75D61D7CC111A1DA5A . 369152 . . [5.1.2600.5512] . . d:\windows\system32\hnetcfg.dll
[7] 2004-08-18 . FAABA83BE47C5B15F620FAA53267A9B8 . 345088 . . [5.1.2600.2180] . . d:\windows\$NtServicePackUninstall$\hnetcfg.dll
.
[7] 2010-12-09 . 40D176442F70573DBA0E05A7E40D3EBB . 2071552 . . [5.1.2600.6055] . . d:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[7] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . d:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2010-12-09 . 4FE7B81BEDE8D37C9E3D95C99A56A34E . 2071552 . . [5.1.2600.6055] . . d:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . d:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . d:\windows\system32\ntkrnlpa.exe
[-] 2010-12-09 . 3E500054792EA59F7D79B888C67AB669 . 2232704 . . [5.1.2600.6055] . . d:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2010-04-28 . 2FA1EF498F026847CF276DF9099ABE79 . 2069120 . . [5.1.2600.5973] . . d:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[7] 2010-04-28 . E4D3DB21C20749B8776B3E2C4B880404 . 2068992 . . [5.1.2600.5973] . . d:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[7] 2010-02-17 . 7F87EDF3C7C626D336533D2580940A00 . 2065920 . . [5.1.2600.3670] . . d:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2010-02-17 . 7F87EDF3C7C626D336533D2580940A00 . 2065920 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntkrnlpa.exe
[7] 2010-02-16 . 27DE458FE1E1A618836ADB61873BC9E8 . 2060544 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . d:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntkrnlpa.exe
[7] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . d:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntkrnlpa.exe
[7] 2009-02-09 . 73A13AA10E146A3E2B4AC6D007953A74 . 2059904 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntkrnlpa.exe
[7] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . d:\windows\$NtUninstallKB979683_0$\ntkrnlpa.exe
[7] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntkrnlpa.exe
[7] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntkrnlpa.exe
[7] 2008-04-14 . 4DEE41C45E803DB91A72FD1BA69C05EE . 2067968 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2005-03-30 . C0F0AA25CC9AD2BD083656682012DD1D . 2059008 . . [5.1.2600.2643] . . d:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe
.
[7] 2010-10-18 . 72D1F43C4146D312B0DB6AB98C21340E . 634648 . . [7.00.6000.17093] . . d:\windows\SoftwareDistribution\Download\dd60fe5720881a53a69a138a26eaa4d9\sp3gdr\iexplore.exe
[7] 2010-10-18 . DA6E1F0F1932B62DD2F6ED05541C555C . 634648 . . [7.00.6000.21295] . . d:\windows\SoftwareDistribution\Download\dd60fe5720881a53a69a138a26eaa4d9\sp3qfe\iexplore.exe
[7] 2010-08-25 . E5412ED9E07C42C20C48D3FF71E6B1E8 . 634648 . . [7.00.6000.17091] . . d:\windows\ie8\iexplore.exe
[7] 2010-08-25 . F047BEB9771E45A05F425499A30F9BBA . 634648 . . [7.00.6000.21293] . . d:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\iexplore.exe
[7] 2010-04-16 . C4BA5E36FB57F547117305BF1E0FE454 . 634656 . . [7.00.6000.17055] . . d:\windows\ie7updates\KB2360131-IE7\iexplore.exe
[7] 2010-04-16 . C4BA5E36FB57F547117305BF1E0FE454 . 634656 . . [7.00.6000.17055] . . d:\windows\SoftwareDistribution\Download\d99e99d10cfba30ab13314ef40ddbe09\SP3GDR\iexplore.exe
[7] 2010-04-16 . B24A4E23A2FEDB6976EB04D334AD82B2 . 634648 . . [7.00.6000.21256] . . d:\windows\$hf_mig$\KB982381-IE7\SP3QFE\iexplore.exe
[7] 2010-04-16 . B24A4E23A2FEDB6976EB04D334AD82B2 . 634648 . . [7.00.6000.21256] . . d:\windows\SoftwareDistribution\Download\d99e99d10cfba30ab13314ef40ddbe09\SP3QFE\iexplore.exe
[7] 2009-03-08 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . d:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . d:\windows\ServicePackFiles\i386\iexplore.exe
[-] 2009-03-08 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . d:\windows\system32\dllcache\iexplore.exe
[7] 2007-08-13 . DE49B348A18369B4626FBA1D49B07FB4 . 622080 . . [7.00.5730.13] . . d:\windows\ie7updates\KB982381-IE7\iexplore.exe
[7] 2004-08-18 . 63E527C26AC3059EAD766C6C11746D07 . 93184 . . [6.00.2900.2180] . . d:\windows\ie7\iexplore.exe
.
[7] 2010-12-09 . 8D222D8EF9B1951296F822583A044542 . 2194944 . . [5.1.2600.6055] . . d:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[7] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . d:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2010-12-09 . B6C5D4CBB22EEF31FAFBB76C2C6F3D99 . 2194944 . . [5.1.2600.6055] . . d:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . d:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . d:\windows\system32\ntoskrnl.exe
[-] 2010-12-09 . 5C09C92D01E24786F1156E0512A488FF . 2356096 . . [5.1.2600.6055] . . d:\windows\system32\dllcache\ntoskrnl.exe
[7] 2010-04-28 . EF1542C4875CAA34484A7BCB998B6BC4 . 2192128 . . [5.1.2600.5973] . . d:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[7] 2010-04-28 . 91FE668957FF51A2DBCEE0D8637BA77E . 2192256 . . [5.1.2600.5973] . . d:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . d:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3GDR\ntoskrnl.exe
[7] 2010-02-16 . F24D47F956B2527F8771E38AFE750743 . 2183552 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2GDR\ntoskrnl.exe
[7] 2010-02-16 . AEDD2FE6BEC6FB4E3B25DB1E15C97560 . 2189056 . . [5.1.2600.3670] . . d:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2010-02-16 . AEDD2FE6BEC6FB4E3B25DB1E15C97560 . 2189056 . . [5.1.2600.3670] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP2QFE\ntoskrnl.exe
[7] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . d:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[7] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . d:\windows\SoftwareDistribution\Download\a05b4bd176175832ba9089ab55da70df\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3QFE\ntoskrnl.exe
[7] 2009-02-09 . DF530FCAD41349C92945DF52EBA9F3E4 . 2182656 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2GDR\ntoskrnl.exe
[7] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . d:\windows\$NtUninstallKB979683_0$\ntoskrnl.exe
[7] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP2QFE\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . d:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . d:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . d:\windows\SoftwareDistribution\Download\3600e56e45ad54d0df91c2e4c0249f5a\SP3GDR\ntoskrnl.exe
[7] 2008-04-14 . C1536014AC1CB1D5397E31D9735E6571 . 2191104 . . [5.1.2600.5512] . . d:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2005-03-30 . C749034F8482BDC1FB3AB567FE3E380F . 2181760 . . [5.1.2600.2643] . . d:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
.
((((((((((((((((((((((((((((( SnapShot@2011-10-02_08.18.47 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-02 10:14 . 2011-10-02 10:14 16384 d:\windows\Temp\Perflib_Perfdata_ef8.dat
+ 2011-10-02 10:02 . 2010-06-17 13:27 28520 d:\windows\system32\drivers\ssmdrv.sys
+ 2011-10-02 10:14 . 2011-05-04 02:52 157472 d:\windows\system32\javaws.exe
- 2011-04-19 19:37 . 2011-04-19 19:37 157472 d:\windows\system32\javaws.exe
+ 2011-10-02 10:14 . 2011-05-04 02:52 145184 d:\windows\system32\javaw.exe
- 2011-04-19 19:37 . 2011-04-19 19:37 145184 d:\windows\system32\javaw.exe
- 2011-04-19 19:37 . 2011-04-19 19:37 145184 d:\windows\system32\java.exe
+ 2011-10-02 10:14 . 2011-05-04 02:52 145184 d:\windows\system32\java.exe
- 2011-04-19 19:37 . 2011-04-19 19:37 472808 d:\windows\system32\deployJava1.dll
+ 2011-04-19 19:37 . 2011-05-04 02:52 472808 d:\windows\system32\deployJava1.dll
+ 2011-10-02 10:14 . 2011-10-02 10:14 203776 d:\windows\Installer\14bbb6.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seznam Postak"="d:\program files\Seznam.cz\postak.exe" [2010-10-07 488728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="d:\windows\system32\igfxtray.exe" [2006-05-25 155648]
"HotKeysCmds"="d:\windows\system32\hkcmd.exe" [2006-05-25 126976]
"BootSkin Startup Jobs"="d:\program files\Stardock\WinCustomize\BootSkin\BootSkin.exe" [2004-04-26 270336]
"LogonStudio"="d:\program files\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 987187]
"Adobe ARM"="d:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"avgnt"="d:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
.
d:\documents and settings\Petuleee\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 3.2.lnk - d:\program files\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="d:\windows\system32\logonuiX.exe"
.
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Aktualizovat ESET licenci.lnk]
path=d:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Aktualizovat ESET licenci.lnk
backup=d:\windows\pss\Aktualizovat ESET licenci.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 -c--a-w- d:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Documents and Settings\\Petuleee\\Local Settings\\Data aplikací\\Xenocode\\Sandbox\\LdR_Alcohol_r.exe\\2.0.1.1820\\2010.07.02T23.16\\Virtual\\STUBEXE\\8.0.1135\\@PROGRAMFILES@\\Alcohol Soft\\Alcohol 120\\StarWind\\StarWindServiceAE.exe"=
"d:\\Documents and Settings\\Petuleee\\Dokumenty\\Downloads\\Facemoods.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;d:\windows\system32\drivers\dtsoftbus01.sys [5.8.2011 15:24 232512]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;d:\program files\Avira\AntiVir Desktop\sched.exe [2.10.2011 12:02 136360]
S3 SNP325;USB PC Camera (SNPSTD325);d:\windows\system32\DRIVERS\snp325.sys --> d:\windows\system32\DRIVERS\snp325.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ANTIVIRSCHEDULERSERVICE
*NewlyCreated* - ANTIVIRSERVICE
*NewlyCreated* - AVGIO
*NewlyCreated* - AVGNTFLT
*NewlyCreated* - AVIPBB
*NewlyCreated* - JAVAQUICKSTARTERSERVICE
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://eu.ask.com?o=15510&l=dis
uInternet Connection Wizard,ShellNext = iexplore
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-MediaGet2 - d:\documents and settings\Petuleee\Local Settings\Data aplikací\MediaGet2\mediaget.exe
MSConfigStartUp-MediaGet2 - d:\documents and settings\Petuleee\Local Settings\Data aplikací\MediaGet2\mediaget.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-02 16:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(672)
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\sfc_os.dll
d:\windows\system32\COMRes.dll
d:\windows\system32\cscui.dll
d:\windows\system32\igfxsrvc.dll
d:\windows\system32\hccutils.DLL
.
- - - - - - - > 'lsass.exe'(728)
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\psbase.dll
.
- - - - - - - > 'explorer.exe'(3668)
d:\windows\system32\COMRes.dll
d:\windows\System32\cscui.dll
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\NETSHELL.dll
d:\windows\system32\credui.dll
d:\windows\system32\msi.dll
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-10-02 16:54:08
ComboFix-quarantined-files.txt 2011-10-02 14:54
ComboFix2.txt 2011-10-02 08:27
.
Před spuštěním: Volných bajtů: 38 196 805 632
Po spuštění: Volných bajtů: 38 218 715 136
.
- - End Of File - - 924D64A9BBF86AB5652BE1757D0D81C6
-
Rudy
- Site Admin
- Příspěvky: 119508
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Internetové připojení bylo ukončeno
Log již vypadá čistý. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Cheaterboy
- Návštěvník
- Příspěvky: 51
- Registrován: 09 dub 2008 20:47
Re: Internetové připojení bylo ukončeno
Vše již je v naprostém pořádku. Děkuji za pomoc
-
Rudy
- Site Admin
- Příspěvky: 119508
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Internetové připojení bylo ukončeno
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?