RunDLL sshnas21.dll

Zpráva

lukeec · #1 Příspěvek od **lukeec** » 09 úno 2010 18:36

Mam problem, pri spusteni PC se mi zobrazi hlaska:
RunDLL Při spučtění souboru C:\Windows\system32\sshnas21.dll doslo k problemu. Uvedeny modul nebyl nalezen.

A jeste pred tim nez se mi tam zacala zobrazovat mi AVG 9 Free nasel na tomto miste Trojky kun FakeAV.FT

Mam Win 7 32bit upgradovany z Win vista 32bit

Poradte prosim jak to mam odstranit

Unlimited_Killer

Pravděpodobně byl ten soubor nakažený a AVG ho smazal.

~~~

Random's System Information Tool

Stáhněte a uložte na Plochu RSIT.
Spusťte, nechte v rolovacím menu '1 month' a klikněte na 'Continue'.
Vyčkejte několik vteřin, než se vygeneruje log se jménem log.txt
Pokud nebude log vygenerován, naleznete jej v C:\rsit\log.txt
Obsah tohoto logu vložte do svého příspěvku.

~~~

ComboFix

Stáhněte a uložte na Plochu ComboFix.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Spusťte ho s administrátorským oprávněním.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'.
Budete také dotázáni na instalaci konzole pro zotavení, taktéž klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat.
Váš PC bude pravděpodobně restartován, tak se toho nelekněte.
Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu (či následném restartu) na Vás 'vypadne' log, který vkopírujete ve formě textu sem.
Pokud žádný log 'nevypadne', naleznete jej v umístění C:\ComboFix.txt

lukeec · #3 Příspěvek od **lukeec** » 09 úno 2010 21:29

A jak mam odstranit tu hlasku ktera mi vyskakuje pri spusteni PC ze mi chybi ten sshnas21.dll?

Unlimited_Killer

Vy se nedostane ani do systému?

crysis1962 · #5 Příspěvek od **crysis1962** » 09 úno 2010 22:46

Mám stejný problém !!

Logfile of random's system information tool 1.06 (written by random/random)
Run by Aleš at 2010-02-09 22:20:47
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 44 GB (41%) free of 106 GB
Total RAM: 2812 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:21:52, on 9.2.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\windows\system32\taskeng.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\Users\ALE~1\AppData\Local\Temp\Kwc.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\windows\System32\mobsync.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast4\ashLogV.exe
C:\Users\ALE~1\AppData\Local\Temp\Kwd.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Internet download manager\IDMan.exe
C:\Program Files\Internet download manager\IEMonitor.exe
C:\Dowloand\RSIT.exe
C:\Program Files\trend micro\Aleš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.t-zones.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.t-zones.cz
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.t-zones.cz
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet download manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LosAlamos] rundll32.exe C:\Users\ALE~1\AppData\Local\Temp\sshnas21.dll,AttachConsoleA
O4 - HKCU\..\Run: [F5JMWNZTHI] C:\Users\ALE~1\AppData\Local\Temp\Kwd.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet download manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Program Files\Internet download manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet download manager\IEGetAll.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos-be ... canner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\windows\runservice.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\windows\system32\rpcnet.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 9918 bytes

======Scheduled tasks folder======

C:\windows\tasks\HPCeeScheduleForAleš.job
C:\windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet download manager\IDMIECC.dll [2007-09-28 95664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
BHO_Startup Class - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2008-05-14 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
Credential Manager for HP ProtectTools - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2008-05-21 58128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"LosAlamos"=C:\Users\ALE~1\AppData\Local\Temp\sshnas21.dll [2010-02-08 175104]
"F5JMWNZTHI"=C:\Users\ALE~1\AppData\Local\Temp\Kwd.exe [2010-02-08 132608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\F5JMWNZTHI]
C:\Users\ALE~1\AppData\Local\Temp\Kwd.exe [2010-02-08 132608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-05-14 177456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2f207920-fbfe-11dd-b274-002186c5552e}]
shell\AutoRun\command - H:\cold\hott\±Ą¶ş˛ ¸ĄĽů˛Ż˛
shell\Explore\command - H:\cold\hott\±Ą¶ş˛ ¸ĄĽů˛Ż˛
shell\open\command - H:\cold\hott\±Ą¶ş˛ ¸ĄĽů˛Ż˛

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5b7881f-14bc-11de-9d71-002186c5552e}]
shell\AutoRun\command - G:\EXTRACTOR.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a5b78824-14bc-11de-9d71-002186c5552e}]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f39dab8e-a9ba-11de-99d3-002186c5552e}]
shell\AutoRun\command - G:\LaunchU3.exe -a

======File associations======

.js - edit - C:\windows\System32\Notepad.exe %1
.js - open - C:\windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-02-09 22:20:48 ----D---- C:\Program Files\trend micro
2010-02-09 22:20:47 ----D---- C:\rsit
2010-02-08 16:57:32 ----D---- C:\Program Files\Visual Tarot 2009
2010-02-08 00:02:55 ----A---- C:\windows\system32\tr98s2n61c.dll
2010-02-07 21:00:57 ----D---- C:\Program Files\Change7 Tarot
2010-02-05 21:25:26 ----D---- C:\Users\Aleš\AppData\Roaming\AnvSoft
2010-02-05 21:25:22 ----D---- C:\Program Files\AnvSoft
2010-02-03 00:47:06 ----D---- C:\Program Files\numerist
2010-01-23 21:59:13 ----A---- C:\windows\system32\mshtml.dll
2010-01-23 21:59:12 ----A---- C:\windows\system32\ieframe.dll
2010-01-23 21:59:11 ----A---- C:\windows\system32\iertutil.dll
2010-01-23 21:59:09 ----A---- C:\windows\system32\wininet.dll
2010-01-23 21:59:09 ----A---- C:\windows\system32\urlmon.dll
2010-01-23 21:59:08 ----A---- C:\windows\system32\occache.dll
2010-01-23 21:59:08 ----A---- C:\windows\system32\msfeeds.dll
2010-01-23 21:59:08 ----A---- C:\windows\system32\ieui.dll
2010-01-23 21:59:08 ----A---- C:\windows\system32\iedkcs32.dll
2010-01-23 21:59:07 ----A---- C:\windows\system32\msfeedssync.exe
2010-01-23 21:59:07 ----A---- C:\windows\system32\msfeedsbs.dll
2010-01-23 21:59:07 ----A---- C:\windows\system32\jsproxy.dll
2010-01-23 21:59:07 ----A---- C:\windows\system32\ieUnatt.exe
2010-01-23 21:59:07 ----A---- C:\windows\system32\iesysprep.dll
2010-01-23 21:59:07 ----A---- C:\windows\system32\iesetup.dll
2010-01-23 21:59:07 ----A---- C:\windows\system32\iernonce.dll
2010-01-23 21:59:07 ----A---- C:\windows\system32\iepeers.dll
2010-01-23 21:59:07 ----A---- C:\windows\system32\ie4uinit.exe
2010-01-13 20:45:05 ----A---- C:\windows\system32\t2embed.dll
2010-01-13 20:45:05 ----A---- C:\windows\system32\fontsub.dll

======List of files/folders modified in the last 1 months======

2010-02-09 22:21:01 ----D---- C:\windows\Temp
2010-02-09 22:20:48 ----RD---- C:\Program Files
2010-02-09 22:20:38 ----D---- C:\Dowloand
2010-02-09 22:20:29 ----D---- C:\Users\Aleš\AppData\Roaming\IDM
2010-02-09 22:20:28 ----D---- C:\Users\Aleš\AppData\Roaming\DMCache
2010-02-09 22:09:49 ----D---- C:\windows\system32\Tasks
2010-02-09 22:09:48 ----D---- C:\windows\Tasks
2010-02-09 21:38:31 ----D---- C:\windows\System32
2010-02-09 21:38:31 ----A---- C:\windows\system32\PerfStringBackup.INI
2010-02-09 21:38:30 ----D---- C:\windows\inf
2010-02-09 21:32:09 ----A---- C:\windows\system32\rpcnetp.exe
2010-02-09 21:32:06 ----A---- C:\windows\system32\rpcnet.dll
2010-02-09 21:32:05 ----D---- C:\ProgramData\hpqLog
2010-02-09 21:31:27 ----D---- C:\windows\system32\Msdtc
2010-02-09 21:31:24 ----D---- C:\windows\system32\wbem
2010-02-09 21:31:24 ----D---- C:\Windows
2010-02-09 21:30:18 ----D---- C:\windows\system32\config
2010-02-09 21:30:07 ----D---- C:\windows\system32\spool
2010-02-09 21:30:07 ----D---- C:\windows\system32\catroot2
2010-02-09 21:30:07 ----D---- C:\Users\Aleš\AppData\Roaming\uTorrent
2010-02-09 21:30:07 ----D---- C:\Users\Aleš\AppData\Roaming\IrfanView
2010-02-09 21:30:07 ----D---- C:\Users\Aleš\AppData\Roaming\GHISLER
2010-02-09 21:30:06 ----D---- C:\windows\registration
2010-02-09 21:28:21 ----SHD---- C:\System Volume Information
2010-02-09 21:02:35 ----D---- C:\windows\tracing
2010-02-08 17:02:52 ----D---- C:\windows\AppPatch
2010-02-08 14:54:19 ----D---- C:\Users\Aleš\AppData\Roaming\Skype
2010-02-08 13:59:36 ----D---- C:\Users\Aleš\AppData\Roaming\skypePM
2010-02-08 00:04:27 ----SHD---- C:\windows\Installer
2010-02-03 19:55:34 ----D---- C:\Program Files\ATI
2010-02-03 18:14:24 ----D---- C:\windows\winsxs
2010-01-30 22:43:18 ----D---- C:\Program Files\Common Files\Nero
2010-01-30 22:41:41 ----D---- C:\ProgramData\Nero
2010-01-30 21:38:14 ----A---- C:\fftrlog.txt
2010-01-30 21:38:12 ----A---- C:\windows\J_A_D.ini
2010-01-27 21:15:56 ----D---- C:\Program Files\Internet Explorer
2010-01-27 20:53:08 ----D---- C:\windows\system32\catroot
2010-01-26 18:45:55 ----SD---- C:\Users\Aleš\AppData\Roaming\Microsoft
2010-01-24 22:12:40 ----D---- C:\windows\system32\migration
2010-01-14 11:12:06 ----N---- C:\windows\system32\MpSigStub.exe
2010-01-13 22:59:44 ----D---- C:\Program Files\Windows Mail
2010-01-10 22:45:08 ----D---- C:\Westwood
2010-01-10 20:59:23 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\windows\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2008-05-30 12496]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-25 53328]
R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2009-06-15 279712]
R2 Ethpdrv;Ethernet Packet Driver; C:\windows\system32\DRIVERS\ethpdrv.sys [2007-08-01 16376]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2009-06-15 25888]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2008-08-07 34608]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\ADIHdAud.sys [2008-04-11 382464]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2008-11-21 1204128]
R3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-11-04 5079040]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl6.sys [2008-03-21 1207288]
R3 BthEnum;Služba Bluetooth Enumerator; C:\windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2008-05-28 80424]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\drivers\btwavdt.sys [2008-05-28 81960]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2008-05-28 16168]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 HBtnKey;HBtnKey; C:\windows\system32\DRIVERS\cpqbttn.sys [2008-04-14 9344]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-19 16768]
R3 Pcouffin;Low level access layer for CD devices; C:\windows\System32\Drivers\Pcouffin.sys [2009-04-27 47360]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-03-27 1810992]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\windows\system32\DRIVERS\yk60x86.sys [2008-12-09 311808]
S3 awj13djc;awj13djc; C:\windows\system32\drivers\awj13djc.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\windows\system32\drivers\errdev.sys [2008-01-21 6656]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 IpwP;IPWireless 3G Network Adapter; C:\windows\system32\DRIVERS\ipw3gnet.sys [2008-03-27 51040]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2008-01-21 45624]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 accoca;ActivClient Middleware Service; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [2007-05-16 182576]
R2 AEADIFilters;Andrea ADI Filters Service; C:\windows\system32\AEADISRV.EXE [2007-10-19 86016]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2009-11-04 172032]
R2 ASBroker;Logon Session Broker; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 ASChannel;Local Communication Channel; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [2008-06-02 18944]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2008-05-30 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2008-05-14 77824]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2008-08-07 24880]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 LicCtrlService;LicCtrl Service; C:\windows\runservice.exe [2009-04-04 2560]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-01-21 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\windows\system32\svchost.exe [2008-01-21 21504]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\windows\system32\rpcnet.exe [2009-06-05 56680]
R2 ScsiAccess;ScsiAccess; C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe [2009-09-12 181312]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2009-11-17 1021256]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\windows\system32\svchost.exe [2008-01-21 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-04-16 165192]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\windows\system32\svchost.exe [2008-01-21 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2009-12-14 435016]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

Unlimited_Killer

Založte si nový topic, takhle je v tom zmatek!

lukeec · #7 Příspěvek od **lukeec** » 10 úno 2010 14:50

No do systemu se dostanu ale stve me jak se to tam porad zobrazuje pri startu.

Unlimited_Killer

Tak udělejte uvedený postup, ať můžeme pokračovat, samozřejmě tento problém vyřešíme.

lukeec · #9 Příspěvek od **lukeec** » 10 úno 2010 16:35

Diky a jaky postup?

Unlimited_Killer

Můj druhý příspěvek...

~~~

Random's System Information Tool

Stáhněte a uložte na Plochu RSIT.
Spusťte, nechte v rolovacím menu '1 month' a klikněte na 'Continue'.
Vyčkejte několik vteřin, než se vygeneruje log se jménem log.txt
Pokud nebude log vygenerován, naleznete jej v C:\rsit\log.txt
Obsah tohoto logu vložte do svého příspěvku.

~~~

ComboFix

Stáhněte a uložte na Plochu ComboFix.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Spusťte ho s administrátorským oprávněním.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'.
Budete také dotázáni na instalaci konzole pro zotavení, taktéž klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat.
Váš PC bude pravděpodobně restartován, tak se toho nelekněte.
Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu (či následném restartu) na Vás 'vypadne' log, který vkopírujete ve formě textu sem.
Pokud žádný log 'nevypadne', naleznete jej v umístění C:\ComboFix.txt

lukeec · #11 Příspěvek od **lukeec** » 10 úno 2010 19:28

Tady davam log z combofixu:

ComboFix 10-02-09.04 - lukeec 10.02.2010 19:14:03.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3037.2352 [GMT 1:00]
Spuštěný z: c:\users\lukeec\Desktop\ComboFix.exe
AV: Eset NOD32 Antivirus 2.70 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je vypnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Dealio Toolbar
c:\program files\Dealio Toolbar\FF\components\config.ini
c:\program files\Dealio Toolbar\FF\components\dealioToolbarFF.dll
c:\program files\Dealio Toolbar\FF\components\IFBHOHelperWidgiToolbar.xpt
c:\program files\Dealio Toolbar\FF\components\IFBHOWidgiToolbar.xpt
c:\program files\Dealio Toolbar\FF\chrome.manifest
c:\program files\Dealio Toolbar\FF\chrome\content\chevron.js
c:\program files\Dealio Toolbar\FF\chrome\content\chevron.xul
c:\program files\Dealio Toolbar\FF\chrome\content\login.js
c:\program files\Dealio Toolbar\FF\chrome\content\login.xul
c:\program files\Dealio Toolbar\FF\chrome\content\parser.js
c:\program files\Dealio Toolbar\FF\chrome\content\RssTickerWidget.js
c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.js
c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.xul
c:\program files\Dealio Toolbar\FF\chrome\content\widgicomm.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgihandling.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgichevron.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgilisteners.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.xul
c:\program files\Dealio Toolbar\FF\chrome\content\widgiui.js
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\searchbox.dtd
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\yahoo-search.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\amazon.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\apple.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\barnes.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\bestbuy.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\ebay.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\chevron.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\icon_settings.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\macys.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\newegg.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\overstock.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-button-hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-button.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron-hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_amazon.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_dealio.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_ebay.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_yahoo.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\searchbox.css
c:\program files\Dealio Toolbar\FF\chrome\skin\separator.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\target.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\walmart.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\widgitoolbarplugin.css
c:\program files\Dealio Toolbar\FF\install.rdf
c:\program files\Dealio Toolbar\IE\4.0.2\config.ini
c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
c:\program files\Dealio Toolbar\Res\amazon.gif
c:\program files\Dealio Toolbar\Res\apple.gif
c:\program files\Dealio Toolbar\Res\barnes.gif
c:\program files\Dealio Toolbar\Res\bestbuy.gif
c:\program files\Dealio Toolbar\Res\dealio_logo.gif
c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\Res\ebay.gif
c:\program files\Dealio Toolbar\Res\icon_settings.gif
c:\program files\Dealio Toolbar\Res\macys.gif
c:\program files\Dealio Toolbar\Res\newegg.gif
c:\program files\Dealio Toolbar\Res\overstock.gif
c:\program files\Dealio Toolbar\Res\search-button-hover.gif
c:\program files\Dealio Toolbar\Res\search-button.gif
c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files\Dealio Toolbar\Res\search-chevron.gif
c:\program files\Dealio Toolbar\Res\search_amazon.gif
c:\program files\Dealio Toolbar\Res\search_dealio.gif
c:\program files\Dealio Toolbar\Res\search_ebay.gif
c:\program files\Dealio Toolbar\Res\search_yahoo.gif
c:\program files\Dealio Toolbar\Res\target.gif
c:\program files\Dealio Toolbar\Res\walmart.gif
c:\program files\Dealio Toolbar\Res\widgets.xml
c:\program files\Dealio Toolbar\WidgiHelper.exe
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL
c:\program files\MyWebSearch\bar\1.bin\M3DLGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\Search Settings
c:\program files\Search Settings\FF\components\IFBHOSearch.xpt
c:\program files\Search Settings\FF\components\IFBHOSearchHelperEngine.xpt
c:\program files\Search Settings\FF\components\IFHelperPreferences.xpt
c:\program files\Search Settings\FF\components\SearchSettingsFF.dll
c:\program files\Search Settings\FF\chrome.manifest
c:\program files\Search Settings\FF\chrome\content\plugin.js
c:\program files\Search Settings\FF\chrome\content\plugin.xul
c:\program files\Search Settings\FF\chrome\content\protection.js
c:\program files\Search Settings\FF\chrome\content\utils.js
c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.dtd
c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.properties
c:\program files\Search Settings\FF\install.rdf
c:\program files\Search Settings\SearchSettings.dll
c:\program files\Search Settings\SearchSettings.exe
c:\program files\Search Settings\SearchSettingsRes409.dll
c:\users\lukeec\AppData\Roaming\inst.exe
c:\windows\msvrc20.dll
c:\windows\system32\f3PSSavr.scr
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-10 do 2010-02-10 )))))))))))))))))))))))))))))))
.

2010-02-10 18:20 . 2010-02-10 18:20 -------- d-----w- c:\users\lukeec\AppData\Local\temp
2010-02-10 18:20 . 2010-02-10 18:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-10 14:58 . 2010-02-10 14:58 -------- d-----w- c:\users\lukeec\AppData\Roaming\Leadertech
2010-02-10 14:43 . 2010-02-10 14:43 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-09 18:13 . 2010-02-09 18:01 298104 ----a-w- c:\windows\system32\imon.dll
2010-02-09 18:13 . 2010-02-09 18:01 512096 ----a-w- c:\windows\system32\drivers\amon.sys
2010-02-09 18:13 . 2010-02-09 18:01 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys
2010-02-09 14:36 . 2010-02-10 17:33 -------- d-----w- c:\program files\trend micro
2010-02-09 14:36 . 2010-02-09 14:36 -------- d-----w- C:\rsit
2010-02-07 11:01 . 2010-02-07 11:01 -------- d-----w- c:\users\lukeec\AppData\Local\PunkBuster
2010-02-07 10:48 . 2010-02-07 11:11 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-02-07 10:48 . 2010-02-07 11:18 215128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-02-07 10:48 . 2010-02-07 10:48 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-02-07 10:48 . 2010-02-07 10:48 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe
2010-02-06 22:20 . 2010-02-06 22:20 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-06 16:44 . 2010-02-06 16:44 -------- d-----w- c:\windows\AC54E5443E42443CA91DA00A6974C592.TMP
2010-02-06 09:41 . 2010-02-06 09:41 -------- d-----w- c:\program files\Common Files\Windows Live
2010-02-03 18:28 . 2010-02-03 18:28 -------- d-----w- c:\users\lukeec\AppData\Local\BC
2010-02-03 18:28 . 2010-02-03 18:28 -------- d-----w- c:\programdata\BC
2010-01-27 06:01 . 2009-10-31 05:45 2614272 ----a-w- c:\windows\explorer.exe
2010-01-27 06:01 . 2009-10-28 06:17 285696 ----a-w- c:\windows\system32\winlogon.exe
2010-01-24 10:30 . 2010-02-06 09:20 -------- d-----w- c:\programdata\Codemasters
2010-01-24 09:40 . 2010-01-24 09:40 -------- d-----w- c:\program files\ESET
2010-01-23 18:59 . 2008-03-03 13:25 5702 ---ha-w- c:\windows\nod32restoretemdono.reg
2010-01-23 09:39 . 2010-01-24 10:40 -------- d-----w- c:\program files\Moon Valley Software
2010-01-22 16:59 . 2009-12-19 09:02 977920 ----a-w- c:\windows\system32\wininet.dll
2010-01-21 15:00 . 2010-01-21 15:00 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2010-01-20 15:04 . 2010-01-20 15:04 -------- d-----w- c:\programdata\Solidshield
2010-01-18 16:00 . 2010-01-18 16:00 -------- d-----w- c:\users\lukeec\AppData\Local\AOL
2010-01-15 20:34 . 2010-01-15 20:35 -------- d-----w- c:\users\lukeec\AppData\Local\NFS Underground 2
2010-01-13 14:15 . 2010-01-13 14:15 -------- d-----w- c:\program files\Common Files\Microsoft Games
2010-01-13 09:06 . 2009-10-19 14:10 108544 ----a-w- c:\windows\system32\t2embed.dll
2010-01-13 09:06 . 2009-10-19 14:10 70656 ----a-w- c:\windows\system32\fontsub.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-10 17:07 . 2009-11-18 16:41 -------- d-----w- c:\users\lukeec\AppData\Roaming\ICQ
2010-02-10 14:42 . 2009-07-14 08:44 622660 ----a-w- c:\windows\system32\perfh005.dat
2010-02-10 14:42 . 2009-07-14 08:44 118810 ----a-w- c:\windows\system32\perfc005.dat
2010-02-10 14:07 . 2009-11-18 15:58 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-10 13:58 . 2009-12-02 15:50 -------- d-----w- c:\users\lukeec\AppData\Roaming\Skype
2010-02-10 13:46 . 2009-12-02 15:54 -------- d-----w- c:\users\lukeec\AppData\Roaming\skypePM
2010-02-09 20:56 . 2009-11-26 20:48 -------- d-----w- c:\program files\AGEIA Technologies
2010-02-09 18:12 . 2009-11-18 17:25 -------- d-----w- c:\programdata\avg9
2010-02-07 10:48 . 2010-02-07 10:48 138056 ----a-w- c:\users\lukeec\AppData\Roaming\PnkBstrK.sys
2010-02-06 16:44 . 2009-11-26 20:48 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-24 10:27 . 2009-12-12 11:35 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-01-24 10:27 . 2009-12-12 11:35 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-01-24 10:27 . 2009-12-12 11:35 -------- d-----w- c:\program files\OpenAL
2010-01-19 05:50 . 2009-11-18 16:42 -------- d-----w- c:\program files\ICQ6Toolbar
2010-01-18 16:00 . 2009-11-18 16:42 -------- d-----w- c:\programdata\ICQ
2010-01-13 15:07 . 2009-07-14 04:52 -------- d-----w- c:\program files\Microsoft Games
2010-01-10 19:38 . 2010-01-10 18:29 -------- d-----w- c:\users\lukeec\AppData\Roaming\Nero
2010-01-10 18:29 . 2010-01-10 18:28 -------- d-----w- c:\program files\Common Files\Nero
2010-01-10 18:28 . 2010-01-10 18:28 -------- d-----w- c:\programdata\Nero
2010-01-10 13:39 . 2010-01-10 13:39 -------- d-----w- c:\program files\Common Files\INCA Shared
2010-01-09 17:17 . 2010-01-09 17:17 -------- d-----w- c:\program files\WEBZEN
2010-01-08 22:01 . 2009-12-06 18:07 -------- d-----w- c:\users\lukeec\AppData\Roaming\Vso
2010-01-08 22:01 . 2010-01-08 21:45 94208 ----a-w- c:\users\lukeec\AppData\Roaming\ezplay.sys
2010-01-08 22:01 . 2009-12-06 18:07 47360 ----a-w- c:\users\lukeec\AppData\Roaming\pcouffin.sys
2010-01-08 21:45 . 2010-01-08 21:45 94208 ----a-w- c:\windows\system32\drivers\ezplay.sys
2010-01-07 20:51 . 2010-01-07 20:52 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-07 20:51 . 2010-01-07 20:51 -------- d-----w- c:\program files\Java
2010-01-01 11:46 . 2010-01-01 11:46 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2009-12-31 12:33 . 2009-11-18 16:19 -------- d-----w- c:\programdata\NVIDIA
2009-12-31 12:21 . 2009-12-31 12:19 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-31 11:30 . 2009-12-31 11:29 -------- d-----w- c:\programdata\PCPitstop
2009-12-30 12:57 . 2009-11-18 15:58 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-29 22:45 . 2009-12-29 22:45 -------- d-----w- c:\programdata\Electronic Arts
2009-12-26 19:42 . 2009-12-26 19:42 -------- d-----w- c:\programdata\Apple Computer
2009-12-26 19:41 . 2009-12-26 19:41 -------- d-----w- c:\program files\Common Files\Apple
2009-12-26 19:41 . 2009-12-26 19:41 -------- d-----w- c:\programdata\Apple
2009-12-26 19:41 . 2009-12-26 19:41 -------- d-----w- c:\program files\Apple Software Update
2009-12-24 13:59 . 2009-12-24 13:59 -------- d-----w- c:\users\lukeec\AppData\Roaming\Touchstone
2009-12-23 20:36 . 2009-12-23 20:36 -------- d-----w- c:\programdata\vsosdk
2009-12-23 12:18 . 2009-12-23 12:18 -------- d-----w- c:\program files\WMV9_VCM
2009-12-22 19:14 . 2009-12-22 19:14 -------- d-----w- c:\program files\Application Updater
2009-12-22 19:00 . 2009-12-06 18:07 -------- d-----w- c:\program files\VSO
2009-12-14 15:48 . 2009-12-14 15:48 -------- d-----w- c:\users\lukeec\AppData\Roaming\Ashampoo
2009-12-13 15:06 . 2009-12-13 14:46 -------- d-----w- c:\program files\Common Files\Steam
2009-12-12 19:50 . 2009-11-18 15:56 61736 ----a-w- c:\users\lukeec\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-06 18:07 . 2009-12-06 18:07 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-12-02 15:54 . 2009-12-02 15:54 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-26 20:49 . 2009-11-26 20:49 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-11-26 20:48 . 2009-11-26 20:48 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-11-24 14:27 . 2010-01-09 17:17 53616 ----a-w- c:\windows\system32\CMStarter_Eng.dll
2009-11-24 14:27 . 2010-01-09 17:17 53616 ----a-w- c:\windows\system32\CMStarter_Kor.dll
2009-11-24 14:27 . 2010-01-09 17:17 364912 ----a-w- c:\windows\system32\CMStarterCore.exe
2009-11-20 19:33 . 2009-11-20 19:33 87144 ----a-w- c:\windows\system32\nvhotkey.dll
2009-11-20 19:33 . 2009-11-20 19:33 812648 ----a-w- c:\windows\system32\nvsvc.dll
2009-11-20 19:33 . 2009-11-20 19:33 66664 ----a-w- c:\windows\system32\nvshext.dll
2009-11-20 19:33 . 2009-11-20 19:33 1323624 ----a-w- c:\windows\system32\nvsvcr.dll
2009-11-20 19:33 . 2009-11-20 19:33 12685928 ----a-w- c:\windows\system32\nvcpl.dll
2009-11-20 19:33 . 2009-11-20 19:33 122984 ----a-w- c:\windows\system32\nvvsvc.exe
2009-11-20 19:33 . 2009-11-20 19:33 110184 ----a-w- c:\windows\system32\nvmctray.dll
2009-11-19 20:42 . 2009-11-18 16:02 592488 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-11-19 14:24 . 2009-11-19 14:24 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-13 08:47 . 2009-11-13 08:47 58368 ----a-w- c:\windows\system32\drivers\L1C62x86.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-18 11:58 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
2009-07-02 09:18 2215960 ----a-w- c:\program files\BS_Player\tbBS_P.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-07-02 2215960]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}"= "c:\program files\BS_Player\tbBS_P.dll" [2009-07-02 2215960]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]

[HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RGSC"="c:\hry\GTA IV\Rockstar Games Social Club\RGSCLauncher.exe" [2010-02-10 306088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2009-07-02 482360]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-03-05 805384]
"QuickTime Task"="c:\programy\quickgimd\QTTask.exe" [2009-09-05 417792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-07 149280]
"nod32kui"="c:\programy\NOD\nod32kui.exe" [2010-02-09 949376]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2009-07-27 02:37 180224 ----a-w- c:\programy\PowerISO\PWRISOVM.EXE

R1 nod32drv;nod32drv;c:\windows\System32\drivers\nod32drv.sys [9.2.2010 19:13 15424]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\System32\drivers\vwififlt.sys [14.7.2009 0:52 48128]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [16.12.2009 17:38 375296]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [18.1.2010 17:01 246520]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\System32\drivers\L1C62x86.sys [13.11.2009 9:47 58368]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\System32\drivers\NETw5s32.sys [15.9.2009 19:40 6114816]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\System32\drivers\vwifimp.sys [14.7.2009 0:52 14336]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [19.11.2009 15:24 691696]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\System32\drivers\netw5v32.sys [10.6.2009 22:18 4231168]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: &Search - http://edits.mywebsearch.com/toolbaredi ... p=ZNman000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\programy\icq\ICQ7.0\ICQ.exe
LSP: c:\windows\system32\imon.dll
FF - ProfilePath - c:\users\lukeec\AppData\Roaming\Mozilla\Firefox\Profiles\ae5zpljk.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://btjunkie.org/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.0&q=
FF - component: c:\programy\mozila\components\xpinstal.dll

---- NASTAVENÍ FIREFOXU ----
c:\programy\mozila\greprefs\all.js - pref("ui.allow_platform_file_picker", true);
c:\programy\mozila\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\programy\mozila\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\programy\mozila\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\programy\mozila\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\programy\mozila\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
c:\programy\mozila\defaults\pref\firefox.js - pref("signon.prefillForms", true);
c:\programy\mozila\defaults\pref\firefox.js - pref("browser.safebrowsing.enabled", false);
c:\programy\mozila\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false);
c:\programy\mozila\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/updat ... oz:version}&");
c:\programy\mozila\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/looku ... oz:version}&");
c:\programy\mozila\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - c:\program files\Search Settings\SearchSettings.dll
BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
BHO-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - c:\program files\Search Settings\SearchSettings.dll
Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
HKLM-Run-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL
HKLM-Run-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
HKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-02-10 19:26:51
ComboFix-quarantined-files.txt 2010-02-10 18:26

Před spuštěním: Volných bajtů: 54 303 637 504
Po spuštění: Volných bajtů: 53 995 184 128

- - End Of File - - AEC7D8EDD080300C8CE526918BA6F204

#12 Příspěvek od **motji** » 11 úno 2010 22:59

Dobrý večer, záskok za kolegu

Gamemon používáte?

Odinstalujte Asktoolbar

Odinstalujte ten nelegální Nod

Podle pravidel fóra se zde nelegálním softwarem nezabýváme,
Obstarejte si legální zabezpečení PC, pak zde vložte log z RSITU a budeme pokračovat

Vyberte si třeba free Avast nebo Aviru a nějaký firewall viewtopic.php?f=29&t=6152 + viewtopic.php?f=41&t=6523.

VIRY.CZ

RunDLL sshnas21.dll

RunDLL sshnas21.dll

Re: RunDLL sshnas21.dll

Re: RunDLL sshnas21.dll

Re: RunDLL sshnas21.dll

Re: RunDLL sshnas21.dll

Re: RunDLL sshnas21.dll

Re: RunDLL sshnas21.dll

Re: RunDLL sshnas21.dll

Re: RunDLL sshnas21.dll

Re: RunDLL sshnas21.dll

Re: RunDLL sshnas21.dll

Re: RunDLL sshnas21.dll